urlscan.io logo urlscan.io
SecurityTrails logo

www.pantherafinance.com.au Open in urlscan Pro
13.107.246.31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.pantherafinance.com.au/
Effective URL: https://www.pantherafinance.com.au/
Submission: On July 09 via manual from IN — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 13.107.246.31, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.pantherafinance.com.au.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on July 1st 2024. Valid for: 6 months.
This is the only time www.pantherafinance.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 13.107.246.31 8075 (MICROSOFT...)
8 18.67.93.14 16509 (AMAZON-02)
1 40.126.228.86 8075 (MICROSOFT...)
3 20.213.196.212 8075 (MICROSOFT...)
2 18.65.244.104 16509 (AMAZON-02)
1 20.60.73.234 8075 (MICROSOFT...)
25 6
10    13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.pantherafinance.com.au
8    18.67.93.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-14.syd62.r.cloudfront.net
go.yabbr.io
1    40.126.228.86 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api.pantherafinance.com.au
3    20.213.196.212 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    18.65.244.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-104.syd3.r.cloudfront.net
api.yabbr.io
1    20.60.73.234 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aueprodpublicassets.blob.core.windows.net
Domain Requested by
10 www.pantherafinance.com.au www.pantherafinance.com.au
8 go.yabbr.io www.pantherafinance.com.au
go.yabbr.io
3 dc.services.visualstudio.com www.pantherafinance.com.au
2 api.yabbr.io go.yabbr.io
1 aueprodpublicassets.blob.core.windows.net
1 api.pantherafinance.com.au www.pantherafinance.com.au
25 6

This site contains links to these domains. Also see Links.

Domain
ndh.org.au
au.linkedin.com
pantherafinancegroup.com
Subject Issuer Validity Valid
www.pantherafinance.com.au
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-07-01 -
2025-01-01		 6 months crt.sh
yabbr.io
Amazon RSA 2048 M03		 2023-09-17 -
2024-10-15		 a year crt.sh
api.pantherafinance.com.au
Go Daddy Secure Certificate Authority - G2		 2024-07-01 -
2025-07-01		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-24 -
2025-06-19		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-04-12 -
2025-04-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.pantherafinance.com.au/
Frame ID: 3473DB0DE117029FE0A3C99DF050823F
Requests: 14 HTTP requests in this frame

Frame: https://go.yabbr.io/js/app-bundle.js
Frame ID: D8B8886C8FFA9D66686B7DE065141484
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Panthera Finance

Page URL History Show full URLs

  1. http://www.pantherafinance.com.au/ HTTP 307
    https://www.pantherafinance.com.au/ Page URL

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

2518 kB
Transfer

7910 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.pantherafinance.com.au/ HTTP 307
    https://www.pantherafinance.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.pantherafinance.com.au/
Redirect Chain
  • http://www.pantherafinance.com.au/
  • https://www.pantherafinance.com.au/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68071df097f76f622c806776a55e6eff60ed01aa43d70f885435761a950bfbc4
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
content-type
text/html
date
Tue, 09 Jul 2024 01:08:38 GMT
etag
W/"0x8DC9A2FF26EBB73"
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-azure-ref
20240709T010838Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nwd9
x-cache
TCP_HIT
x-cache-info
L1_T2
x-content-type-options
nosniff
x-fd-int-roxy-purgeid
0
x-frame-options
SAMEORIGIN
x-ms-request-id
b9e6eae9-701e-003c-5cf2-cf7862000000
x-ms-version
2018-03-28
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.pantherafinance.com.au/
Non-Authoritative-Reason
HttpsUpgrades
main.fd90580f.js
www.pantherafinance.com.au/static/js/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pantherafinance.com.au/static/js/main.fd90580f.js
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c81da9428a2fccfb3bbc869ff93ff103d3e0b2c9fc7e036039452fe4d1ae9e6b
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
etag
W/"0x8DC9A2FF28FFA2B"
vary
Accept-Encoding
x-azure-ref
20240709T010839Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nwdf
content-type
application/x-javascript
x-frame-options
SAMEORIGIN
x-ms-request-id
2b835032-301e-003d-3aec-cf27be000000
x-ms-version
2018-03-28
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
main.71f683e6.css
www.pantherafinance.com.au/static/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pantherafinance.com.au/static/css/main.71f683e6.css
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
592ec7606b24fb2cfc25d7ffe6fe577ed96d212c2fd7addbfb7210926952a697
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
64419137
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
etag
W/"0x8DC9A2FF27EE5B2"
vary
Accept-Encoding
x-azure-ref
20240709T010839Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nwdd
content-type
text/css
x-frame-options
SAMEORIGIN
x-ms-request-id
fad1059a-701e-003c-3147-d07862000000
x-ms-version
2018-03-28
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
config.js
www.pantherafinance.com.au/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pantherafinance.com.au/config.js
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29ce3fa5cfe205fa68d7e5cb64bf1f0ed9b06b182dc74a88e03c05f6731fdf58
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-permitted-cross-domain-policies
none
content-md5
iv5qVm4a1sqWkG3yqzE3fg==
x-cache
CONFIG_NOCACHE
content-length
1146
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
etag
"0x8DC9A2FF26EBB73"
x-azure-ref
20240709T010839Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nwde
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-ms-request-id
27deb6f2-e01e-0001-119c-d10e79000000
x-ms-version
2018-03-28
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
loader.js
go.yabbr.io/ 		563 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.yabbr.io/loader.js
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
Yabbr /
Resource Hash
359a2738dabe6d8af26ec9f28a1254309f852aa5c95ff01377a0e7210d95ff44
Security Headers
Name Value
Content-Security-Policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://go.yabbr.io https://yabbr.chat https://www.google.com/recaptcha/ https://www.googletagmanager.com/gtag/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
moF5CDKKj42D13Sxr8n7D4bYIGsgrYqf
content-security-policy
default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://go.yabbr.io https://yabbr.chat https://www.google.com/recaptcha/ https://www.googletagmanager.com/gtag/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
date
Tue, 09 Jul 2024 01:08:40 GMT
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
563
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 21 Jun 2022 00:53:05 GMT
server
Yabbr
etag
"879a87472176fc06d3cd02eef4fcf473"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
x-amz-cf-id
0pOsF65vXo5RDfFEMpoaA8YyztO-LKZdzehXugnNlhn02B0jxPQL2w==
app-bundle.js
go.yabbr.io/js/ Frame D8B8 		3 MB
670 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.yabbr.io/js/app-bundle.js
Requested by
Host: go.yabbr.io
URL: https://go.yabbr.io/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
Yabbr /
Resource Hash
e559996c4d44063e88f113ad177efab007dc88977757ea23e91bb7d3591c4fd9
Security Headers
Name Value
Content-Security-Policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://go.yabbr.io https://yabbr.chat https://www.google.com/recaptcha/ https://www.googletagmanager.com/gtag/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
LPVdTk5U8XIYAEd0V014p22_3jyfM6Q2
content-security-policy
default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://go.yabbr.io https://yabbr.chat https://www.google.com/recaptcha/ https://www.googletagmanager.com/gtag/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 01:08:40 GMT
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Fri, 05 Jul 2024 06:13:10 GMT
server
Yabbr
etag
W/"a19c301750c9830bd9142d5ac0c9185d"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
wsKiJYWhQXWV8XevDjhYw7AWx-NNw53G_wiqdV_g8_Fin8Gakq4XUA==
RedHatDisplay-Bold.c82c67d4daf3d528526a.woff2
www.pantherafinance.com.au/static/media/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pantherafinance.com.au/static/media/RedHatDisplay-Bold.c82c67d4daf3d528526a.woff2
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f9d2459930345ee736b718f6e7534e304123a6a6240fb6d544f7f4a99edcc861
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
Origin
https://www.pantherafinance.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-permitted-cross-domain-policies
none
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
28192
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
etag
"0x8DC9A2FF28351DA"
x-azure-ref
20240709T010839Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nwes
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-ms-request-id
674899d2-801e-0028-34f2-cf300d000000
x-ms-version
2018-03-28
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
RedHatText-Regular.0b0b417dda404d94580e.woff2
www.pantherafinance.com.au/static/media/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pantherafinance.com.au/static/media/RedHatText-Regular.0b0b417dda404d94580e.woff2
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
55e3c63ae6bae67dcd472fb0f04808c99c4b7d22a81133a4feeb92c65fbcbcdf
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
Origin
https://www.pantherafinance.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-permitted-cross-domain-policies
none
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
27392
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
etag
"0x8DC9A2FF287BE08"
x-azure-ref
20240709T010839Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nwet
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-ms-request-id
fee951c8-401e-00a1-1200-d08ad8000000
x-ms-version
2018-03-28
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
RedHatText-Medium.df25112717855001bd7c.woff2
www.pantherafinance.com.au/static/media/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pantherafinance.com.au/static/media/RedHatText-Medium.df25112717855001bd7c.woff2
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be6a97aac447b092138458797a3a5a621696f1bcd4d61be04200c9f9c25c1691
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
Origin
https://www.pantherafinance.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-permitted-cross-domain-policies
none
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
28308
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
etag
"0x8DC9A2FF287BE08"
x-azure-ref
20240709T010839Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nweu
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-ms-request-id
f091a09b-c01e-0029-3df2-cf6fd1000000
x-ms-version
2018-03-28
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
alerts
api.pantherafinance.com.au/fn/api/ 		96 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pantherafinance.com.au/fn/api/alerts?portal=Panthera
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/static/js/main.fd90580f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.126.228.86 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
99d0562a3c94d89e0a3c2a0532359fb15946f33f2cd678ea3a01749f54b36e8b
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.pantherafinance.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';
X-Permitted-Cross-Domain-Policies
none
Date
Tue, 09 Jul 2024 01:08:39 GMT
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:2586de42-129e-49d5-9d77-3c5463766d4b
Pragma
no-cache
Referrer-Policy
strict-origin
Vary
Accept-Encoding,Origin
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.pantherafinance.com.au
Access-Control-Expose-Headers
Retry-After
Cache-Control
no-cache, no-store
Expires
-1
HomeHeroGraphic.117cbdaa983d0e3e1a21.png
www.pantherafinance.com.au/static/media/ 		226 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pantherafinance.com.au/static/media/HomeHeroGraphic.117cbdaa983d0e3e1a21.png
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce162dac14dbe5f9b13b7f4da02f2a8607d4941adbd536df4d2685d62afac8e4
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-permitted-cross-domain-policies
none
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
64419137
content-length
231294
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
etag
"0x8DC9A2FF2832AE0"
x-azure-ref
20240709T010839Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nwer
x-frame-options
SAMEORIGIN
content-type
image/png
x-ms-request-id
45179e17-f01e-00b4-0448-d09d6b000000
x-ms-version
2018-03-28
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
RedHatText-Bold.fd2740571f3b47f7cfc8.woff2
www.pantherafinance.com.au/static/media/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pantherafinance.com.au/static/media/RedHatText-Bold.fd2740571f3b47f7cfc8.woff2
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b1685aa85c2aae3d614b45efe3a4997ff76c63e061ae568aea1da8c6e42ea963
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
Origin
https://www.pantherafinance.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-permitted-cross-domain-policies
none
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
27620
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
etag
"0x8DC9A2FF28378F2"
x-azure-ref
20240709T010839Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nwev
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-ms-request-id
fee5ad0f-901e-0079-79f9-cfad81000000
x-ms-version
2018-03-28
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.213.196.212 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.pantherafinance.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 09 Jul 2024 01:08:39 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/static/js/main.fd90580f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.213.196.212 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f6e1a1bec809e9f25dcadfe60ee205670626400d2086ace12c697c95d53b0621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pantherafinance.com.au/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 09 Jul 2024 01:08:39 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
widget
api.yabbr.io/2019-01-23/organisations/29f9e16d4cb3d8fdcad686a38c745af5eda51886e99ee70b85e7ef989ace3d79/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.yabbr.io/2019-01-23/organisations/29f9e16d4cb3d8fdcad686a38c745af5eda51886e99ee70b85e7ef989ace3d79/widget?lang=en&_ts=1720487319929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-104.syd3.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.pantherafinance.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,X-Api-Key,X-MFA,X-Organisation,X-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
application/json
date
Tue, 09 Jul 2024 01:08:39 GMT
via
1.1 5bbd11939e03577f970787e60c8f7b4e.cloudfront.net (CloudFront)
x-amz-apigw-id
ansPyEJjywMEqZA=
x-amz-cf-id
64tAIi2pD8VMD9NcHsTqHgMNZvu664ozhIXwMXMpkm2pqlMgf-KeJA==
x-amz-cf-pop
SYD3-P1
x-amzn-requestid
95ce53c8-6085-4d78-af0f-18518352851d
x-cache
Miss from cloudfront
widget
api.yabbr.io/2019-01-23/organisations/29f9e16d4cb3d8fdcad686a38c745af5eda51886e99ee70b85e7ef989ace3d79/ Frame D8B8 		8 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.yabbr.io/2019-01-23/organisations/29f9e16d4cb3d8fdcad686a38c745af5eda51886e99ee70b85e7ef989ace3d79/widget?lang=en&_ts=1720487319929
Requested by
Host: go.yabbr.io
URL: https://go.yabbr.io/js/app-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-104.syd3.r.cloudfront.net
Software
/
Resource Hash
82f4f4ddf48d026f22495653f82b064f9d69bb79ddd81e3857c8f3490576766e
Security Headers
Name Value
Content-Security-Policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 09 Jul 2024 01:08:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp
x-amzn-remapped-server
Yabbr
via
1.1 5bbd11939e03577f970787e60c8f7b4e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD3-P1
x-amzn-requestid
804b61d7-10ad-431b-addd-9da5c9e0b919
x-cache
Miss from cloudfront
x-amz-apigw-id
ansPyGFfywMEo0A=
content-length
8365
x-xss-protection
1; mode=block
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer, strict-origin-when-cross-origin
x-amzn-trace-id
Root=1-668c8d97-58a8c8e270f7c26f3f757e0b;Parent=2fb7a8a164121c36;Sampled=0;lineage=fabbb60b:0
x-frame-options
DENY
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,POST,PUT,PATCH
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-store
vary
Accept-Encoding
access-control-allow-headers
Authorization,Content-Type,X-Api-Key,X-MFA,X-Organisation,X-Token
x-amz-cf-id
3YCkqbx_ImAtuazkVLy891ZPrQb98WWxmgiH2U8s7XI5tS2DIFPe6w==
favicon-32x32.png
www.pantherafinance.com.au/favicon/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pantherafinance.com.au/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c80f98de787c736ce1969ffb7bcded627203891a8132653b69a34941e0fcd832
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pantherafinance.com.au/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-permitted-cross-domain-policies
none
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
64419137
content-length
1894
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 02 Jul 2024 00:43:10 GMT
etag
"0x8DC9A2FF26DF847"
x-azure-ref
20240709T010839Z-176dcb556f6vl2rlvv1q4a7h98000000032000000000nwfp
x-frame-options
SAMEORIGIN
content-type
image/png
x-ms-request-id
08b92a7c-d01e-008c-4b47-d039ab000000
x-ms-version
2018-03-28
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: www.pantherafinance.com.au
URL: https://www.pantherafinance.com.au/static/js/main.fd90580f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.213.196.212 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f713a74fd8401a3bb5b170dbf939b32fa69776cd970f5293053d1714423e2d31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pantherafinance.com.au/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 09 Jul 2024 01:08:39 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
/
go.yabbr.io/socket.io/ Frame D8B8 		118 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.yabbr.io/socket.io/?EIO=4&transport=polling&t=P2L2Hda
Requested by
Host: go.yabbr.io
URL: https://go.yabbr.io/js/app-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
/
Resource Hash
d5f06d6c78b488a762d8f036fcd4492b05f8a40995e7b086643b8fd20c7c4ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.pantherafinance.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
118
x-amz-cf-id
zBytgxpT9k-QeSeGaSoeKt8QsTsqyBgro2Kl87fhjSo8kX1ZpLQjiA==
purple-web-chat-icon.png
aueprodpublicassets.blob.core.windows.net/images/ Frame D8B8 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aueprodpublicassets.blob.core.windows.net/images/purple-web-chat-icon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.73.234 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd6ce92349bdb8df035b4f94180ec1d942f3a4c58efbcf73ca204b777afe5deb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 09 Jul 2024 01:08:40 GMT
Last-Modified
Wed, 14 Jun 2023 01:24:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
STF3HhVAdKsChyzDNH4rvA==
ETag
0x8DB6C7627D104E7
Content-Type
image/png
x-ms-request-id
7b44053e-c01e-002a-409c-d1cb7c000000
x-ms-version
2009-09-19
Content-Length
3355
Roboto-700.227c93190fe7f82de3f802ce0b614d3b.woff2
go.yabbr.io/fonts/ Frame D8B8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://go.yabbr.io/fonts/Roboto-700.227c93190fe7f82de3f802ce0b614d3b.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
Yabbr /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
Content-Security-Policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://go.yabbr.io https://yabbr.chat https://www.google.com/recaptcha/ https://www.googletagmanager.com/gtag/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.pantherafinance.com.au
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
2HAWBhq7G0kxCendQRY7aCunpe9CCZ21
content-security-policy
default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://go.yabbr.io https://yabbr.chat https://www.google.com/recaptcha/ https://www.googletagmanager.com/gtag/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
date
Tue, 09 Jul 2024 00:34:57 GMT
age
2057
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15860
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Fri, 05 Jul 2024 06:13:10 GMT
server
Yabbr
etag
"e9f5aaf547f165386cd313b995dddd8e"
access-control-max-age
300
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
DENY
cache-control
max-age=31557600
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
Ire2IZT-wCvF93zxMqZhkWJrX6ouGcIXit7LMa5s1Ow13sqLVrElfw==
/
go.yabbr.io/socket.io/ Frame D8B8 		2 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.yabbr.io/socket.io/?EIO=4&transport=polling&t=P2L2He3&sid=KSIAzBgelm7Mm4VgARdO
Requested by
Host: go.yabbr.io
URL: https://go.yabbr.io/js/app-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Jul 2024 01:08:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
https://www.pantherafinance.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
2
x-amz-cf-id
MWfep_4ocCevXHsJ0Gmm9ldwylmbKdT03E6Uk41xMTjmSHf4SqCYog==
/
go.yabbr.io/socket.io/ Frame D8B8 		32 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.yabbr.io/socket.io/?EIO=4&transport=polling&t=P2L2He4&sid=KSIAzBgelm7Mm4VgARdO
Requested by
Host: go.yabbr.io
URL: https://go.yabbr.io/js/app-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
/
Resource Hash
0c436a0e3e823cce67c5c02cdc7e1fabc327c662675aa1bccd658a9c0c3e9da1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.pantherafinance.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
32
x-amz-cf-id
31MBG93QDfIAlatn0BdbSA6FPne9RnB0Y4MynEAKty7bZtk_EEnhSQ==
/
go.yabbr.io/socket.io/ Frame D8B8 		17 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.yabbr.io/socket.io/?EIO=4&transport=polling&t=P2L2HeI&sid=KSIAzBgelm7Mm4VgARdO
Requested by
Host: go.yabbr.io
URL: https://go.yabbr.io/js/app-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
/
Resource Hash
8a6c0c3835a34cbce900d4661cf52b0ce0da9ac617062bac1a18537decff5fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 01:08:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.pantherafinance.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
17
x-amz-cf-id
AGsHwqzkKB6dTDnps-tVZPgdBgcJYL4wB9_W7NeoQEYyKb9jGdYbQA==
/
go.yabbr.io/socket.io/ Frame D8B8 		2 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.yabbr.io/socket.io/?EIO=4&transport=polling&t=P2L2HeJ&sid=KSIAzBgelm7Mm4VgARdO
Requested by
Host: go.yabbr.io
URL: https://go.yabbr.io/js/app-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-14.syd62.r.cloudfront.net
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Jul 2024 01:08:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
via
1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
https://www.pantherafinance.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
2
x-amz-cf-id
J3XHmtaIHpsTv_A2wm_e5LyDppkzpI0YLe6Q4IKGp6N28T2hHnP7BA==

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| config function| yabbr object| w object| f object| j object| y number| 2f1acc6c3a606b082e5eef5e54414ffb object| __dynProto$Gbl function| _ function| IMask object| regeneratorRuntime function| saveAs function| openYabbrWidget

3 Cookies

Domain/Path Name / Value
www.pantherafinance.com.au/ Name: ai_user
Value: 19oJiK/FI0S14HZpmPZdqN|2024-07-09T01:08:39.566Z
www.pantherafinance.com.au/ Name: ai_session
Value: whVEHKf+aAhrZIyDGukjkr|1720487319731|1720487319731
go.yabbr.io/ Name: AWSALBCORS
Value: QQhr4p25BjYQo10PqWUO1lr+AmPZnacidZx+WiYFI+QRjCjOwhk3p1UJkNn1wUKyIWWA160PHB8gLspPHlD1j9Qc4e/lDLQOVkhx8gJf9qFwgJAtkrGaDg5v9zJn

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/ https://maps.googleapis.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/ https://aueprodpublicassets.blob.core.windows.net/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pantherafinance.com.au
api.yabbr.io
aueprodpublicassets.blob.core.windows.net
dc.services.visualstudio.com
go.yabbr.io
www.pantherafinance.com.au
13.107.246.31
18.65.244.104
18.67.93.14
20.213.196.212
20.60.73.234
40.126.228.86
0c436a0e3e823cce67c5c02cdc7e1fabc327c662675aa1bccd658a9c0c3e9da1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29ce3fa5cfe205fa68d7e5cb64bf1f0ed9b06b182dc74a88e03c05f6731fdf58
359a2738dabe6d8af26ec9f28a1254309f852aa5c95ff01377a0e7210d95ff44
55e3c63ae6bae67dcd472fb0f04808c99c4b7d22a81133a4feeb92c65fbcbcdf
592ec7606b24fb2cfc25d7ffe6fe577ed96d212c2fd7addbfb7210926952a697
68071df097f76f622c806776a55e6eff60ed01aa43d70f885435761a950bfbc4
82f4f4ddf48d026f22495653f82b064f9d69bb79ddd81e3857c8f3490576766e
8a6c0c3835a34cbce900d4661cf52b0ce0da9ac617062bac1a18537decff5fd9
99d0562a3c94d89e0a3c2a0532359fb15946f33f2cd678ea3a01749f54b36e8b
b1685aa85c2aae3d614b45efe3a4997ff76c63e061ae568aea1da8c6e42ea963
bd6ce92349bdb8df035b4f94180ec1d942f3a4c58efbcf73ca204b777afe5deb
be6a97aac447b092138458797a3a5a621696f1bcd4d61be04200c9f9c25c1691
c80f98de787c736ce1969ffb7bcded627203891a8132653b69a34941e0fcd832
c81da9428a2fccfb3bbc869ff93ff103d3e0b2c9fc7e036039452fe4d1ae9e6b
ce162dac14dbe5f9b13b7f4da02f2a8607d4941adbd536df4d2685d62afac8e4
d5f06d6c78b488a762d8f036fcd4492b05f8a40995e7b086643b8fd20c7c4ba9
e559996c4d44063e88f113ad177efab007dc88977757ea23e91bb7d3591c4fd9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6e1a1bec809e9f25dcadfe60ee205670626400d2086ace12c697c95d53b0621
f713a74fd8401a3bb5b170dbf939b32fa69776cd970f5293053d1714423e2d31
f9d2459930345ee736b718f6e7534e304123a6a6240fb6d544f7f4a99edcc861