casablancafinance.com.au Open in urlscan Pro
2405:3f00:a222:bbbb:bba1:31:ffff:ffff  Public Scan

Submitted URL: http://casablancafinance.com.au/NFF/Hi/
Effective URL: http://casablancafinance.com.au/NFF/Hi/login.php
Submission: On March 21 via manual from GT — Scanned from CA

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2405:3f00:a222:bbbb:bba1:31:ffff:ffff, located in Australia and belongs to DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU. The main domain is casablancafinance.com.au.
This is the only time casablancafinance.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2405:3f00:a22... 38719 (DREAMSCAP...)
1 2a04:4e42:200... 54113 (FASTLY)
7 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
18 6
Apex Domain
Subdomains
Transfer
7 google.com
www.google.com — Cisco Umbrella Rank: 5
68 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
450 KB
2 casablancafinance.com.au
casablancafinance.com.au
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1217
79 KB
18 4
Domain Requested by
7 www.google.com casablancafinance.com.au
www.gstatic.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
2 fonts.gstatic.com www.google.com
2 casablancafinance.com.au
1 code.jquery.com casablancafinance.com.au
18 5

This site contains no links.

Subject Issuer Validity Valid
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
www.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh

This page contains 2 frames:

Primary Page: http://casablancafinance.com.au/NFF/Hi/login.php
Frame ID: 75677A3409CC2BF8367FAD077C16CD92
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
Frame ID: F4AB9F1316BB8EEAAAC128106AD623A7
Requests: 11 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://casablancafinance.com.au/NFF/Hi/ Page URL
  2. http://casablancafinance.com.au/NFF/Hi/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

18
Requests

78 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

598 kB
Transfer

1471 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://casablancafinance.com.au/NFF/Hi/ Page URL
  2. http://casablancafinance.com.au/NFF/Hi/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
casablancafinance.com.au/NFF/Hi/
1 KB
1 KB
Document
General
Full URL
http://casablancafinance.com.au/NFF/Hi/
Protocol
HTTP/1.1
Server
2405:3f00:a222:bbbb:bba1:31:ffff:ffff , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
e94e5b9a54c2651e34b86d4c8ef709b1c4477af90bce7942194f0e9673f41fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
583
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Mar 2024 21:47:54 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Upgrade
h2,h2c
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.4.33
X-XSS-Protection
1; mode=block
jquery-3.3.1.js
code.jquery.com/
265 KB
79 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.js
Requested by
Host: casablancafinance.com.au
URL: http://casablancafinance.com.au/NFF/Hi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://casablancafinance.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 21:47:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
16255473
x-cache
HIT, HIT
content-length
80268
x-served-by
cache-lga21980-LGA, cache-yyz4542-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1711057676.516245,VS0,VE0
etag
W/"28feccc0-42587"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
10711, 2834
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: casablancafinance.com.au
URL: http://casablancafinance.com.au/NFF/Hi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8274175d96212541f3445e21c0a8ab63930110be676b47bce779c4119cf8323
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://casablancafinance.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 21:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 21:47:55 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/
492 KB
197 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://casablancafinance.com.au/
Origin
http://casablancafinance.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 17:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200837
x-xss-protection
0
last-modified
Fri, 15 Mar 2024 21:41:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 17:35:56 GMT
anchor
www.google.com/recaptcha/api2/ Frame F4AB
45 KB
28 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e85e4116e97b9de5386f419e61fc801b5a250184d28bf33c7d5ae8effa348514
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XiQxAqsuhUkohDwGk-TJgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://casablancafinance.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XiQxAqsuhUkohDwGk-TJgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Mar 2024 21:47:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ Frame F4AB
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 20:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Fri, 15 Mar 2024 21:41:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 20:43:09 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ Frame F4AB
492 KB
196 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 17:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200837
x-xss-protection
0
last-modified
Fri, 15 Mar 2024 21:41:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 17:35:56 GMT
Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js
www.google.com/js/bg/ Frame F4AB
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ae8ff9033b1ee4401d79935e597e715ff0e501fae7c1be9129f8c033d59b3ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:00:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
10046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7310
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 19:00:31 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F4AB
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 05:27:42 GMT
x-content-type-options
nosniff
age
58815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 28 Mar 2024 05:27:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4AB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:08:02 GMT
x-content-type-options
nosniff
age
135596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 08:08:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4AB
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:57:54 GMT
x-content-type-options
nosniff
age
136204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 07:57:54 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame F4AB
102 B
135 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ca815ec6737d0c4bc1e16779dfdbb8241fb7ad898e6459db9d399435125ab515
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 21:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 21:47:57 GMT
reload
www.google.com/recaptcha/api2/ Frame F4AB
14 KB
10 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b2f771cfaa9c196d7e06f42b516a188f29e2777d05fbcb4375ca7149119a2b72
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 21 Mar 2024 21:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 21:47:58 GMT
login.php
casablancafinance.com.au/NFF/Hi/
0
0

reload
www.google.com/recaptcha/api2/ Frame F4AB
14 KB
10 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29bf229d7db96644b5c1ea48903945fc0b377fcf2f0f419fba6096fbbf2d2999
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 21 Mar 2024 21:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 21:47:58 GMT
login.php
casablancafinance.com.au/NFF/Hi/
0
0

reload
www.google.com/recaptcha/api2/ Frame F4AB
14 KB
11 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
91d089707366550a21bc2acd6811fa733a867dcf84dc4fe0beeceda55ad236a8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKp6ApAAAAAF2UvkBKFPSt3UUMFMCSmru9PN_A&co=aHR0cDovL2Nhc2FibGFuY2FmaW5hbmNlLmNvbS5hdTo4MA..&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=xusyvj54if04
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 21 Mar 2024 21:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 21:47:58 GMT
Primary Request login.php
casablancafinance.com.au/NFF/Hi/
26 KB
0
Document
General
Full URL
http://casablancafinance.com.au/NFF/Hi/login.php
Protocol
HTTP/1.1
Server
2405:3f00:a222:bbbb:bba1:31:ffff:ffff , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://casablancafinance.com.au
Referer
http://casablancafinance.com.au/NFF/Hi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
4359
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Mar 2024 21:47:59 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Upgrade
h2,h2c
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.4.33
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
casablancafinance.com.au
URL
http://casablancafinance.com.au/NFF/Hi/login.php
Domain
casablancafinance.com.au
URL
http://casablancafinance.com.au/NFF/Hi/login.php

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AKoyJkvPjG1cHWpAZFOQdrIOfrfODD2eWYLXRMn_PHwnpPlNBzkmbbVubI4kO9VolUgfBGrW5-x2xcj-qHWlCNM
casablancafinance.com.au/ Name: PHPSESSID
Value: ddb4e4511dff9851b211459b410946c1

7 Console Messages

Source Level URL
Text
other warning URL: http://casablancafinance.com.au/NFF/Hi/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://casablancafinance.com.au/NFF/Hi/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://casablancafinance.com.au/NFF/Hi/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://casablancafinance.com.au/NFF/Hi/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://casablancafinance.com.au/NFF/Hi/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: http://casablancafinance.com.au/NFF/Hi/login.php
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.3.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://casablancafinance.com.au/NFF/Hi/login.php
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.3.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block