ep4-pen.balantia.com Open in urlscan Pro
18.153.162.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ep4-pen.balantia.com/
Effective URL:
https://ep4-pen.balantia.com/login
Submission: On June 07 via api (June 7th 2024, 6:48:40 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 18.153.162.82, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is ep4-pen.balantia.com.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.

This is the only time ep4-pen.balantia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	18.153.162.82 18.153.162.82	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
16	4

12 18.153.162.82 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com

ep4-pen.balantia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	balantia.com 1 redirects ep4-pen.balantia.com	2 MB
2	google.com www.google.com — Cisco Umbrella Rank: 5	974 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 260	90 KB
1	gstatic.com www.gstatic.com	205 KB
16	4

	Domain	Requested by
12	ep4-pen.balantia.com	1 redirects ep4-pen.balantia.com
2	www.google.com	ep4-pen.balantia.com www.gstatic.com
2	cdnjs.cloudflare.com	ep4-pen.balantia.com cdnjs.cloudflare.com
1	www.gstatic.com	www.google.com
16	4

This site contains no links.

Subject Issuer	Validity	Valid
ep4-pen.balantia.com R3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ep4-pen.balantia.com/login
Frame ID: A301F8F1629A5C70F800032795110173
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNb-snAAAAAD2rgpeKSL-E74pj2lE9IsPaI3pU&co=aHR0cHM6Ly9lcDQtcGVuLmJhbGFudGlhLmNvbTo0NDM.&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=32g8j2io3zm
Frame ID: 37BB2DD76F7C92F30B56629C9F75C5D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Balantia

Page URL History Show full URLs

https://ep4-pen.balantia.com/ HTTP 302
https://ep4-pen.balantia.com/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

16
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2513 kB
Transfer

2869 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ep4-pen.balantia.com/ HTTP 302
https://ep4-pen.balantia.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
ep4-pen.balantia.com/
Redirect Chain

https://ep4-pen.balantia.com/
https://ep4-pen.balantia.com/login

5 KB
3 KB

43ms
42ms

Document
text/html

18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ep4-pen.balantia.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 / PHP/8.1.20
Resource Hash: 93b71d63b0b5356300d52f9f8cdc0190bd659b963e4ec25ae9817bf8408cf209

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Length: 2113
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 18:48:34 GMT
server: nginx/1.14.2
x-powered-by: PHP/8.1.20

Redirect headers

cache-control: no-cache, private
content-length: 383
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 18:48:34 GMT
location: https://ep4-pen.balantia.com/login
server: nginx/1.14.2
x-powered-by: PHP/8.1.20

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 50ms
28ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/
Origin: https://ep4-pen.balantia.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1372089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10391
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbuV5ILA8xEfmeN66tbDpnR1gmVG8Buxt3ZnclTyRa7TCVoG9Ng43kKFqKLK%2BQsjDj4eMHmiSzXM1rPtUK5azqJFF%2Fz7MLFsow8VK%2FfVndR4mSkj6pYTp0Sv4p%2FfIpTExBFRkAHv7TpllBiKEPnmZ47j"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8902d131ee10903a-FRA
expires: Wed, 28 May 2025 18:48:34 GMT

GET
H/1.1 200
OK app-e1fa9db2.css
ep4-pen.balantia.com/build/assets/ 1 MB
1 MB 29ms
27ms Stylesheet
text/css 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ep4-pen.balantia.com/build/assets/app-e1fa9db2.css
Requested by: Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: e1fa9db2662634aa1749fcdebc89e41bd19c1d1a4f1dbcbadc4682e1a843f123

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
last-modified: Mon, 27 May 2024 16:31:46 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b572-130c5f"
content-length: 1248351
content-type: text/css

GET
H/1.1 200
OK logo_nze_login.svg
ep4-pen.balantia.com/adminlte/img_balantia/login/ 7 KB
7 KB 54ms
39ms Image
image/svg+xml 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ep4-pen.balantia.com/adminlte/img_balantia/login/logo_nze_login.svg
Requested by: Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 17982e927b3674044829177f0fe3fcfb21dcfb21ba1085ff769c1e15d154ccd4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
last-modified: Mon, 27 May 2024 16:31:24 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b55c-1cdf"
content-length: 7391
content-type: image/svg+xml

GET
H/1.1 200
OK logo_balantia_login.svg
ep4-pen.balantia.com/adminlte/img_balantia/login/ 11 KB
11 KB 56ms
40ms Image
image/svg+xml 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ep4-pen.balantia.com/adminlte/img_balantia/login/logo_balantia_login.svg
Requested by: Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 5ea7d15831c19854eae76e91082bf471ca3133057bcda9e667b0014266c0fd50

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
last-modified: Mon, 27 May 2024 16:31:24 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b55c-2a27"
content-length: 10791
content-type: image/svg+xml

GET
H/1.1 200
OK slm-a1246c2d.css
ep4-pen.balantia.com/build/assets/ 34 KB
34 KB 70ms
56ms Stylesheet
text/css 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ep4-pen.balantia.com/build/assets/slm-a1246c2d.css
Requested by: Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: a1246c2da1232506e9d024a5c2a357c4305d5b9ff07cd858e4d41fe3ffc294c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
last-modified: Mon, 27 May 2024 16:31:46 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b572-87c9"
content-length: 34761
content-type: text/css

GET
H/1.1 200
OK app-f2458fc6.js Show response
ep4-pen.balantia.com/build/assets/ 27 B
252 B 54ms
41ms Script
application/javascript 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ep4-pen.balantia.com/build/assets/app-f2458fc6.js
Requested by: Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: a2de5828913c16136fd411c29aa76ec093a20f80bf47c80d1cb78a94e56355e9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/login
Origin: https://ep4-pen.balantia.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
last-modified: Mon, 27 May 2024 16:31:46 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b572-1b"
content-length: 27
content-type: application/javascript

GET
H/1.1 200
OK slm-a6d1ce77.js Show response
ep4-pen.balantia.com/build/assets/ 1 B
224 B 59ms
46ms Script
application/javascript 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ep4-pen.balantia.com/build/assets/slm-a6d1ce77.js
Requested by: Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/login
Origin: https://ep4-pen.balantia.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
last-modified: Mon, 27 May 2024 16:31:46 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b572-1"
content-length: 1
content-type: application/javascript

GET
H/1.1 200
OK jquery.min.js Show response
ep4-pen.balantia.com/adminlte/adminlte_32/plugins/jquery/ 87 KB
88 KB 28ms
27ms Script
application/javascript 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ep4-pen.balantia.com/adminlte/adminlte_32/plugins/jquery/jquery.min.js
Requested by: Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
last-modified: Mon, 27 May 2024 16:31:23 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b55b-15d9d"
content-length: 89501
content-type: application/javascript

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
ep4-pen.balantia.com/adminlte/adminlte_32/plugins/bootstrap/js/ 81 KB
82 KB 30ms
29ms Script
application/javascript 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ep4-pen.balantia.com/adminlte/adminlte_32/plugins/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
last-modified: Mon, 27 May 2024 16:31:23 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b55b-14535"
content-length: 83253
content-type: application/javascript

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
974 B 41ms
23ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfNb-snAAAAAD2rgpeKSL-E74pj2lE9IsPaI3pU

Requested by

Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de9c2355fa57c94c365aacafa1742d7e748c018802846f56b15eff5f7f607583

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 07 Jun 2024 18:48:34 GMT

GET
H/1.1 200
OK fondo_login.png
ep4-pen.balantia.com/adminlte/img_balantia/login/ 711 KB
711 KB 18ms
18ms Image
image/png 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ep4-pen.balantia.com/adminlte/img_balantia/login/fondo_login.png
Requested by: Host: ep4-pen.balantia.com
URL: https://ep4-pen.balantia.com/build/assets/slm-a1246c2d.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 16de9dadecc36fe1d12974d512378648eed5452f9edcf6dbb00cfaaca6f582be

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/build/assets/slm-a1246c2d.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:35 GMT
last-modified: Mon, 27 May 2024 16:31:24 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b55c-b1a46"
content-length: 727622
content-type: image/png

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 17ms
17ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://ep4-pen.balantia.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:35 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 772637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80148
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-13914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XAVzueWbzgvdSrxQrfos15kXS8t2mDSHFelFbpM5OFSUXhIl%2FNFRgcoeH7gpC2pKo4LnhLkmHh1otPOLHOu%2FrcE3jouY0zHRwKALcvDDd%2BKVFH8hOtvTOYHOGtJRNdKW6NGprv%2BigeVJkGKg17mibBio"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8902d134ba82903a-FRA
expires: Wed, 28 May 2025 18:48:35 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ 515 KB
205 KB 203ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfNb-snAAAAAD2rgpeKSL-E74pj2lE9IsPaI3pU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/
Origin: https://ep4-pen.balantia.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 11:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209755
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 04:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jun 2025 11:46:38 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 37BB 0
0 46ms
33ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNb-snAAAAAD2rgpeKSL-E74pj2lE9IsPaI3pU&co=aHR0cHM6Ly9lcDQtcGVuLmJhbGFudGlhLmNvbTo0NDM.&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=32g8j2io3zm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4OvOfI0fyJBZ3utu2AeFgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ep4-pen.balantia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4OvOfI0fyJBZ3utu2AeFgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jun 2024 18:48:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
ep4-pen.balantia.com/ 62 KB
62 KB 18ms
17ms Other
image/x-icon 18.153.162.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ep4-pen.balantia.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.153.162.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-162-82.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 8a30da6e47911327d0cd70d5ec88f48c25b35e647f8b0818a062bf1da07ad5d9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ep4-pen.balantia.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:48:35 GMT
last-modified: Mon, 27 May 2024 16:31:24 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6654b55c-f83e"
content-length: 63550
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ep4-pen.balantia.com/	1970-01-20 21:09:53	Name: balantia_session Value: 6B5zMibPuzKocFhLZW3uM3FjavITfrFjRp4URYO3
ep4-pen.balantia.com/	1970-01-21 05:55:22	Name: cookiesession1 Value: 678A3EF0B4003C01F7560E9535B85BDE
ep4-pen.balantia.com/	1970-01-20 21:09:53	Name: XSRF-TOKEN Value: eyJpdiI6Ii9JZm5rNUpRM1NzTDluRnpEK04xU0E9PSIsInZhbHVlIjoibk1pR2JJd1RwZ0VyU216RDJ5ZEI1MmkxcHd2QnRpMmpid2pzODdPTHBBdjFGQkhUaGtEY0w2ZFNrVXhQWE9BOUVaeEZKWkdiT0dIWGpLRUx3eTBrajdadW1nTTBRbzlGUHlEdnd5MEswb21UWXRnNFMvYUhxN0E4U1lSZmdUVW4iLCJtYWMiOiI1OTZkYmQ3OTI3MzNkYmYxNjFiNGRiODI5NTNmMzE2MDkxNThhMzcxOTJlMjNiY2I2MDc2OWUxZDczZDkxNDhiIiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://ep4-pen.balantia.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
ep4-pen.balantia.com
www.google.com
www.gstatic.com
18.153.162.82
2606:4700::6811:190e
2a00:1450:4001:809::2004
2a00:1450:4001:812::2003
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
16de9dadecc36fe1d12974d512378648eed5452f9edcf6dbb00cfaaca6f582be
17982e927b3674044829177f0fe3fcfb21dcfb21ba1085ff769c1e15d154ccd4
5ea7d15831c19854eae76e91082bf471ca3133057bcda9e667b0014266c0fd50
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
8a30da6e47911327d0cd70d5ec88f48c25b35e647f8b0818a062bf1da07ad5d9
93b71d63b0b5356300d52f9f8cdc0190bd659b963e4ec25ae9817bf8408cf209
a1246c2da1232506e9d024a5c2a357c4305d5b9ff07cd858e4d41fe3ffc294c3
a2de5828913c16136fd411c29aa76ec093a20f80bf47c80d1cb78a94e56355e9
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
de9c2355fa57c94c365aacafa1742d7e748c018802846f56b15eff5f7f607583
e1fa9db2662634aa1749fcdebc89e41bd19c1d1a4f1dbcbadc4682e1a843f123
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ep4-pen.balantia.com Open in urlscan Pro 18.153.162.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

2513 kBTransfer

2869 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

ep4-pen.balantia.com Open in urlscan Pro
18.153.162.82 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2513 kB
Transfer

2869 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions