urlscan.io logo urlscan.io
SecurityTrails logo

idaas-cdn.wprd1.balglobal.com Open in urlscan Pro
143.204.98.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cobalt2.balglobal.com/#/dashboard/home?triggerPassword=true
Effective URL: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Submission: On February 25 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 4 domains to perform 42 HTTP transactions. The main IP is 143.204.98.102, located in United States and belongs to AMAZON-02, US. The main domain is idaas-cdn.wprd1.balglobal.com. The Cisco Umbrella rank of the primary domain is 481036.
TLS certificate: Issued by Amazon on April 16th 2021. Valid for: a year.
This is the only time idaas-cdn.wprd1.balglobal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 54.149.17.76 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 65.9.63.86 16509 (AMAZON-02)
1 2 18.66.248.51 16509 (AMAZON-02)
7 143.204.98.102 16509 (AMAZON-02)
2 3.213.41.181 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
42 8
25    54.149.17.76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-17-76.us-west-2.compute.amazonaws.com
cobalt2.balglobal.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    65.9.63.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-86.fra56.r.cloudfront.net
cdn.heapanalytics.com
2    18.66.248.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-51.dus51.r.cloudfront.net
idaas-api.wprd1.balglobal.com
7    143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net
notification-api.wprd1.balglobal.com
idaas-cdn.wprd1.balglobal.com
2    3.213.41.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-41-181.compute-1.amazonaws.com
heapanalytics.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
34 balglobal.com
cobalt2.balglobal.com — Cisco Umbrella Rank: 407945
idaas-api.wprd1.balglobal.com — Cisco Umbrella Rank: 372954
notification-api.wprd1.balglobal.com — Cisco Umbrella Rank: 439791
idaas-cdn.wprd1.balglobal.com — Cisco Umbrella Rank: 481036
17 MB
4 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3026
heapanalytics.com — Cisco Umbrella Rank: 2637
86 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 gstatic.com
fonts.gstatic.com
137 KB
42 4
Domain Requested by
25 cobalt2.balglobal.com cobalt2.balglobal.com
5 idaas-cdn.wprd1.balglobal.com cobalt2.balglobal.com
idaas-cdn.wprd1.balglobal.com
3 fonts.googleapis.com cobalt2.balglobal.com
idaas-cdn.wprd1.balglobal.com
2 fonts.gstatic.com fonts.googleapis.com
2 heapanalytics.com idaas-cdn.wprd1.balglobal.com
2 notification-api.wprd1.balglobal.com cobalt2.balglobal.com
2 idaas-api.wprd1.balglobal.com 1 redirects cobalt2.balglobal.com
2 cdn.heapanalytics.com cobalt2.balglobal.com
idaas-cdn.wprd1.balglobal.com
42 8

This site contains links to these domains. Also see Links.

Domain
www.balglobal.com
Subject Issuer Validity Valid
*.balglobal.com
Amazon		 2021-04-06 -
2022-05-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
wprd1.balglobal.com
Amazon		 2021-04-16 -
2022-05-15		 a year crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Frame ID: 627FBBFFACB2E21016CE4288B659922C
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cobalt

Page URL History Show full URLs

  1. https://cobalt2.balglobal.com/ Page URL
  2. https://idaas-api.wprd1.balglobal.com/connect/authorize?client_id=CaseApp&redirect_uri=https%3A%2F%2Fcobalt2.balgl... HTTP 302
    https://idaas-cdn.wprd1.balglobal.com/idaas-ui/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

42
Requests

100 %
HTTPS

29 %
IPv6

4
Domains

8
Subdomains

8
IPs

2
Countries

17313 kB
Transfer

20277 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cobalt2.balglobal.com/ Page URL
  2. https://idaas-api.wprd1.balglobal.com/connect/authorize?client_id=CaseApp&redirect_uri=https%3A%2F%2Fcobalt2.balglobal.com%2Fcallback.html&response_type=code&scope=openid%20profile%20cobalt.restapi.casemanagement%20cobalt.restapi.docgen%20idaas%20offline_access%20custom.profile%20documents-api-read%20documents-api-write%20notification-api-manage%20bb.billing-api&state=ce0307a501c7443ca33caf372900cde8&code_challenge=N2pikvJgfwmeBnzh09Iz75QvwONc3suSrQ_oeXepP3M&code_challenge_method=S256&response_mode=query HTTP 302
    https://idaas-cdn.wprd1.balglobal.com/idaas-ui/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cobalt2.balglobal.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d38f28816dd2a84d3ef0260c8becf15798f15fec469efa7caa80ae0d09c31247
Security Headers
Name Value
Content-Security-Policy object-src 'none'; default-src 'none'; frame-src 'self' https://*.wprd1.balglobal.com https://recaptcha.net https://app.powerbi.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.wprd1.balglobal.com https://cdn.heapanalytics.com https://js-agent.newrelic.com https://bam.nr-data.net https://*.intercom.io https://*.intercomcdn.com pdf.js resource://pdf.js; style-src 'self' https://*.wprd1.balglobal.com https://fonts.gstatic.com https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' blob: https://*.wprd1.balglobal.com https://bal-applicationdata-wprd1.s3.us-west-2.amazonaws.com https://heapanalytics.com https://*.intercom.io https://*.intercomcdn.com https://*.intercomassets.com data:; connect-src 'self' https://bal-applicationdata-wprd1.s3.us-west-2.amazonaws.com https://*.wprd1.balglobal.com wss://ws.wprd1.balglobal.com https://*.amazonaws.com api-a.wprd1.balglobal.com docgen2-api-a.wprd1.balglobal.com cobalt-docs.com heapanalytics.com https://bam.nr-data.net https://*.intercom.io https://*.intercomcdn.com wss://*.intercom.io ws:; font-src 'self' https://*.wprd1.balglobal.com https://fonts.gstatic.com https://fonts.googleapis.com https://*.intercomcdn.com data:; media-src 'self' https://*.wprd1.balglobal.com https://*.intercomcdn.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 25 Feb 2022 04:03:38 GMT
content-type
text/html
content-length
2319
cache-control
max-age=0,no-store
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
accept-ranges
bytes
etag
"0a6784be17d81:0"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
object-src 'none'; default-src 'none'; frame-src 'self' https://*.wprd1.balglobal.com https://recaptcha.net https://app.powerbi.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.wprd1.balglobal.com https://cdn.heapanalytics.com https://js-agent.newrelic.com https://bam.nr-data.net https://*.intercom.io https://*.intercomcdn.com pdf.js resource://pdf.js; style-src 'self' https://*.wprd1.balglobal.com https://fonts.gstatic.com https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' blob: https://*.wprd1.balglobal.com https://bal-applicationdata-wprd1.s3.us-west-2.amazonaws.com https://heapanalytics.com https://*.intercom.io https://*.intercomcdn.com https://*.intercomassets.com data:; connect-src 'self' https://bal-applicationdata-wprd1.s3.us-west-2.amazonaws.com https://*.wprd1.balglobal.com wss://ws.wprd1.balglobal.com https://*.amazonaws.com api-a.wprd1.balglobal.com docgen2-api-a.wprd1.balglobal.com cobalt-docs.com heapanalytics.com https://bam.nr-data.net https://*.intercom.io https://*.intercomcdn.com wss://*.intercom.io ws:; font-src 'self' https://*.wprd1.balglobal.com https://fonts.gstatic.com https://fonts.googleapis.com https://*.intercomcdn.com data:; media-src 'self' https://*.wprd1.balglobal.com https://*.intercomcdn.com;
env-build.js
cobalt2.balglobal.com/config/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/config/env-build.js?v=8730a6daa9097545ce9c
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
0656fd73033822ba1f64497abd545ecad0bc3ee24ef2d8f2e98dfdf38a1ecf60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:38 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Sat, 05 Feb 2022 02:34:02 GMT
server
Microsoft-IIS/10.0
etag
"0c91ad6381ad81:0"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=0
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1552
oidc-client.min.js
cobalt2.balglobal.com/ 		353 KB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/oidc-client.min.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
1a4b72109c5aec5e529fdf161be9efdbc7f76b44a6f2f51054ffdba0f81fa6c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:38 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
361376
vendor~253ae210.8730a6daa9097545ce9c.css
cobalt2.balglobal.com/ 		135 KB
135 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~253ae210.8730a6daa9097545ce9c.css
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6c90bad7c4cb44004e147333a2f0f557ffbbe844c28c2538d468cccbddb2096a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:38 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
137933
vendor~37127547.8730a6daa9097545ce9c.css
cobalt2.balglobal.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~37127547.8730a6daa9097545ce9c.css
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e12c324a7beaa4a005fd4321129c475fc853d45a6c7ea7dd9918c2e50eeaea12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:38 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1199
vendor~fd731fb0.8730a6daa9097545ce9c.css
cobalt2.balglobal.com/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~fd731fb0.8730a6daa9097545ce9c.css
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
01e21892cd2ed618655e848032d0e962efaecf4ccd31cbb402f573384b205aae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:38 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
22422
vendor~ec8c427e.8730a6daa9097545ce9c.css
cobalt2.balglobal.com/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~ec8c427e.8730a6daa9097545ce9c.css
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
11be0c76553d52eb547d2a60eeb96c24fb7e09007777456dc052400316bc791c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:38 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1505687
css~d0ae3f07.8730a6daa9097545ce9c.css
cobalt2.balglobal.com/ 		258 KB
259 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/css~d0ae3f07.8730a6daa9097545ce9c.css
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
34c1ba2d6ca546864bd81a974280d2c1a63aea157dd8b46b9bd5cbc5a767b591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:38 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
264527
app~748942c6.8730a6daa9097545ce9c.css
cobalt2.balglobal.com/ 		2 MB
714 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/app~748942c6.8730a6daa9097545ce9c.css
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a3b24925fa11a535047d3c4ed86e941e48fd5baf148ff6a9c172c68e07e1f233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
729938
react~748942c6.8730a6daa9097545ce9c.css
cobalt2.balglobal.com/ 		169 KB
169 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/react~748942c6.8730a6daa9097545ce9c.css
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
30d0ca4b5ce84e1319c6435ef1ab0881fceb2a7a03150983e994a897a5be74fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:38 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
text/css
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
172757
vendor~253ae210.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~253ae210.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
bba4e912448c4b0b9ad315e3f876ca2d7edb757b50561069eaedcfce3c95432a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
2595881
vendor~37127547.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		725 KB
726 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~37127547.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
de21d92ba29e945a948bc5b8ff8ad54b7b81fda13eca4dda6f677fee57f63cf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
742412
vendor~e097a484.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		99 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~e097a484.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
21e65bc4a3044794d00eab6949777325d095f5373cd35347babb585cfa9b8ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
12262
vendor~313ef737.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~313ef737.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
f171247a2250d15889156f1c19ec61515cbaba0b038d118f59a001f641d583ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
2127001
vendor~5656635d.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		220 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~5656635d.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
34b47cd875ffa49486de883ea806226d3ab902f8a171c3934cf4f16c4c0500c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
27439
vendor~b1a98620.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		270 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~b1a98620.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6e0830bbc8e3a2f8c60bcdf8d52755ef35b932f0fd819d75bc0c12a224af8dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
61178
vendor~6e4a1e0e.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~6e4a1e0e.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e514dd39dfaeda006e2311e1aa8ed0a95167cf4294b7116bacf0f0b9877c7a14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
10551
vendor~e4173fa2.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~e4173fa2.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
93bee6bf9dbc4b1152cf8e0bd4b879e06389d8b027fd1271cff235d3eb04b356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
5274
vendor~7274e1de.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		330 KB
330 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~7274e1de.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
74d62a24236575c743646848dc65c795211c6648e08853487148b4892a772cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
337685
vendor~1f20a385.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~1f20a385.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2b9a977bd5d9f543f8d362f5e9373ac09ecbdc1294549d419a2ac4b55d33409d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
2414657
vendor~678f84af.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		407 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~678f84af.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d9eb8702a5f7c93a9cfed72d3a67ec279d0c09d7eab6fe9a125b87fd06e41974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
77054
vendor~fd731fb0.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		757 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~fd731fb0.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
da5f8957e843a0f716f7c647d33eb136216c3e6090352f86dba63fec2736779e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
173630
vendor~ec8c427e.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/vendor~ec8c427e.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
4fc58a932cc05fcae55c0b48ed3a04394ce7b8234a9bad92cf085d559d337497
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
2120699
app~748942c6.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/app~748942c6.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7f6b8cd8eed1e77b5628aa79162f9e058a011eda2a4bde19a1c64739858ad58c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
2657520
react~748942c6.8730a6daa9097545ce9c.js
cobalt2.balglobal.com/ 		690 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalt2.balglobal.com/react~748942c6.8730a6daa9097545ce9c.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.17.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-17-76.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7bfe8fbf313885841aa21f79231354b17af2c1e023a7d073c6d6b2eac25ac74b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:39 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 22:53:24 GMT
server
Microsoft-IIS/10.0
etag
"0a6784be17d81:0"
x-frame-options
DENY
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
122413
css
fonts.googleapis.com/ 		3 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/vendor~ec8c427e.8730a6daa9097545ce9c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fa6ee53c3ef19ace03102a1db4f117bb978ee63e116882903cc157caeff67a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:29:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 04:03:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 04:03:41 GMT
truncated
/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ef8a93c4388d3d9dfc038f1e8e72fb17ffc69411d160851c3b7e4c994d9b4c6

Request headers

Referer
Origin
https://cobalt2.balglobal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
font/ttf
heap-1057759589.js
cdn.heapanalytics.com/js/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1057759589.js
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/app~748942c6.8730a6daa9097545ce9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-86.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
49005131997248e40aad918b7096e1034d3b3549334e8f35647805bee32c16ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:00 GMT
content-encoding
gzip
server
nginx
age
44
etag
W/"1b83e-Yj5t83BZCTbwEJrzYf8spQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA56-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
N4qvAlTaNApr2GKTDl4crlbGhnmVH9YtEaONI0rsFruyWnu3brar_w==
openid-configuration
idaas-api.wprd1.balglobal.com/.well-known/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://idaas-api.wprd1.balglobal.com/.well-known/openid-configuration
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/vendor~1f20a385.8730a6daa9097545ce9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-51.dus51.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:44 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
DUS51-P1
x-amzn-requestid
6087cd63-be9d-4a7e-bfd0-cfd3f91434d1
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-apigw-id
OFI9IHeVPHcFg4g=
content-length
2081
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-amzn-trace-id
Root=1-62185520-0f4b50b3438a5e9e72afac13;Sampled=1
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://cobalt2.balglobal.com
access-control-allow-credentials
true
x-amz-cf-id
CX5Yrz8HvkKXcdaD3qFzxsPdV0ilMSeJYGNkznmsZAAcy6yGQAPe8Q==
connections
notification-api.wprd1.balglobal.com/notification-api/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification-api.wprd1.balglobal.com/notification-api/connections
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/vendor~e4173fa2.8730a6daa9097545ce9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://cobalt2.balglobal.com/
Authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-amzn-remapped-www-authenticate
Bearer error="invalid_token"
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
18cd137b-106b-4519-8abe-5682f8fe4a88
vary
Origin
x-cache
Error from cloudfront
access-control-allow-origin
https://cobalt2.balglobal.com
date
Fri, 25 Feb 2022 04:03:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
x-amz-apigw-id
OFI9KFKtvHcFrkw=
content-length
0
x-amzn-trace-id
Root=1-62185520-08426fb615032aa60e5bc515;Sampled=1
x-amz-cf-id
FD4qtW1N__02RQ-Gc7fbT-_82DOva0b40DO8mEK5FuFmOb9rjZFTmQ==
connections
notification-api.wprd1.balglobal.com/notification-api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notification-api.wprd1.balglobal.com/notification-api/connections
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization
Origin
https://cobalt2.balglobal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 25 Feb 2022 04:03:44 GMT
x-amzn-requestid
2d8903d2-9e04-448a-91a7-a90b39ee2352
access-control-allow-origin
https://cobalt2.balglobal.com
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Authorization,api-version
x-amz-apigw-id
OFI9IFTjPHcFdfA=
vary
Origin
access-control-allow-methods
GET,OPTIONS,POST,DELETE,PATCH,PUT
x-amzn-trace-id
Root=1-62185520-19bbe7be07e6eb1d38ce1b16;Sampled=1
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Jzq6Gsoqr27PfREHFdvo3oI6ygsOAhcQQjMpKsKwqNvregP7T4yNNg==
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1057759589&u=8438571472711382&v=8001562626590348&s=1270044970439764&b=web&tv=4.0&z=0&g=%23%2Fdashboard%2Fhome%3FtriggerPassword%3Dtrue&h=%2F&d=cobalt2.balglobal.com&ts=1645761824457&st=1645761824458
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.41.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-41-181.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cobalt2.balglobal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 04:03:44 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
Primary Request /
idaas-cdn.wprd1.balglobal.com/idaas-ui/
Redirect Chain
  • https://idaas-api.wprd1.balglobal.com/connect/authorize?client_id=CaseApp&redirect_uri=https%3A%2F%2Fcobalt2.balglobal.com%2Fcallback.html&response_type=code&scope=openid%20profile%20cobalt.restapi...
  • https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Requested by
Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/vendor~1f20a385.8730a6daa9097545ce9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
9bfa039504fe05b74747f83bfcc0c8f47741e20ffde7d508cd84a9367b21c8a5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://idaas-api.wprd1.balglobal.com https://idaas-cdn.wprd1.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com https://recaptcha.net; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:;
Strict-Transport-Security max-age=86400; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
1773
date
Fri, 25 Feb 2022 04:03:45 GMT
x-amzn-requestid
9ea8faf4-092c-4b31-9f6a-64f71fc94f3f
referrer-policy
same-origin
x-xss-protection
1; mode=block
strict-transport-security
max-age=86400; includeSubdomains; preload
x-frame-options
deny
content-security-policy
default-src 'self'; connect-src https://idaas-api.wprd1.balglobal.com https://idaas-cdn.wprd1.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com https://recaptcha.net; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:;
x-amz-apigw-id
OFI9SFVnPHcF-Kg=
cache-control
private, max-age=0, no-cache
x-content-type-options
nosniff
x-amzn-trace-id
Root=1-62185521-683213c20a32e07d70989a30
x-cache
Miss from cloudfront
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ktcNEeqOuAKaZ_qGUjBHm1BgIz4nW5xIr32bFIm34m7TVy4jgW8RAw==

Redirect headers

content-length
0
location
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/#/login?ReturnUrl=https%3A%2F%2Fidaas-api.wprd1.balglobal.com%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DCaseApp%26code_challenge%3DN2pikvJgfwmeBnzh09Iz75QvwONc3suSrQ_oeXepP3M%26code_challenge_method%3DS256%26redirect_uri%3Dhttps%253A%252F%252Fcobalt2.balglobal.com%252Fcallback.html%26response_mode%3Dquery%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520cobalt.restapi.casemanagement%2520cobalt.restapi.docgen%2520idaas%2520offline_access%2520custom.profile%2520documents-api-read%2520documents-api-write%2520notification-api-manage%2520bb.billing-api%26state%3Dce0307a501c7443ca33caf372900cde8
date
Fri, 25 Feb 2022 04:03:45 GMT
x-amzn-requestid
19be1307-0821-4c03-96c6-fe4270d50e99
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
x-amz-apigw-id
OFI9NHUYvHcF7CQ=
x-content-type-options
nosniff
x-amzn-trace-id
Root=1-62185521-0aab712e12d60c4076df28a9;Sampled=1
x-cache
Miss from cloudfront
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
BOGNkacrwb-U0XeUicAIk0nbZ1ueD7qPTMP3n87K7PTu07LzbxkHTg==
icon
fonts.googleapis.com/ 		569 B
462 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: idaas-cdn.wprd1.balglobal.com
URL: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
485fa9644b14058ebe8a472a9329941917a72aeed694f6a14880058c79c1ed75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 04:03:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 04:03:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 04:03:45 GMT
css
fonts.googleapis.com/ 		4 KB
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto
Requested by
Host: idaas-cdn.wprd1.balglobal.com
URL: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d155b0fe592a96c16aa42beed5ee24da3619eef037dfdae277c733700fe14d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 04:03:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 04:03:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 04:03:45 GMT
config.js
idaas-cdn.wprd1.balglobal.com/idaas-ui/ 		282 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/config.js?5fc293ce1d2095a69e39
Requested by
Host: idaas-cdn.wprd1.balglobal.com
URL: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
9217f882016ebff2ad36fb2882730bf19594a98b9d2d533db05866760b14707e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:46 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
f71fdc7e-13c5-47d2-bd82-102bcb3328fb
x-cache
Miss from cloudfront
content-type
application/x-javascript
x-amzn-trace-id
Root=1-62185522-16d5a4737589242928d498fc
x-amz-apigw-id
OFI9XFadPHcFmTQ=
content-length
282
x-amz-cf-id
2mmGmzLfJu6o9UV2zUArzRKrM_e8wbUEyBLoNPSjEG1GenIOgruphg==
app.5fc293ce1d2095a69e39.js
idaas-cdn.wprd1.balglobal.com/idaas-ui/ 		684 KB
686 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/app.5fc293ce1d2095a69e39.js
Requested by
Host: idaas-cdn.wprd1.balglobal.com
URL: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
f9020be2755cf0492e8dea1f914ca871ff7bb526af5e499000f3c9b5893d818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:46 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
e52a93ba-736c-4f20-82ec-4c175dbb9800
x-cache
Miss from cloudfront
content-type
application/x-javascript
x-amzn-trace-id
Root=1-62185522-32aad68d549011d17efb724c
x-amz-apigw-id
OFI9XE_APHcF4WA=
content-length
700813
x-amz-cf-id
0xNKFrWE1vkuDWvxmOJQRujHyVAPibNxUEBX_-Q30uI1IUko1iuLCQ==
heap-1057759589.js
cdn.heapanalytics.com/js/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1057759589.js
Requested by
Host: idaas-cdn.wprd1.balglobal.com
URL: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-86.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
49005131997248e40aad918b7096e1034d3b3549334e8f35647805bee32c16ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:00 GMT
content-encoding
gzip
server
nginx
age
46
etag
W/"1b83e-Yj5t83BZCTbwEJrzYf8spQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA56-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
Jt2SiVO4JAbueC0NckVEoRsMGjLzwLTrp3THRH-VfOaiHXL5gFcRFQ==
CobaltLogo_SingleColor.svg
idaas-cdn.wprd1.balglobal.com/idaas-ui/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/CobaltLogo_SingleColor.svg
Requested by
Host: idaas-cdn.wprd1.balglobal.com
URL: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
073e1c3f4b629289ada7b6c55d150a868977ae3d9db53ccc28c5b3c1854906e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:47 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
cfc2d45e-3cd7-495e-b69b-7ce6e03238da
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amzn-trace-id
Root=1-62185523-19efed2730c65eba2c396c73
x-amz-apigw-id
OFI9mFniPHcF4aA=
content-length
20860
x-amz-cf-id
kMfRKJJQPzJV1__ykn_YWdmq8gSrAQioYs1IXQTM26X5AILY-_EweA==
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v125/ 		121 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v125/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b49d58e13f9edc496b9e239b5e5c08757d26551bd16628cf996d3af0b769f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://idaas-cdn.wprd1.balglobal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 22:57:34 GMT
x-content-type-options
nosniff
age
363973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123876
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 21:23:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Feb 2023 22:57:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://idaas-cdn.wprd1.balglobal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
205438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 18:59:49 GMT
maintenance.json
idaas-cdn.wprd1.balglobal.com/idaas-ui/ 		550 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/maintenance.json
Requested by
Host: idaas-cdn.wprd1.balglobal.com
URL: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/app.5fc293ce1d2095a69e39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
8bd81cb4c41f101e6caeacc2aec8220514dfc24ac4a93a408e1925238cd18788

Request headers

Accept
application/json, text/plain, */*
Referer
https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 04:03:47 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
9a84d538-80cc-4bcd-8768-620cde2aeaf7
x-cache
Miss from cloudfront
content-type
application/json
cache-control
private, max-age=0, no-cache
x-amzn-trace-id
Root=1-62185523-5a04da873beb518f3e1898f1
x-amz-apigw-id
OFI9mE1sPHcFx3A=
content-length
550
x-amz-cf-id
k2GKEpBK660Tp_XtyNOKhsAXjP_sG518UZYe3zfHap4rMjGErc9sow==
h
heapanalytics.com/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1057759589&u=8438571472711382&v=2244153224525153&s=1270044970439764&b=web&tv=4.0&z=2&g=%23%2Flogin%3FReturnUrl%3Dhttps%253A%252F%252Fidaas-api.wprd1.balglobal.com%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253DCaseApp%2526code_challenge%253DN2pikvJgfwmeBnzh09Iz75QvwONc3suSrQ_oeXepP3M%2526code_challenge_method%253DS256%2526redirect_uri%253Dhttps%25253A%25252F%25252Fcobalt2.balglobal.com%25252Fcallback.html%2526response_mode%253Dquery%2526response_type%253Dcode%2526scope%253Dopenid%252520profile%252520cobalt.restapi.casemanagement%252520cobalt.restapi.docgen%252520idaas%252520offline_access%252520custom.profile%252520documents-api-read%252520documents-api-write%252520notification-api-manage%252520bb.billing-api%2526state%253Dce0307a501c7443ca33caf372900cde8&h=%2Fidaas-ui%2F&d=idaas-cdn.wprd1.balglobal.com&t=Cobalt&ts=1645761827282&sp=ts&sp=1645761824457&sp=d&sp=cobalt2.balglobal.com&sp=h&sp=%2F&sp=g&sp=%23%2Fdashboard%2Fhome%3FtriggerPassword%3Dtrue&st=1645761827283
Requested by
Host: idaas-cdn.wprd1.balglobal.com
URL: https://idaas-cdn.wprd1.balglobal.com/idaas-ui/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.41.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-41-181.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 04:03:47 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| APP_CONFIG object| heap object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

2 Cookies

Domain/Path Name / Value
.balglobal.com/ Name: _hp2_ses_props.1057759589
Value: %7B%22ts%22%3A1645761824457%2C%22d%22%3A%22cobalt2.balglobal.com%22%2C%22h%22%3A%22%2F%22%2C%22g%22%3A%22%23%2Fdashboard%2Fhome%3FtriggerPassword%3Dtrue%22%7D
.balglobal.com/ Name: _hp2_id.1057759589
Value: %7B%22userId%22%3A%228438571472711382%22%2C%22pageviewId%22%3A%222244153224525153%22%2C%22sessionId%22%3A%221270044970439764%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

1 Console Messages

Source Level URL
Text
network error URL: https://notification-api.wprd1.balglobal.com/notification-api/connections
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none'; default-src 'none'; frame-src 'self' https://*.wprd1.balglobal.com https://recaptcha.net https://app.powerbi.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.wprd1.balglobal.com https://cdn.heapanalytics.com https://js-agent.newrelic.com https://bam.nr-data.net https://*.intercom.io https://*.intercomcdn.com pdf.js resource://pdf.js; style-src 'self' https://*.wprd1.balglobal.com https://fonts.gstatic.com https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' blob: https://*.wprd1.balglobal.com https://bal-applicationdata-wprd1.s3.us-west-2.amazonaws.com https://heapanalytics.com https://*.intercom.io https://*.intercomcdn.com https://*.intercomassets.com data:; connect-src 'self' https://bal-applicationdata-wprd1.s3.us-west-2.amazonaws.com https://*.wprd1.balglobal.com wss://ws.wprd1.balglobal.com https://*.amazonaws.com api-a.wprd1.balglobal.com docgen2-api-a.wprd1.balglobal.com cobalt-docs.com heapanalytics.com https://bam.nr-data.net https://*.intercom.io https://*.intercomcdn.com wss://*.intercom.io ws:; font-src 'self' https://*.wprd1.balglobal.com https://fonts.gstatic.com https://fonts.googleapis.com https://*.intercomcdn.com data:; media-src 'self' https://*.wprd1.balglobal.com https://*.intercomcdn.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
cobalt2.balglobal.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
idaas-api.wprd1.balglobal.com
idaas-cdn.wprd1.balglobal.com
notification-api.wprd1.balglobal.com
143.204.98.102
18.66.248.51
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
3.213.41.181
54.149.17.76
65.9.63.86
01e21892cd2ed618655e848032d0e962efaecf4ccd31cbb402f573384b205aae
0656fd73033822ba1f64497abd545ecad0bc3ee24ef2d8f2e98dfdf38a1ecf60
073e1c3f4b629289ada7b6c55d150a868977ae3d9db53ccc28c5b3c1854906e2
11be0c76553d52eb547d2a60eeb96c24fb7e09007777456dc052400316bc791c
1a4b72109c5aec5e529fdf161be9efdbc7f76b44a6f2f51054ffdba0f81fa6c4
1fa6ee53c3ef19ace03102a1db4f117bb978ee63e116882903cc157caeff67a4
21e65bc4a3044794d00eab6949777325d095f5373cd35347babb585cfa9b8ea7
2b9a977bd5d9f543f8d362f5e9373ac09ecbdc1294549d419a2ac4b55d33409d
30d0ca4b5ce84e1319c6435ef1ab0881fceb2a7a03150983e994a897a5be74fa
34b47cd875ffa49486de883ea806226d3ab902f8a171c3934cf4f16c4c0500c8
34c1ba2d6ca546864bd81a974280d2c1a63aea157dd8b46b9bd5cbc5a767b591
485fa9644b14058ebe8a472a9329941917a72aeed694f6a14880058c79c1ed75
49005131997248e40aad918b7096e1034d3b3549334e8f35647805bee32c16ed
4d155b0fe592a96c16aa42beed5ee24da3619eef037dfdae277c733700fe14d6
4fc58a932cc05fcae55c0b48ed3a04394ce7b8234a9bad92cf085d559d337497
63b49d58e13f9edc496b9e239b5e5c08757d26551bd16628cf996d3af0b769f2
6c90bad7c4cb44004e147333a2f0f557ffbbe844c28c2538d468cccbddb2096a
6e0830bbc8e3a2f8c60bcdf8d52755ef35b932f0fd819d75bc0c12a224af8dbb
74d62a24236575c743646848dc65c795211c6648e08853487148b4892a772cb2
7bfe8fbf313885841aa21f79231354b17af2c1e023a7d073c6d6b2eac25ac74b
7ef8a93c4388d3d9dfc038f1e8e72fb17ffc69411d160851c3b7e4c994d9b4c6
7f6b8cd8eed1e77b5628aa79162f9e058a011eda2a4bde19a1c64739858ad58c
8bd81cb4c41f101e6caeacc2aec8220514dfc24ac4a93a408e1925238cd18788
9217f882016ebff2ad36fb2882730bf19594a98b9d2d533db05866760b14707e
93bee6bf9dbc4b1152cf8e0bd4b879e06389d8b027fd1271cff235d3eb04b356
9bfa039504fe05b74747f83bfcc0c8f47741e20ffde7d508cd84a9367b21c8a5
a3b24925fa11a535047d3c4ed86e941e48fd5baf148ff6a9c172c68e07e1f233
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba4e912448c4b0b9ad315e3f876ca2d7edb757b50561069eaedcfce3c95432a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d38f28816dd2a84d3ef0260c8becf15798f15fec469efa7caa80ae0d09c31247
d9eb8702a5f7c93a9cfed72d3a67ec279d0c09d7eab6fe9a125b87fd06e41974
da5f8957e843a0f716f7c647d33eb136216c3e6090352f86dba63fec2736779e
de21d92ba29e945a948bc5b8ff8ad54b7b81fda13eca4dda6f677fee57f63cf4
e12c324a7beaa4a005fd4321129c475fc853d45a6c7ea7dd9918c2e50eeaea12
e514dd39dfaeda006e2311e1aa8ed0a95167cf4294b7116bacf0f0b9877c7a14
f171247a2250d15889156f1c19ec61515cbaba0b038d118f59a001f641d583ba
f9020be2755cf0492e8dea1f914ca871ff7bb526af5e499000f3c9b5893d818e