idaas-cdn-prd.balglobal.com Open in urlscan Pro
65.9.7.127  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response idaas-cdn-prd.balglobal.com/	2 KB 3 KB	366ms 234ms	Document text/html	65.9.7.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://idaas-cdn-prd.balglobal.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.7.127 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d54e4344211293d8db8d904b2397d0d3ab2c92b6f4c7cbfb2c8d8f2fa2361cf8 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src https://idaas-api-prd.balglobal.com https://idaas-cdn-prd.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:; Strict-Transport-Security max-age=86400; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers :method GET :authority idaas-cdn-prd.balglobal.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-type text/html content-length 1773 date Mon, 11 Jan 2021 12:41:24 GMT x-amzn-requestid 58ffa730-4e41-4de4-b687-19829c3b245f referrer-policy same-origin x-xss-protection 1; mode=block strict-transport-security max-age=86400; includeSubdomains; preload x-frame-options deny content-security-policy default-src 'self'; connect-src https://idaas-api-prd.balglobal.com https://idaas-cdn-prd.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:; x-amz-apigw-id Y_AaKFPFvHcFrMA= cache-control private, max-age=0, no-cache x-content-type-options nosniff x-amzn-trace-id Root=1-5ffc4774-558e22447cb5b7576ca2bfdb x-cache Miss from cloudfront via 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amz-cf-id mlzmtb8KZh6PUiKbyZ_g9wlFSuw0si2PfTp5cmho9-UZZ3zKpthQBg==
GET H2	200	icon fonts.googleapis.com/	574 B 466 B	17ms 15ms	Stylesheet text/css	2a00:1450:4001:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: idaas-cdn-prd.balglobal.com URL: https://idaas-cdn-prd.balglobal.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 11 Jan 2021 12:41:24 GMT server ESF date Mon, 11 Jan 2021 12:41:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Jan 2021 12:41:24 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 761 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto Requested by Host: idaas-cdn-prd.balglobal.com URL: https://idaas-cdn-prd.balglobal.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9bb68175959856eadcef304110797c7811ad9ffb3aaed182712ef2754d6ff781 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 11 Jan 2021 12:41:24 GMT server ESF date Mon, 11 Jan 2021 12:41:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Jan 2021 12:41:24 GMT
GET H2	200	config.js Show response idaas-cdn-prd.balglobal.com/	278 B 620 B	496ms 495ms	Script application/x-javascript	65.9.7.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://idaas-cdn-prd.balglobal.com/config.js?1f3f666fc8d92c7c5e93 Requested by Host: idaas-cdn-prd.balglobal.com URL: https://idaas-cdn-prd.balglobal.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.7.127 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 79860c7b9eda6fb4bf0d7662c85a7a3b80591aeb4a55aca7c44453180cbbb1fc Request headers Referer https://idaas-cdn-prd.balglobal.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 11 Jan 2021 12:41:24 GMT via 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amzn-requestid 4e83ba84-68b7-43e7-98f5-6b0333628e5f x-cache Miss from cloudfront content-type application/x-javascript x-amzn-trace-id Root=1-5ffc4774-19f69a1a57a0c21c4d6e3e2f x-amz-apigw-id Y_AaQE4OPHcF3GA= content-length 278 x-amz-cf-id F4jM_8n61lYkxK7lNTepbF0giAqpAsk43_0-JPIavaWhUq6C_fCgsw==
GET H2	200	app.1f3f666fc8d92c7c5e93.js Show response idaas-cdn-prd.balglobal.com/	638 KB 639 KB	663ms 662ms	Script application/x-javascript	65.9.7.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://idaas-cdn-prd.balglobal.com/app.1f3f666fc8d92c7c5e93.js Requested by Host: idaas-cdn-prd.balglobal.com URL: https://idaas-cdn-prd.balglobal.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.7.127 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 3a384117bcb57b5b8590460d4345f1af12d42730c1fd3a51297891092497f459 Request headers Referer https://idaas-cdn-prd.balglobal.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 11 Jan 2021 12:41:24 GMT via 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amzn-requestid b29ef1ad-e056-4c9f-956e-93e38f146705 x-cache Miss from cloudfront content-type application/x-javascript x-amzn-trace-id Root=1-5ffc4774-20e4708e3149cb106b600059 x-amz-apigw-id Y_AaQF_qvHcFz0A= content-length 653217 x-amz-cf-id bi4lMQYscMZ2YA8xwEQp8j4al74hdYTsokTPL4hkH5Z-aq3YCL7Z3Q==
GET H2	200	heap-1057759589.js Show response cdn.heapanalytics.com/js/	105 KB 41 KB	273ms 177ms	Script application/javascript	13.225.80.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-1057759589.js Requested by Host: idaas-cdn-prd.balglobal.com URL: https://idaas-cdn-prd.balglobal.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.47 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-47.fra2.r.cloudfront.net Software nginx / Resource Hash 26982001e60c41920a8e77cb3a3668c394e40bedf45f43080c0acc08bc4aed84 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 11 Jan 2021 12:41:25 GMT content-encoding gzip server nginx x-amz-cf-pop FRA2-C2 etag W/"1a3f3-1AA3HrpMGBU5J7llyg/KzQ" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 via 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront) cache-control public, max-age=120 x-amz-cf-id hZH-dBbZ3ZPN3_HREoeX5pEZ72Vi4MDI2qy7RHJpszepOqrlxBjhsw==
GET H2	200	CobaltLogo_SingleColor.svg idaas-cdn-prd.balglobal.com/	20 KB 21 KB	369ms 368ms	Image image/svg+xml	65.9.7.127 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://idaas-cdn-prd.balglobal.com/CobaltLogo_SingleColor.svg Requested by Host: idaas-cdn-prd.balglobal.com URL: https://idaas-cdn-prd.balglobal.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.7.127 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 073e1c3f4b629289ada7b6c55d150a868977ae3d9db53ccc28c5b3c1854906e2 Request headers Referer https://idaas-cdn-prd.balglobal.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 11 Jan 2021 12:41:25 GMT via 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amzn-requestid e8547f67-df82-4e90-94df-72bf59a45690 x-cache Miss from cloudfront content-type image/svg+xml x-amzn-trace-id Root=1-5ffc4775-6c9f744660d77d3673f9cab9 x-amz-apigw-id Y_AabGhePHcF7pw= content-length 20860 x-amz-cf-id DkNbAnADYLSN-h4Z_MeN67bKf2Sci5n61O-ZJ2qIFPbA_YeJ3XfAsw==
GET H2	200	h heapanalytics.com/	37 B 213 B	400ms 134ms	Image image/gif	3.229.228.113 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/h?a=1057759589&u=3968863103570742&v=2402679508294292&s=6051359564418226&b=web&tv=4.0&z=0&g=%23%2Fregister%3Fcode%3Df262ec78-ae32-4098-b4f5-ad791e351b17&h=%2F&d=idaas-cdn-prd.balglobal.com&t=Cobalt&ts=1610368885738&st=1610368885739 Requested by Host: idaas-cdn-prd.balglobal.com URL: https://idaas-cdn-prd.balglobal.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.228.113 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-228-113.compute-1.amazonaws.com Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jan 2021 12:41:26 GMT cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate server nginx etag W/"25-PqzQEyMQ6kTK11azeKO8Bw" content-length 37 content-type image/gif

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| APP_CONFIG object| heap object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.balglobal.com/	1970-01-19 15:19:30	Name: _hp2_ses_props.1057759589 Value: %7B%22ts%22%3A1610368885738%2C%22d%22%3A%22idaas-cdn-prd.balglobal.com%22%2C%22h%22%3A%22%2F%22%2C%22g%22%3A%22%23%2Fregister%3Fcode%3Df262ec78-ae32-4098-b4f5-ad791e351b17%22%7D
			.balglobal.com/	1970-01-20 00:47:26	Name: _hp2_id.1057759589 Value: %7B%22userId%22%3A%223968863103570742%22%2C%22pageviewId%22%3A%222402679508294292%22%2C%22sessionId%22%3A%226051359564418226%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src https://idaas-api-prd.balglobal.com https://idaas-cdn-prd.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:;
Strict-Transport-Security	max-age=86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
fonts.googleapis.com
heapanalytics.com
idaas-cdn-prd.balglobal.com
13.225.80.47
2a00:1450:4001:81e::200a
3.229.228.113
65.9.7.127
073e1c3f4b629289ada7b6c55d150a868977ae3d9db53ccc28c5b3c1854906e2
26982001e60c41920a8e77cb3a3668c394e40bedf45f43080c0acc08bc4aed84
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
3a384117bcb57b5b8590460d4345f1af12d42730c1fd3a51297891092497f459
79860c7b9eda6fb4bf0d7662c85a7a3b80591aeb4a55aca7c44453180cbbb1fc
9bb68175959856eadcef304110797c7811ad9ffb3aaed182712ef2754d6ff781
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d54e4344211293d8db8d904b2397d0d3ab2c92b6f4c7cbfb2c8d8f2fa2361cf8