idaas-cdn-prd.balglobal.com Open in urlscan Pro
65.9.58.24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://idaas-cdn-prd.balglobal.com/
Submission: On February 06 via manual (February 6th 2021, 5:45:54 am UTC) from IN

Summary HTTP 47 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 4 domains to perform 47 HTTP transactions. The main IP is 65.9.58.24, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is idaas-cdn-prd.balglobal.com.
TLS certificate: Issued by Amazon on December 15th 2020. Valid for: a year.

This is the only time idaas-cdn-prd.balglobal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	65.9.58.24 65.9.58.24	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	13.225.78.89 13.225.78.89	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
19	52.88.98.8 52.88.98.8	16509 (AMAZON-02) (AMAZON-02)
3	3.229.228.113 3.229.228.113	14618 (AMAZON-AES) (AMAZON-AES)
2	13.225.78.129 13.225.78.129	16509 (AMAZON-02) (AMAZON-02)
1 2	13.225.78.82 13.225.78.82	16509 (AMAZON-02) (AMAZON-02)
47	9

10 65.9.58.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)

idaas-cdn-prd.balglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-89.fra2.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.88.98.8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-98-8.us-west-2.compute.amazonaws.com

cobalt2.balglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.229.228.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-228-113.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net

notification-api-prd.balglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.82 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-82.fra2.r.cloudfront.net

idaas-api-prd.balglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	balglobal.com 1 redirects idaas-cdn-prd.balglobal.com cobalt2.balglobal.com notification-api-prd.balglobal.com idaas-api-prd.balglobal.com	11 MB
6	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	124 KB
5	googleapis.com fonts.googleapis.com	3 KB
4	gstatic.com fonts.gstatic.com	217 KB
47	4

	Domain	Requested by
19	cobalt2.balglobal.com	idaas-cdn-prd.balglobal.com cobalt2.balglobal.com
10	idaas-cdn-prd.balglobal.com	idaas-cdn-prd.balglobal.com cobalt2.balglobal.com
5	fonts.googleapis.com	idaas-cdn-prd.balglobal.com cobalt2.balglobal.com
4	fonts.gstatic.com	fonts.googleapis.com
3	heapanalytics.com	idaas-cdn-prd.balglobal.com
3	cdn.heapanalytics.com	idaas-cdn-prd.balglobal.com cobalt2.balglobal.com
2	idaas-api-prd.balglobal.com	1 redirects idaas-cdn-prd.balglobal.com
2	notification-api-prd.balglobal.com	idaas-cdn-prd.balglobal.com
47	8

This site contains links to these domains. Also see Links.

Domain
www.balglobal.com

Subject Issuer	Validity	Valid
idaas-cdn-prd.balglobal.com Amazon	`2020-12-15` - `2022-01-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.balglobal.com Amazon	`2020-09-28` - `2021-10-28`	a year	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://idaas-cdn-prd.balglobal.com/
Frame ID: 7BB5F69D439CC20BC52736E908C801A9
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://idaas-cdn-prd.balglobal.com/ Page URL
https://cobalt2.balglobal.com/ Page URL
https://idaas-api-prd.balglobal.com/connect/authorize?client_id=CaseApp&redirect_uri=https%3A%2F%2Fcobalt2.balgl... HTTP 302
https://idaas-cdn-prd.balglobal.com/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /heap-\d+\.js/i

Page Statistics

47
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

8
Subdomains

9
IPs

2
Countries

11845 kB
Transfer

17118 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.balglobal.com/terms-of-use-and-privacy-policy/
Title: Privacy Statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://idaas-cdn-prd.balglobal.com/ Page URL
https://cobalt2.balglobal.com/ Page URL
https://idaas-api-prd.balglobal.com/connect/authorize?client_id=CaseApp&redirect_uri=https%3A%2F%2Fcobalt2.balglobal.com%2Fcallback.html&response_type=code&scope=openid%20profile%20cobalt.restapi.casemanagement%20cobalt.restapi.docgen%20idaas%20offline_access%20custom.profile%20documents-api-read%20documents-api-write%20notification-api-manage%20bb.billing-api&state=4673cdecb6044da3aa07510369ddf99a&code_challenge=QV78YKNcNho_C2Npph7YmB6A086RXjO8FS3EYAUvX9s&code_challenge_method=S256&response_mode=query HTTP 302
https://idaas-cdn-prd.balglobal.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
idaas-cdn-prd.balglobal.com/ 2 KB
3 KB 261ms
201ms Document
text/html 65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://idaas-cdn-prd.balglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d54e4344211293d8db8d904b2397d0d3ab2c92b6f4c7cbfb2c8d8f2fa2361cf8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://idaas-api-prd.balglobal.com https://idaas-cdn-prd.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:;
Strict-Transport-Security	max-age=86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: idaas-cdn-prd.balglobal.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html
content-length: 1773
date: Sat, 06 Feb 2021 05:45:30 GMT
x-amzn-requestid: eb7d5125-2f73-4d96-838a-5c9f8d7f124a
referrer-policy: same-origin
x-xss-protection: 1; mode=block
strict-transport-security: max-age=86400; includeSubdomains; preload
x-frame-options: deny
content-security-policy: default-src 'self'; connect-src https://idaas-api-prd.balglobal.com https://idaas-cdn-prd.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:;
x-amz-apigw-id: aTv3MEkfPHcFdQQ=
cache-control: private, max-age=0, no-cache
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-601e2cfa-2a9471970c51e2ed0a6fdbe6
x-cache: Miss from cloudfront
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: oFXeIK3Jh5ynb6xPKQqkMBd4ZMbxuGE-GKbQgZGJ6ubug1bqCvMhHg==

GET
H2 200 icon
fonts.googleapis.com/ 574 B
466 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79badf5d90265492a34381241a85b38131c6400dd115aae01b3299ec5d11b3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 05:45:30 GMT
server: ESF
date: Sat, 06 Feb 2021 05:45:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Feb 2021 05:45:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
761 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bb68175959856eadcef304110797c7811ad9ffb3aaed182712ef2754d6ff781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 05:45:30 GMT
server: ESF
date: Sat, 06 Feb 2021 05:45:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Feb 2021 05:45:30 GMT

GET
H2 200 config.js Show response
idaas-cdn-prd.balglobal.com/ 278 B
619 B 470ms
469ms Script
application/x-javascript 65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idaas-cdn-prd.balglobal.com/config.js?1f3f666fc8d92c7c5e93
Requested by: Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9a6dd97d33976930738c77ac946f3aab02be60f20fd7ed5477a15d372747855d

Request headers

Referer: https://idaas-cdn-prd.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:31 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 25202ccb-183d-4975-bbd8-35832a9b5439
x-cache: Miss from cloudfront
content-type: application/x-javascript
x-amzn-trace-id: Root=1-601e2cfb-708b50a60fe9c945278c7ae1
x-amz-apigw-id: aTv3RGcIPHcF46g=
content-length: 278
x-amz-cf-id: ozcbdWNyvQtmzL-nW7NgSy4NV4pYLFTryDyxTlilkTi7_Vbe9rRO5g==

GET
H2 200 app.1f3f666fc8d92c7c5e93.js Show response
idaas-cdn-prd.balglobal.com/ 638 KB
639 KB 352ms
351ms Script
application/x-javascript 65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idaas-cdn-prd.balglobal.com/app.1f3f666fc8d92c7c5e93.js
Requested by: Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3a384117bcb57b5b8590460d4345f1af12d42730c1fd3a51297891092497f459

Request headers

Referer: https://idaas-cdn-prd.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:31 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 93cb7dac-a71f-456b-805d-f48b8c410e29
x-cache: Miss from cloudfront
content-type: application/x-javascript
x-amzn-trace-id: Root=1-601e2cfa-650179494abfcdb00615dcb9
x-amz-apigw-id: aTv3OFeCvHcFcnw=
content-length: 653217
x-amz-cf-id: G4DQYQvrRk4rO8d-nzyDM9EZclmxveLrj8gJpe0PB83W5OsI3j7vfw==

GET
H2 200 heap-1057759589.js Show response
cdn.heapanalytics.com/js/ 105 KB
41 KB 80ms
30ms Script
application/javascript 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1057759589.js

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.89 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

150b7a983eccfe6a2a687349b7c777a27de25f4989c7bd06e22f937396881bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:43:55 GMT
content-encoding: gzip
server: nginx
age: 96
etag: W/"1a3f3-59JdUHRXV4ZopMswaO7RuQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA2-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: gKOmWdox7yonnEbF2YgMfCkh46NMUgycoGhKoISrdH4QbInusBPm9w==

GET
H2 200 CobaltLogo_SingleColor.svg
idaas-cdn-prd.balglobal.com/ 20 KB
21 KB 608ms
607ms Image
image/svg+xml 65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idaas-cdn-prd.balglobal.com/CobaltLogo_SingleColor.svg
Requested by: Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://idaas-cdn-prd.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:32 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 1fc5d9ae-4047-4ce4-afc7-dfb92dd028fe
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amzn-trace-id: Root=1-601e2cfc-3615de2e6b06d0cf19efc601
x-amz-apigw-id: aTv3hGFbPHcFcSw=
content-length: 20860
x-amz-cf-id: ybawS-i214VH8wySauBG6AkcjiaCaSI31PIYKkZnZjt-OLmx2suX8g==

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v76/ 98 KB
98 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v76/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://idaas-cdn-prd.balglobal.com
Referer: https://fonts.googleapis.com/icon?family=Material+Icons
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 00:27:36 GMT
server: sffe
age: 146928
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99932
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:44 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://idaas-cdn-prd.balglobal.com
Referer: https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 91193
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:39 GMT

GET
H2 200 / Show response
cobalt2.balglobal.com/ 7 KB
3 KB 570ms
182ms Document
text/html 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/app.1f3f666fc8d92c7c5e93.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

bccb04296b3c8be2513df3da2fa99e32c24272adcb2d62e41d76707fbcbdb633

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://app.powerbi.com https://.balglobal.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.heapanalytics.com https://js-agent.newrelic.com https://bam.nr-data.net pdf.js resource://pdf.js; style-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com 'unsafe-inline'; img-src docgen2-filebrowser-prd.balglobal.com https://heapanalytics.com 'self' data:; connect-src 'self' https://.balglobal.com wss://ws-prd.balglobal.com https://*.amazonaws.com api-prd.balglobal.com docgen2-api-prd.balglobal.com api-prd.balglobal.com docgen2-api-prd.balglobal.com cobalt-docs.com heapanalytics.com https://bam.nr-data.net; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

:method: GET
:authority: cobalt2.balglobal.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:32 GMT
content-type: text/html
content-length: 2199
cache-control: max-age=0,no-store
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
accept-ranges: bytes
etag: "0154e4fdead61:0"
vary: Accept-Encoding
server: Microsoft-IIS/8.5
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; frame-src https://app.powerbi.com https://*.balglobal.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.heapanalytics.com https://js-agent.newrelic.com https://bam.nr-data.net pdf.js resource://pdf.js; style-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com 'unsafe-inline'; img-src docgen2-filebrowser-prd.balglobal.com https://heapanalytics.com 'self' data:; connect-src 'self' https://*.balglobal.com wss://ws-prd.balglobal.com https://*.amazonaws.com api-prd.balglobal.com docgen2-api-prd.balglobal.com api-prd.balglobal.com docgen2-api-prd.balglobal.com cobalt-docs.com heapanalytics.com https://bam.nr-data.net; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com data:;

GET
H2 200 maintenance.json
idaas-cdn-prd.balglobal.com/ 630 B
999 B 473ms
473ms XHR
application/json 65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idaas-cdn-prd.balglobal.com/maintenance.json
Requested by: Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/app.1f3f666fc8d92c7c5e93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://idaas-cdn-prd.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:32 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 84da669b-9d3d-45fe-bbc1-521ad1e10156
x-cache: Miss from cloudfront
content-type: application/json
cache-control: private, max-age=0, no-cache
x-amzn-trace-id: Root=1-601e2cfc-0659a06423e05d2668cb69a5
x-amz-apigw-id: aTv3hH45PHcF3BQ=
content-length: 630
x-amz-cf-id: izJE0duGvJtCSUlZwIYoYmKXGBB2XaFqqOU1RMFpSJHH46BL-B32CA==

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 297ms
99ms Image
image/gif 3.229.228.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1057759589&u=5801536559693785&v=2375011436774240&s=4836188030493337&b=web&tv=4.0&z=0&g=%23%2Flogin&h=%2F&d=idaas-cdn-prd.balglobal.com&t=Cobalt&ts=1612590332519&pr=%2F&st=1612590332520

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.228.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-228-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 05:45:32 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 env-build.js Show response
cobalt2.balglobal.com/config/ 3 KB
1 KB 187ms
183ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/config/env-build.js?v=244132026d953f7fbc8d

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

2cbcd08d04a3cfc496d09bce186b0806c68d6c75ad475153b3c9726253f6eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sat, 30 Jan 2021 10:16:36 GMT
server: Microsoft-IIS/8.5
etag: "0da85fdf0f6d61:0"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 1195

GET
H2 200 oidc-client.min.js Show response
cobalt2.balglobal.com/ 353 KB
354 KB 522ms
519ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/oidc-client.min.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

1a4b72109c5aec5e529fdf161be9efdbc7f76b44a6f2f51054ffdba0f81fa6c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 361376

GET
H2 200 vendor~253ae210.244132026d953f7fbc8d.css
cobalt2.balglobal.com/ 135 KB
135 KB 355ms
352ms Stylesheet
text/css 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~253ae210.244132026d953f7fbc8d.css

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

6c90bad7c4cb44004e147333a2f0f557ffbbe844c28c2538d468cccbddb2096a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 137933

GET
H2 200 vendor~37127547.244132026d953f7fbc8d.css
cobalt2.balglobal.com/ 1 KB
1 KB 186ms
183ms Stylesheet
text/css 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~37127547.244132026d953f7fbc8d.css

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

e12c324a7beaa4a005fd4321129c475fc853d45a6c7ea7dd9918c2e50eeaea12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 1199

GET
H2 200 vendor~678f84af.244132026d953f7fbc8d.css
cobalt2.balglobal.com/ 1 MB
1 MB 524ms
521ms Stylesheet
text/css 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~678f84af.244132026d953f7fbc8d.css

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

11be0c76553d52eb547d2a60eeb96c24fb7e09007777456dc052400316bc791c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 1505687

GET
H2 200 vendor~fd731fb0.244132026d953f7fbc8d.css
cobalt2.balglobal.com/ 22 KB
3 KB 187ms
184ms Stylesheet
text/css 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~fd731fb0.244132026d953f7fbc8d.css

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

01e21892cd2ed618655e848032d0e962efaecf4ccd31cbb402f573384b205aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 2850

GET
H2 200 css~d0ae3f07.244132026d953f7fbc8d.css
cobalt2.balglobal.com/ 258 KB
259 KB 523ms
520ms Stylesheet
text/css 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/css~d0ae3f07.244132026d953f7fbc8d.css

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

34c1ba2d6ca546864bd81a974280d2c1a63aea157dd8b46b9bd5cbc5a767b591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 264527

GET
H2 200 app~d0ae3f07.244132026d953f7fbc8d.css
cobalt2.balglobal.com/ 1 MB
712 KB 523ms
520ms Stylesheet
text/css 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/app~d0ae3f07.244132026d953f7fbc8d.css

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

a8685f6ee494c55515c6c78459858c563fae8471735c5612236629aa55035ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 728087

GET
H2 200 react~d0ae3f07.244132026d953f7fbc8d.css
cobalt2.balglobal.com/ 70 KB
70 KB 522ms
519ms Stylesheet
text/css 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/react~d0ae3f07.244132026d953f7fbc8d.css

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

9c6697c8c775dabb23ee982f2fe93b2763f86fd2aa6c498af945dd122381afa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: text/css
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 71220

GET
H2 200 vendor~253ae210.244132026d953f7fbc8d.js Show response
cobalt2.balglobal.com/ 2 MB
2 MB 523ms
520ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~253ae210.244132026d953f7fbc8d.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

89b0c8593cdabdb2c2e1d9331abca2fdb1e29c592b88d75e4940eabbbfeee89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 2573833

GET
H2 200 vendor~37127547.244132026d953f7fbc8d.js Show response
cobalt2.balglobal.com/ 728 KB
180 KB 522ms
519ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~37127547.244132026d953f7fbc8d.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

4998ef3ab49e2d6ba5a2489c1f00a1a7ada21cc599b9d20c23a1edbbf50a2714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 183579

GET
H2 200 vendor~e4173fa2.244132026d953f7fbc8d.js Show response
cobalt2.balglobal.com/ 18 KB
18 KB 522ms
519ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~e4173fa2.244132026d953f7fbc8d.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

fdf8cdbde6918033dbd3ce77db8f74e726a37588e98ac20aceb1b8de7d7d95d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 18383

GET
H2 200 vendor~7274e1de.244132026d953f7fbc8d.js Show response
cobalt2.balglobal.com/ 330 KB
74 KB 523ms
521ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~7274e1de.244132026d953f7fbc8d.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

5136f51eb256e0ad7f2be4e4fcf79b83651e54cca47648afa55ac6b876357e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 75286

GET
H2 200 vendor~1f20a385.244132026d953f7fbc8d.js Show response
cobalt2.balglobal.com/ 2 MB
2 MB 690ms
688ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~1f20a385.244132026d953f7fbc8d.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

959095126af3d8c737fa4a39c2b10f5b3ba6ebead11d0b64adf93f4abe9334c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 2260213

GET
H2 200 vendor~678f84af.244132026d953f7fbc8d.js Show response
cobalt2.balglobal.com/ 2 MB
387 KB 523ms
521ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~678f84af.244132026d953f7fbc8d.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

93fd8476c5a3e0e9c71877a48a0158b2bd2d88479f57591d2e6159c602c36a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 395270

GET
H2 200 vendor~fd731fb0.244132026d953f7fbc8d.js Show response
cobalt2.balglobal.com/ 755 KB
756 KB 523ms
521ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/vendor~fd731fb0.244132026d953f7fbc8d.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

42a2e345122785c6c2a5f8af3612ca3a1aa26faa09059631cff8ffcef2a38222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 773489

GET
H2 200 app~d0ae3f07.244132026d953f7fbc8d.js Show response
cobalt2.balglobal.com/ 2 MB
399 KB 522ms
521ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/app~d0ae3f07.244132026d953f7fbc8d.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

4652d8ceec137710a2715972c3078faa74f4f3741dcc95540175b80fb2f1e743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 407550

GET
H2 200 react~d0ae3f07.244132026d953f7fbc8d.js Show response
cobalt2.balglobal.com/ 564 KB
565 KB 525ms
523ms Script
application/javascript 52.88.98.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalt2.balglobal.com/react~d0ae3f07.244132026d953f7fbc8d.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.98.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-98-8.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

7e3ef61342a422575dadb24661ca7a6f11b2d047e80c6e10edeca1f23e9406f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:33 GMT
last-modified: Thu, 14 Jan 2021 00:36:34 GMT
server: Microsoft-IIS/8.5
etag: "0154e4fdead61:0"
x-frame-options: DENY
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 578005

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
919 B 42ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/vendor~678f84af.244132026d953f7fbc8d.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44bbd41a152df40ae99043e510a51da8ad97dadd3f28d1c21be248a4bd98942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cobalt2.balglobal.com/vendor~678f84af.244132026d953f7fbc8d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 04:49:28 GMT
server: ESF
date: Sat, 06 Feb 2021 05:45:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Feb 2021 05:45:34 GMT

GET
DATA 200
OK truncated
/ 55 KB
55 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ef8a93c4388d3d9dfc038f1e8e72fb17ffc69411d160851c3b7e4c994d9b4c6

Request headers

Origin: https://cobalt2.balglobal.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: font/ttf

OPTIONS
H2 204 connections
notification-api-prd.balglobal.com/ 0
0 239ms
179ms Other 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notification-api-prd.balglobal.com/connections

Protocol

Server

13.225.78.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-129.fra2.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://cobalt2.balglobal.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 06 Feb 2021 05:45:35 GMT
x-amzn-requestid: 36f6008e-15b2-4d1e-8595-1a8d17ac153d
access-control-allow-origin: https://cobalt2.balglobal.com
strict-transport-security: max-age=2592000
access-control-allow-headers: authorization
x-amz-apigw-id: aTv38EHfvHcFr_w=
x-amzn-trace-id: Root=1-601e2cff-70566003502b21cd521e5829;Sampled=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: JIGkgjNLeNIHLkCWHqbCR1BzsFUJZ-SkmfP8Yff0tklfy2jtjcRYMA==

GET
H2 200 heap-1057759589.js Show response
cdn.heapanalytics.com/js/ 105 KB
41 KB 25ms
25ms Script
application/javascript 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1057759589.js

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/app~d0ae3f07.244132026d953f7fbc8d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.89 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

150b7a983eccfe6a2a687349b7c777a27de25f4989c7bd06e22f937396881bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:43:55 GMT
content-encoding: gzip
server: nginx
age: 100
etag: W/"1a3f3-59JdUHRXV4ZopMswaO7RuQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA2-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: rq4KeSUH5iJeqFuRX4NMqImf5yfxq9kZ0wbKyQQZCC7DM7Zvlkoh0g==

GET
H2 200 openid-configuration
idaas-api-prd.balglobal.com/.well-known/ 2 KB
2 KB 537ms
466ms XHR
application/json 13.225.78.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://idaas-api-prd.balglobal.com/.well-known/openid-configuration

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.82 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-82.fra2.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:35 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 6245be8e-6377-4758-987b-5abb683e8cba
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cobalt2.balglobal.com
x-amzn-trace-id: Root=1-601e2cff-2b2884363d2a9b74082a7a7e;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: aTv3_HM6vHcFjtg=
content-length: 2035
x-amz-cf-id: ce9LQ8UEyT1dlxn_JU04-vnDJTrx71-pS6nAi47WJBiwIuJVWmj_bw==

POST
H2 401 connections Show response
notification-api-prd.balglobal.com/ 0
472 B 228ms
179ms XHR
text/plain 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://notification-api-prd.balglobal.com/connections

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-129.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json
Referer: https://cobalt2.balglobal.com/
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-amzn-remapped-www-authenticate: Bearer error="invalid_token"
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 62612c92-7027-4203-9bb1-9ca352d8f289
strict-transport-security: max-age=2592000
x-cache: Error from cloudfront
access-control-allow-origin: https://cobalt2.balglobal.com
date: Sat, 06 Feb 2021 05:45:35 GMT
access-control-allow-credentials: true
x-amz-apigw-id: aTv3_GdcvHcFmMg=
content-length: 0
x-amzn-trace-id: Root=1-601e2cff-7262ce686c18cafa0cadf7c3;Sampled=0
x-amz-cf-id: r-Be3Vt9CKT5GYpxv15TaGmNawYW8v-PKVRYeGhGlAYG-b9xWaKsuw==

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 99ms
99ms Image
image/gif 3.229.228.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1057759589&u=5801536559693785&v=3921519454028808&s=4836188030493337&b=web&tv=4.0&z=2&h=%2F&d=cobalt2.balglobal.com&ts=1612590335495&sp=ts&sp=1612590332519&sp=d&sp=idaas-cdn-prd.balglobal.com&sp=h&sp=%2F&sp=g&sp=%23%2Flogin&st=1612590335495

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.228.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-228-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cobalt2.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 05:45:35 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2

200

Primary Request / Show response
idaas-cdn-prd.balglobal.com/
Redirect Chain

https://idaas-api-prd.balglobal.com/connect/authorize?client_id=CaseApp&redirect_uri=https%3A%2F%2Fcobalt2.balglobal.com%2Fcallback.html&response_type=code&scope=openid%20profile%20cobalt.restapi.c...
https://idaas-cdn-prd.balglobal.com/

2 KB
3 KB

197ms
195ms

Document
text/html

65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://idaas-cdn-prd.balglobal.com/

Requested by

Host: cobalt2.balglobal.com
URL: https://cobalt2.balglobal.com/vendor~1f20a385.244132026d953f7fbc8d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d54e4344211293d8db8d904b2397d0d3ab2c92b6f4c7cbfb2c8d8f2fa2361cf8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://idaas-api-prd.balglobal.com https://idaas-cdn-prd.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:;
Strict-Transport-Security	max-age=86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: idaas-cdn-prd.balglobal.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://cobalt2.balglobal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _hp2_ses_props.1057759589=%7B%22ts%22%3A1612590332519%2C%22d%22%3A%22idaas-cdn-prd.balglobal.com%22%2C%22h%22%3A%22%2F%22%2C%22g%22%3A%22%23%2Flogin%22%7D; _hp2_id.1057759589=%7B%22userId%22%3A%225801536559693785%22%2C%22pageviewId%22%3A%223921519454028808%22%2C%22sessionId%22%3A%224836188030493337%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cobalt2.balglobal.com/

Response headers

content-type: text/html
content-length: 1773
date: Sat, 06 Feb 2021 05:45:36 GMT
x-amzn-requestid: 02c30472-5f35-4ad5-9c55-b0c7abd83374
referrer-policy: same-origin
x-xss-protection: 1; mode=block
strict-transport-security: max-age=86400; includeSubdomains; preload
x-frame-options: deny
content-security-policy: default-src 'self'; connect-src https://idaas-api-prd.balglobal.com https://idaas-cdn-prd.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:;
x-amz-apigw-id: aTv4HGwfvHcFaOA=
cache-control: private, max-age=0, no-cache
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-601e2d00-70fa51263e54dfb549d64438
x-cache: Miss from cloudfront
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9b5aCaT6C2XPQTXB2yGgptnxPrZBlkXsSnGZFMGswtlGTwWzTZBeqg==

Redirect headers

content-length: 0
location: https://idaas-cdn-prd.balglobal.com/#/login?ReturnUrl=https%3A%2F%2Fidaas-api-prd.balglobal.com%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DCaseApp%26code_challenge%3DQV78YKNcNho_C2Npph7YmB6A086RXjO8FS3EYAUvX9s%26code_challenge_method%3DS256%26redirect_uri%3Dhttps%253A%252F%252Fcobalt2.balglobal.com%252Fcallback.html%26response_mode%3Dquery%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520cobalt.restapi.casemanagement%2520cobalt.restapi.docgen%2520idaas%2520offline_access%2520custom.profile%2520documents-api-read%2520documents-api-write%2520notification-api-manage%2520bb.billing-api%26state%3D4673cdecb6044da3aa07510369ddf99a
date: Sat, 06 Feb 2021 05:45:36 GMT
x-amzn-requestid: 2743541c-06f1-4dd3-93ee-d0e6c45359b4
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-apigw-id: aTv4FHa3PHcFXpQ=
x-amzn-trace-id: Root=1-601e2d00-240a421754f07eee72e12b69;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 0x6xIoQvXEEi_gQLivK2_Lc-3UsxOeCtzPTm5TiMS8zZLv05lwDpiA==

GET
H3-Q050 200 icon
fonts.googleapis.com/ 574 B
438 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79badf5d90265492a34381241a85b38131c6400dd115aae01b3299ec5d11b3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 05:45:36 GMT
server: ESF
date: Sat, 06 Feb 2021 05:45:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Feb 2021 05:45:36 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 4 KB
710 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bb68175959856eadcef304110797c7811ad9ffb3aaed182712ef2754d6ff781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 05:45:36 GMT
server: ESF
date: Sat, 06 Feb 2021 05:45:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Feb 2021 05:45:36 GMT

GET
H2 200 config.js Show response
idaas-cdn-prd.balglobal.com/ 278 B
619 B 203ms
201ms Script
application/x-javascript 65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idaas-cdn-prd.balglobal.com/config.js?1f3f666fc8d92c7c5e93
Requested by: Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9a6dd97d33976930738c77ac946f3aab02be60f20fd7ed5477a15d372747855d

Request headers

Referer: https://idaas-cdn-prd.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:36 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: b9ce92df-04d9-4078-ac48-18930d445dbc
x-cache: Miss from cloudfront
content-type: application/x-javascript
x-amzn-trace-id: Root=1-601e2d00-590b8cb77c32c2321ec4a613
x-amz-apigw-id: aTv4JHNcPHcF7Kw=
content-length: 278
x-amz-cf-id: nitjc0AKweuT4MlxJlnunO6mFnoErmS-xJXdT-Fzr-NNwQiMvd3mBA==

GET
H2 200 app.1f3f666fc8d92c7c5e93.js Show response
idaas-cdn-prd.balglobal.com/ 638 KB
639 KB 626ms
625ms Script
application/x-javascript 65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idaas-cdn-prd.balglobal.com/app.1f3f666fc8d92c7c5e93.js
Requested by: Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3a384117bcb57b5b8590460d4345f1af12d42730c1fd3a51297891092497f459

Request headers

Referer: https://idaas-cdn-prd.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:37 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 4840d149-c722-4266-9bcf-c5485dadb78e
x-cache: Miss from cloudfront
content-type: application/x-javascript
x-amzn-trace-id: Root=1-601e2d01-75d7f4143b3252ca7d1e79c0
x-amz-apigw-id: aTv4MEZePHcFqAw=
content-length: 653217
x-amz-cf-id: 22ggFDEzYmSxlxFtn4aBdYoG8eyVMPabXIOWtC6v5L27yMwVq-BRng==

GET
H2 200 heap-1057759589.js Show response
cdn.heapanalytics.com/js/ 105 KB
41 KB 24ms
23ms Script
application/javascript 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1057759589.js

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.89 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

150b7a983eccfe6a2a687349b7c777a27de25f4989c7bd06e22f937396881bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:43:55 GMT
content-encoding: gzip
server: nginx
age: 101
etag: W/"1a3f3-59JdUHRXV4ZopMswaO7RuQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA2-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: xJQoxumNAINkJRTt-wy079lo2Qdc5zu--nW-n5PMgrwXpsdRiVlbZw==

GET
H2 200 CobaltLogo_SingleColor.svg
idaas-cdn-prd.balglobal.com/ 20 KB
21 KB 611ms
610ms Image
image/svg+xml 65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idaas-cdn-prd.balglobal.com/CobaltLogo_SingleColor.svg
Requested by: Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 073e1c3f4b629289ada7b6c55d150a868977ae3d9db53ccc28c5b3c1854906e2

Request headers

Referer: https://idaas-cdn-prd.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:38 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 89e602bf-2115-480b-96d1-785daf2eaa25
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amzn-trace-id: Root=1-601e2d02-2edf606f7c66523714025f21
x-amz-apigw-id: aTv4YEiDvHcF2VA=
content-length: 20860
x-amz-cf-id: Fo8JQoqEZbzHhMsnxAko7cm0TArrt6eamXiSLdjM_H4hiJ9tMa-HvA==

GET
H3-Q050 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v76/ 98 KB
98 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v76/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49ed6881b7532f6fd5a5714d27dc4beb4354ae8f54132cd77340dd1b149e4c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://idaas-cdn-prd.balglobal.com
Referer: https://fonts.googleapis.com/icon?family=Material+Icons
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 00:27:36 GMT
server: sffe
age: 146933
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99932
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:44 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://idaas-cdn-prd.balglobal.com
Referer: https://fonts.googleapis.com/css?family=Aref+Ruqaa|Mirza|Roboto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 91198
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:39 GMT

GET
H2 200 maintenance.json Show response
idaas-cdn-prd.balglobal.com/ 630 B
997 B 467ms
467ms XHR
application/json 65.9.58.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idaas-cdn-prd.balglobal.com/maintenance.json
Requested by: Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/app.1f3f666fc8d92c7c5e93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c28292e0cd69de49770226c8201965d126c1b507e7f894bce7098b78e12a258e

Request headers

Accept: application/json, text/plain, */*
Referer: https://idaas-cdn-prd.balglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:45:38 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 7ded819a-a141-4ae3-8a0f-ea4aa63427e4
x-cache: Miss from cloudfront
content-type: application/json
cache-control: private, max-age=0, no-cache
x-amzn-trace-id: Root=1-601e2d02-311f6e51464875d962088207
x-amz-apigw-id: aTv4YF33vHcFlJA=
content-length: 630
x-amz-cf-id: 0JiFiEJIbcYaVmovRbPBWTsaoC-m_qmDjVdc8vjr-H0MyDpbQ73LSQ==

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 99ms
98ms Image
image/gif 3.229.228.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1057759589&u=5801536559693785&v=3425308209981195&s=4836188030493337&b=web&tv=4.0&z=2&g=%23%2Flogin%3FReturnUrl%3Dhttps%253A%252F%252Fidaas-api-prd.balglobal.com%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253DCaseApp%2526code_challenge%253DQV78YKNcNho_C2Npph7YmB6A086RXjO8FS3EYAUvX9s%2526code_challenge_method%253DS256%2526redirect_uri%253Dhttps%25253A%25252F%25252Fcobalt2.balglobal.com%25252Fcallback.html%2526response_mode%253Dquery%2526response_type%253Dcode%2526scope%253Dopenid%252520profile%252520cobalt.restapi.casemanagement%252520cobalt.restapi.docgen%252520idaas%252520offline_access%252520custom.profile%252520documents-api-read%252520documents-api-write%252520notification-api-manage%252520bb.billing-api%2526state%253D4673cdecb6044da3aa07510369ddf99a&h=%2F&d=idaas-cdn-prd.balglobal.com&t=Cobalt&r=https%3A%2F%2Fcobalt2.balglobal.com%2F&ts=1612590338014&sp=ts&sp=1612590332519&sp=d&sp=idaas-cdn-prd.balglobal.com&sp=h&sp=%2F&sp=g&sp=%23%2Flogin&st=1612590338015

Requested by

Host: idaas-cdn-prd.balglobal.com
URL: https://idaas-cdn-prd.balglobal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.228.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-228-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 05:45:38 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.balglobal.com/	1970-01-20 01:24:27	Name: _hp2_id.1057759589 Value: %7B%22userId%22%3A%225801536559693785%22%2C%22pageviewId%22%3A%223425308209981195%22%2C%22sessionId%22%3A%224836188030493337%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.balglobal.com/	1970-01-19 15:56:32	Name: _hp2_ses_props.1057759589 Value: %7B%22ts%22%3A1612590332519%2C%22d%22%3A%22idaas-cdn-prd.balglobal.com%22%2C%22h%22%3A%22%2F%22%2C%22g%22%3A%22%23%2Flogin%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cobalt2.balglobal.com/(Line 61) Message: ReferenceError: $window is not defined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src https://idaas-api-prd.balglobal.com https://idaas-cdn-prd.balglobal.com ; img-src https://heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'self' data:; frame-src www.google.com; script-src 'self' https://cdn.heapanalytics.com https://recaptcha.net https://www.gstatic.com https://www.google.com/ 'unsafe-inline'; style-src https: 'unsafe-inline'; object-src 'none'; font-src https:;
Strict-Transport-Security	max-age=86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
cobalt2.balglobal.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
idaas-api-prd.balglobal.com
idaas-cdn-prd.balglobal.com
notification-api-prd.balglobal.com
13.225.78.129
13.225.78.82
13.225.78.89
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
3.229.228.113
52.88.98.8
65.9.58.24
01e21892cd2ed618655e848032d0e962efaecf4ccd31cbb402f573384b205aae
073e1c3f4b629289ada7b6c55d150a868977ae3d9db53ccc28c5b3c1854906e2
11be0c76553d52eb547d2a60eeb96c24fb7e09007777456dc052400316bc791c
150b7a983eccfe6a2a687349b7c777a27de25f4989c7bd06e22f937396881bd3
1a4b72109c5aec5e529fdf161be9efdbc7f76b44a6f2f51054ffdba0f81fa6c4
2cbcd08d04a3cfc496d09bce186b0806c68d6c75ad475153b3c9726253f6eaf7
34c1ba2d6ca546864bd81a974280d2c1a63aea157dd8b46b9bd5cbc5a767b591
3a384117bcb57b5b8590460d4345f1af12d42730c1fd3a51297891092497f459
42a2e345122785c6c2a5f8af3612ca3a1aa26faa09059631cff8ffcef2a38222
4652d8ceec137710a2715972c3078faa74f4f3741dcc95540175b80fb2f1e743
4998ef3ab49e2d6ba5a2489c1f00a1a7ada21cc599b9d20c23a1edbbf50a2714
49ed6881b7532f6fd5a5714d27dc4beb4354ae8f54132cd77340dd1b149e4c98
5136f51eb256e0ad7f2be4e4fcf79b83651e54cca47648afa55ac6b876357e8e
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6c90bad7c4cb44004e147333a2f0f557ffbbe844c28c2538d468cccbddb2096a
79badf5d90265492a34381241a85b38131c6400dd115aae01b3299ec5d11b3f5
7e3ef61342a422575dadb24661ca7a6f11b2d047e80c6e10edeca1f23e9406f6
7ef8a93c4388d3d9dfc038f1e8e72fb17ffc69411d160851c3b7e4c994d9b4c6
89b0c8593cdabdb2c2e1d9331abca2fdb1e29c592b88d75e4940eabbbfeee89e
93fd8476c5a3e0e9c71877a48a0158b2bd2d88479f57591d2e6159c602c36a8b
959095126af3d8c737fa4a39c2b10f5b3ba6ebead11d0b64adf93f4abe9334c0
9a6dd97d33976930738c77ac946f3aab02be60f20fd7ed5477a15d372747855d
9bb68175959856eadcef304110797c7811ad9ffb3aaed182712ef2754d6ff781
9c6697c8c775dabb23ee982f2fe93b2763f86fd2aa6c498af945dd122381afa0
a44bbd41a152df40ae99043e510a51da8ad97dadd3f28d1c21be248a4bd98942
a8685f6ee494c55515c6c78459858c563fae8471735c5612236629aa55035ee3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bccb04296b3c8be2513df3da2fa99e32c24272adcb2d62e41d76707fbcbdb633
c28292e0cd69de49770226c8201965d126c1b507e7f894bce7098b78e12a258e
d54e4344211293d8db8d904b2397d0d3ab2c92b6f4c7cbfb2c8d8f2fa2361cf8
e12c324a7beaa4a005fd4321129c475fc853d45a6c7ea7dd9918c2e50eeaea12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fdf8cdbde6918033dbd3ce77db8f74e726a37588e98ac20aceb1b8de7d7d95d3

idaas-cdn-prd.balglobal.com Open in urlscan Pro 65.9.58.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

25 %IPv6

4 Domains

8 Subdomains

9 IPs

2 Countries

11845 kBTransfer

17118 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

idaas-cdn-prd.balglobal.com Open in urlscan Pro
65.9.58.24 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

8
Subdomains

9
IPs

2
Countries

11845 kB
Transfer

17118 kB
Size

2
Cookies

47 HTTP transactions
1 data transactions