![](/screenshots/57a8b05c-8c8a-4e2a-add0-5d23a583e51f.png)
www.ruthballantyne.com
Open in
urlscan Pro
52.170.197.133
Public Scan
Effective URL: https://www.ruthballantyne.com/referrals_help
Submission: On January 17 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on November 30th 2023. Valid for: 3 months.
This is the only time www.ruthballantyne.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 40.76.50.119 40.76.50.119 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 12 | 52.170.197.133 52.170.197.133 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c19::5f | 15169 (GOOGLE) (GOOGLE) | |
5 | 3.223.193.129 3.223.193.129 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:822::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
20 | 6 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.rbreferralrewards.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ruthballantyne.com | |
www.ruthballantyne.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-193-129.compute-1.amazonaws.com
widgetbe.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
ruthballantyne.com
2 redirects
ruthballantyne.com www.ruthballantyne.com |
685 KB |
5 |
widgetbe.com
widgetbe.com — Cisco Umbrella Rank: 134384 |
274 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174 |
91 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 107 |
185 B |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
2 KB |
1 |
rbreferralrewards.com
1 redirects
www.rbreferralrewards.com |
244 B |
20 | 7 |
Domain | Requested by | |
---|---|---|
11 | www.ruthballantyne.com |
1 redirects
www.ruthballantyne.com
|
5 | widgetbe.com |
www.ruthballantyne.com
widgetbe.com |
2 | connect.facebook.net |
www.ruthballantyne.com
connect.facebook.net |
1 | www.facebook.com |
www.ruthballantyne.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
www.ruthballantyne.com
|
1 | ruthballantyne.com | 1 redirects |
1 | www.rbreferralrewards.com | 1 redirects |
20 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
maps.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ruthballantyne.com R3 |
2023-11-30 - 2024-02-28 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
widgetbe.com Amazon RSA 2048 M01 |
2023-10-05 - 2024-11-03 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-10-27 - 2024-01-25 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.ruthballantyne.com/referrals_help
Frame ID: 80B997CE371D31F44B996793258A10B8
Requests: 18 HTTP requests in this frame
Frame:
https://widgetbe.com/widget
Frame ID: 9FC3C10579E3200C88582C78B3923427
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/57a8b05c-8c8a-4e2a-add0-5d23a583e51f.png)
Page Title
Your Referrals Help the ChildrenPage URL History Show full URLs
-
https://www.rbreferralrewards.com/
HTTP 302
http://ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help HTTP 302
https://www.ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help HTTP 302
https://www.ruthballantyne.com/referrals_help Page URL
Detected technologies
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: 391 Main St. North, Brampton ON L6X 1N7
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.rbreferralrewards.com/
HTTP 302
http://ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help HTTP 302
https://www.ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help HTTP 302
https://www.ruthballantyne.com/referrals_help Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
referrals_help
www.ruthballantyne.com/ Redirect Chain
|
39 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles
www.ruthballantyne.com/bundles/hdx/srem1/ |
266 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts
www.ruthballantyne.com/bundles/hdx/srem1/ |
275 KB 108 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Headshot_Ruth.png
www.ruthballantyne.com/MyFiles/ |
94 KB 94 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
referrals_help.jpg
www.ruthballantyne.com/share/images/nb/ENG/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Headshot_Ruth.png
www.ruthballantyne.com/myFiles/ |
94 KB 94 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
agent
widgetbe.com/ |
78 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
212 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20th_main_banner.jpg
www.ruthballantyne.com/content/hdx/srem1/img/ |
186 KB 187 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
www.ruthballantyne.com/content/common/fonts/ |
63 KB 63 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getkey
www.ruthballantyne.com/api/general/ |
144 B 363 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getkey
www.ruthballantyne.com/api/general/ |
144 B 340 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
223043136026004
connect.facebook.net/signals/config/ |
131 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
config
widgetbe.com/ |
238 B 572 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget
widgetbe.com/ Frame 9FC3 |
173 KB 174 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pages
widgetbe.com/ |
0 325 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proximanova-regular-webfont.woff2
widgetbe.com/fonts/ Frame 9FC3 |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| showPopup function| submitPopupForm function| lazyloadListingImages function| lazyloadImages function| showListings function| showLocationError function| sendVerify function| submitVerifyPopupForm function| createMyListingsNL function| createMyListings function| getParameterByName function| $ function| jQuery object| jQuery1124004269674910986532 boolean| au_tika function| sharePageViaEmail object| hiddenForm string| WidgetTrackerObject function| widgetTracker function| fbq function| _fbq object| regeneratorRuntime8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.rbreferralrewards.com/ | Name: ASP.NET_SessionId Value: dn3oyqnzmr3ptu2ewdya5eva |
|
www.ruthballantyne.com/ | Name: ASP.NET_SessionId Value: wwojjcmq0c1gxjsgedsruua5 |
|
www.ruthballantyne.com/ | Name: lang Value: ENG |
|
.ruthballantyne.com/ | Name: SwsHit Value: 1 |
|
.ruthballantyne.com/ | Name: T0 Value: 712662728656626572752616c77265776157264732e3636f6d |
|
.ruthballantyne.com/ | Name: T1 Value: 712662728656626572752616c77265776157264732e3636f6d |
|
.ruthballantyne.com/ | Name: _fbp Value: fb.1.1705527665975.743589979 |
|
.ruthballantyne.com/ | Name: WidgetTrackerCookie Value: fd952bfb-60bb-4e1e-b510-dc4660a68589 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ruthballantyne.com
widgetbe.com
www.facebook.com
www.rbreferralrewards.com
www.ruthballantyne.com
2607:f8b0:4004:c19::5f
2607:f8b0:4006:822::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.223.193.129
40.76.50.119
52.170.197.133
09f384a0db68af149bd7d714c6c63ad2695db25708e5a8f6edf33dc4fbad2ed1
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0d70d3617076f597b221c25014efb5e34c7374d6da36ea57edc79dcb951817a3
137e44b07200df1f149d63e31f787016a4279b1c5b9fb78ef14fcb08efb5560e
1394881b000e5c2bca37e77a30fe205f14f7566cb43df1f4e98a28a90a115f33
27f1c653fa57efb0f78386773681eae6bc3fedc7daadc1f0d52ba00af9c67705
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
486e20e257e5489757d50fd9233cdf7554b1dc619349544d90738162fbfda136
49ad5b1d681fda63a5ade59a1a319797e09fa637f2cc2831bb3b435683f7be98
4a57825563dc335d80f6a97eb17274aa21a5ec0b010f8b675cbc8e21ac9aa6c8
7396278435b504479c4b09b4879e10d792fe108f939a9f09ad4e50e2295bb455
79de61bb95413117d5cd1ceccad448d9d3d7a45f60bad6d92e85e6281db18c36
837fb7eee0ff6621348d07e1d2b001893bed1764ab353f3d63c1cf637e2e3049
8db0720b729be8de74ed3e96c8e6a59241f73f2d6353676fcba46dca6f055441
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855