www.ruthballantyne.com Open in urlscan Pro
52.170.197.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.rbreferralrewards.com/
Effective URL:
https://www.ruthballantyne.com/referrals_help
Submission: On January 17 via api (January 17th 2024, 9:41:10 pm UTC) from US — Scanned from US

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 20 HTTP transactions. The main IP is 52.170.197.133, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.ruthballantyne.com.
TLS certificate: Issued by R3 on November 30th 2023. Valid for: 3 months.

This is the only time www.ruthballantyne.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	40.76.50.119 40.76.50.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 12	52.170.197.133 52.170.197.133	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
5	3.223.193.129 3.223.193.129	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
20	6

1 40.76.50.119 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.rbreferralrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.170.197.133 (Tappahannock, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ruthballantyne.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ruthballantyne.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.223.193.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-193-129.compute-1.amazonaws.com

widgetbe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ruthballantyne.com 2 redirects ruthballantyne.com www.ruthballantyne.com	685 KB
5	widgetbe.com widgetbe.com — Cisco Umbrella Rank: 134384	274 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	91 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	rbreferralrewards.com 1 redirects www.rbreferralrewards.com	244 B
20	7

	Domain	Requested by
11	www.ruthballantyne.com	1 redirects www.ruthballantyne.com
5	widgetbe.com	www.ruthballantyne.com widgetbe.com
2	connect.facebook.net	www.ruthballantyne.com connect.facebook.net
1	www.facebook.com	www.ruthballantyne.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.ruthballantyne.com
1	ruthballantyne.com	1 redirects
1	www.rbreferralrewards.com	1 redirects
20	8

This site contains links to these domains. Also see Links.

Domain
maps.google.com

Subject Issuer	Validity	Valid
ruthballantyne.com R3	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
widgetbe.com Amazon RSA 2048 M01	`2023-10-05` - `2024-11-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.ruthballantyne.com/referrals_help
Frame ID: 80B997CE371D31F44B996793258A10B8
Requests: 18 HTTP requests in this frame

Frame: https://widgetbe.com/widget
Frame ID: 9FC3C10579E3200C88582C78B3923427
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Your Referrals Help the Children

Page URL History Show full URLs

https://www.rbreferralrewards.com/ HTTP 302
http://ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help HTTP 302
https://www.ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help HTTP 302
https://www.ruthballantyne.com/referrals_help Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

1100 kB
Transfer

1754 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://maps.google.com/?q=391%20Main%20St.%20North,%20Brampton%20ON%20L6X%201N7
Title: 391 Main St. North, Brampton ON L6X 1N7

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.rbreferralrewards.com/ HTTP 302
http://ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help HTTP 302
https://www.ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help HTTP 302
https://www.ruthballantyne.com/referrals_help Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request referrals_help Show response
www.ruthballantyne.com/
Redirect Chain

https://www.rbreferralrewards.com/
http://ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help
https://www.ruthballantyne.com/redir.asp?T=rbreferralrewards.com&page=referrals_help
https://www.ruthballantyne.com/referrals_help

39 KB
13 KB

110ms
110ms

Document
text/html

52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ruthballantyne.com/referrals_help
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4a57825563dc335d80f6a97eb17274aa21a5ec0b010f8b675cbc8e21ac9aa6c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=1200
content-encoding: gzip
content-length: 12879
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 21:41:04 GMT
expires: Wed, 17 Jan 2024 22:01:05 GMT
last-modified: Wed, 17 Jan 2024 21:41:05 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding

Redirect headers

cache-control: private
content-length: 132
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 21:41:04 GMT
location: /referrals_help
server: Microsoft-IIS/10.0

GET
H2 200 css
fonts.googleapis.com/ 11 KB
2 KB 190ms
68ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1394881b000e5c2bca37e77a30fe205f14f7566cb43df1f4e98a28a90a115f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 21:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 19:50:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 21:41:05 GMT

GET
H2 200 styles
www.ruthballantyne.com/bundles/hdx/srem1/ 266 KB
61 KB 187ms
186ms Stylesheet
text/css 52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ruthballantyne.com/bundles/hdx/srem1/styles?v=SkG1NJQj8lh8gaHaoXPyYwUXKlDiPBu5qWxbiV_YQtI1
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 0d70d3617076f597b221c25014efb5e34c7374d6da36ea57edc79dcb951817a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/referrals_help
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:41:04 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 21:41:05 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public
content-length: 62671
expires: Thu, 16 Jan 2025 21:41:05 GMT

GET
H2 200 scripts Show response
www.ruthballantyne.com/bundles/hdx/srem1/ 275 KB
108 KB 68ms
66ms Script
text/javascript 52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ruthballantyne.com/bundles/hdx/srem1/scripts?v=Av7RhmRbgOY3NyuCsiHd-xBhHSv983b0SNgpnlsrgtU1
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 137e44b07200df1f149d63e31f787016a4279b1c5b9fb78ef14fcb08efb5560e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/referrals_help
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:41:04 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 21:41:05 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Thu, 16 Jan 2025 21:41:05 GMT

GET
H2 200 Headshot_Ruth.png
www.ruthballantyne.com/MyFiles/ 94 KB
94 KB 248ms
247ms Image
image/png 52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ruthballantyne.com/MyFiles/Headshot_Ruth.png
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7396278435b504479c4b09b4879e10d792fe108f939a9f09ad4e50e2295bb455

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/referrals_help
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 21:41:05 GMT
date: Wed, 17 Jan 2024 21:41:04 GMT
cache-control: private, max-age=2592000
server: Microsoft-IIS/10.0
content-length: 96033
content-type: image/png

GET
H2 200 referrals_help.jpg
www.ruthballantyne.com/share/images/nb/ENG/ 64 KB
64 KB 306ms
305ms Image
image/jpeg 52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ruthballantyne.com/share/images/nb/ENG/referrals_help.jpg
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 79de61bb95413117d5cd1ceccad448d9d3d7a45f60bad6d92e85e6281db18c36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/referrals_help
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:41:04 GMT
last-modified: Mon, 25 May 2015 21:33:34 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "ffb544743297d01:0"
content-length: 65136
content-type: image/jpeg

GET
H2 200 Headshot_Ruth.png
www.ruthballantyne.com/myFiles/ 94 KB
94 KB 76ms
76ms Image
image/png 52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ruthballantyne.com/myFiles/Headshot_Ruth.png
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7396278435b504479c4b09b4879e10d792fe108f939a9f09ad4e50e2295bb455

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/referrals_help
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 21:41:05 GMT
date: Wed, 17 Jan 2024 21:41:05 GMT
cache-control: private, max-age=2592000
server: Microsoft-IIS/10.0
content-length: 96033
content-type: image/png

GET
H2 200 agent Show response
widgetbe.com/ 78 KB
78 KB 254ms
64ms Script
application/javascript 3.223.193.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/agent
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.193.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-193-129.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23 / PHP/8.1.23
Resource Hash: 486e20e257e5489757d50fd9233cdf7554b1dc619349544d90738162fbfda136

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:41:05 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23
x-powered-by: PHP/8.1.23
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, private, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
expires: Thu, 16 Jan 2025 21:41:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 205ms
66ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Jan 2024 21:41:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: yyoCV9UxbWtEojhwArDCjHb3Q2Eas6olkMBxbzf/KPZAK0OQXMbTm+a4bO1JqFFCqC7AbaUNrPcVIzbH+XXKZQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 20th_main_banner.jpg
www.ruthballantyne.com/content/hdx/srem1/img/ 186 KB
187 KB 66ms
66ms Image
image/jpeg 52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ruthballantyne.com/content/hdx/srem1/img/20th_main_banner.jpg
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 09f384a0db68af149bd7d714c6c63ad2695db25708e5a8f6edf33dc4fbad2ed1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/referrals_help
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:41:05 GMT
last-modified: Tue, 16 Jan 2024 18:49:30 GMT
server: Microsoft-IIS/10.0
etag: "059cdbcac48da1:0"
content-type: image/jpeg
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 190824

GET
H2 200 fontawesome-webfont.woff2
www.ruthballantyne.com/content/common/fonts/ 63 KB
63 KB 67ms
66ms Font
application/font-woff2 52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ruthballantyne.com/content/common/fonts/fontawesome-webfont.woff2
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/bundles/hdx/srem1/styles?v=SkG1NJQj8lh8gaHaoXPyYwUXKlDiPBu5qWxbiV_YQtI1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://www.ruthballantyne.com/bundles/hdx/srem1/styles?v=SkG1NJQj8lh8gaHaoXPyYwUXKlDiPBu5qWxbiV_YQtI1
Origin: https://www.ruthballantyne.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:41:05 GMT
last-modified: Tue, 16 Jan 2024 18:49:30 GMT
server: Microsoft-IIS/10.0
etag: "059cdbcac48da1:0"
content-type: application/font-woff2
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 64464

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 214ms
65ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ruthballantyne.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:26:11 GMT
x-content-type-options: nosniff
age: 72894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 01:26:11 GMT

GET
H2 200 getkey Show response
www.ruthballantyne.com/api/general/ 144 B
363 B 93ms
92ms XHR
text/html 52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ruthballantyne.com/api/general/getkey
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/bundles/hdx/srem1/scripts?v=Av7RhmRbgOY3NyuCsiHd-xBhHSv983b0SNgpnlsrgtU1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8db0720b729be8de74ed3e96c8e6a59241f73f2d6353676fcba46dca6f055441

Request headers

Accept: */*
Referer: https://www.ruthballantyne.com/referrals_help
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 21:41:05 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: -1

GET
H2 200 getkey Show response
www.ruthballantyne.com/api/general/ 144 B
340 B 91ms
91ms XHR
text/html 52.170.197.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ruthballantyne.com/api/general/getkey
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/bundles/hdx/srem1/scripts?v=Av7RhmRbgOY3NyuCsiHd-xBhHSv983b0SNgpnlsrgtU1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.170.197.133 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8db0720b729be8de74ed3e96c8e6a59241f73f2d6353676fcba46dca6f055441

Request headers

Accept: */*
Referer: https://www.ruthballantyne.com/referrals_help
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 21:41:05 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: -1

GET
H2 200 223043136026004 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 126ms
125ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/223043136026004?v=2.9.140&r=stable&domain=www.ruthballantyne.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49ad5b1d681fda63a5ade59a1a319797e09fa637f2cc2831bb3b435683f7be98

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Jan 2024 21:41:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: m5E1Wz4CCQe4UuhwMj/ovAVN/bdDuVoTA7UwN7P2jukScjVZ06tgLAthuXqzF1oYpuiwhbQZ34Rk/Fzjcf8HXg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 config Show response
widgetbe.com/ 238 B
572 B 209ms
93ms XHR
application/json 3.223.193.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/config
Requested by: Host: widgetbe.com
URL: https://widgetbe.com/agent
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.193.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-193-129.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23 / PHP/8.1.23
Resource Hash: 837fb7eee0ff6621348d07e1d2b001893bed1764ab353f3d63c1cf637e2e3049

Request headers

Referer: https://www.ruthballantyne.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 17 Jan 2024 21:41:06 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23
x-powered-by: PHP/8.1.23
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 198ms
65ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=223043136026004&ev=PageView&dl=https%3A%2F%2Fwww.ruthballantyne.com%2Freferrals_help&rl=&if=false&ts=1705527665976&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705527665975.743589979&ler=empty&it=1705527665816&coo=false&rqm=GET

Requested by

Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 Jan 2024 21:41:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 widget Show response
widgetbe.com/ Frame 9FC3 173 KB
174 KB 81ms
80ms Script
application/javascript 3.223.193.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/widget
Requested by: Host: www.ruthballantyne.com
URL: https://www.ruthballantyne.com/referrals_help
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.193.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-193-129.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23 / PHP/8.1.23
Resource Hash: 27f1c653fa57efb0f78386773681eae6bc3fedc7daadc1f0d52ba00af9c67705

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ruthballantyne.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:41:06 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23
x-powered-by: PHP/8.1.23
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, private, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
expires: Thu, 16 Jan 2025 21:41:06 GMT

POST
H2 200 pages Show response
widgetbe.com/ 0
325 B 130ms
129ms XHR
text/html 3.223.193.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/pages
Requested by: Host: widgetbe.com
URL: https://widgetbe.com/agent
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.193.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-193-129.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23 / PHP/8.1.23
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ruthballantyne.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 17 Jan 2024 21:41:06 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23
x-powered-by: PHP/8.1.23
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
content-length: 0

GET
H2 200 proximanova-regular-webfont.woff2
widgetbe.com/fonts/ Frame 9FC3 21 KB
21 KB 59ms
58ms Font
font/woff2 3.223.193.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/fonts/proximanova-regular-webfont.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.193.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-193-129.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23 /
Resource Hash: b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795

Request headers

Referer: https://www.ruthballantyne.com/
Origin: https://www.ruthballantyne.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:41:06 GMT
last-modified: Tue, 05 Dec 2023 15:13:14 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23
etag: "54c4-60bc4ac6ec236"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 21700
expires: Thu, 16 Jan 2025 21:41:06 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rbreferralrewards.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: dn3oyqnzmr3ptu2ewdya5eva
www.ruthballantyne.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: wwojjcmq0c1gxjsgedsruua5
www.ruthballantyne.com/	1969-12-31 23:59:59	Name: lang Value: ENG
.ruthballantyne.com/	1970-01-20 17:46:54	Name: SwsHit Value: 1
.ruthballantyne.com/	1970-01-20 17:46:54	Name: T0 Value: 712662728656626572752616c77265776157264732e3636f6d
.ruthballantyne.com/	1970-01-20 22:04:39	Name: T1 Value: 712662728656626572752616c77265776157264732e3636f6d
.ruthballantyne.com/	1970-01-20 19:55:03	Name: _fbp Value: fb.1.1705527665975.743589979
.ruthballantyne.com/	1970-01-21 03:21:27	Name: WidgetTrackerCookie Value: fd952bfb-60bb-4e1e-b510-dc4660a68589

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://widgetbe.com/agent Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ruthballantyne.com
widgetbe.com
www.facebook.com
www.rbreferralrewards.com
www.ruthballantyne.com
2607:f8b0:4004:c19::5f
2607:f8b0:4006:822::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.223.193.129
40.76.50.119
52.170.197.133
09f384a0db68af149bd7d714c6c63ad2695db25708e5a8f6edf33dc4fbad2ed1
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0d70d3617076f597b221c25014efb5e34c7374d6da36ea57edc79dcb951817a3
137e44b07200df1f149d63e31f787016a4279b1c5b9fb78ef14fcb08efb5560e
1394881b000e5c2bca37e77a30fe205f14f7566cb43df1f4e98a28a90a115f33
27f1c653fa57efb0f78386773681eae6bc3fedc7daadc1f0d52ba00af9c67705
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
486e20e257e5489757d50fd9233cdf7554b1dc619349544d90738162fbfda136
49ad5b1d681fda63a5ade59a1a319797e09fa637f2cc2831bb3b435683f7be98
4a57825563dc335d80f6a97eb17274aa21a5ec0b010f8b675cbc8e21ac9aa6c8
7396278435b504479c4b09b4879e10d792fe108f939a9f09ad4e50e2295bb455
79de61bb95413117d5cd1ceccad448d9d3d7a45f60bad6d92e85e6281db18c36
837fb7eee0ff6621348d07e1d2b001893bed1764ab353f3d63c1cf637e2e3049
8db0720b729be8de74ed3e96c8e6a59241f73f2d6353676fcba46dca6f055441
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.ruthballantyne.com Open in urlscan Pro 52.170.197.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

6 IPs

1 Countries

1100 kBTransfer

1754 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

8 Cookies

1 Console Messages

Indicators

www.ruthballantyne.com Open in urlscan Pro
52.170.197.133 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

1100 kB
Transfer

1754 kB
Size

8
Cookies

20 HTTP transactions
0 data transactions