balanced.plus Open in urlscan Pro
104.19.154.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://securelinks.ca/
Effective URL:
https://balanced.plus/
Submission: On July 04 via automatic, source certstream-suspicious (July 4th 2024, 8:07:39 am UTC) — Scanned from CA

Summary HTTP 60 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 60 HTTP transactions. The main IP is 104.19.154.92, located in and belongs to CLOUDFLARENET, US. The main domain is balanced.plus.
TLS certificate: Issued by WE1 on June 22nd 2024. Valid for: 3 months.

This is the only time balanced.plus was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	104.19.154.92 104.19.154.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.75.69.192 54.75.69.192	16509 (AMAZON-02) (AMAZON-02)
1	99.84.108.122 99.84.108.122	16509 (AMAZON-02) (AMAZON-02)
11	142.251.163.106 142.251.163.106	15169 (GOOGLE) (GOOGLE)
3	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
1	173.194.204.94 173.194.204.94	15169 (GOOGLE) (GOOGLE)
1	216.239.38.178 216.239.38.178	15169 (GOOGLE) (GOOGLE)
2	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
2	142.251.179.94 142.251.179.94	15169 (GOOGLE) (GOOGLE)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	12

30 104.19.154.92 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

securelinks.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
balanced.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.75.69.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-69-192.eu-west-1.compute.amazonaws.com

obseu.bzcclandlord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.108.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-122.iad79.r.cloudfront.net

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.163.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.179.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	balanced.plus balanced.plus	1 MB
11	google.com www.google.com — Cisco Umbrella Rank: 5	1 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 7464	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	292 KB
3	bzcclandlord.com obseu.bzcclandlord.com — Cisco Umbrella Rank: 143361	39 KB
2	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5175	2 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8928	128 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 70	3 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71
1	gstatic.com www.gstatic.com	212 KB
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 14060	43 KB
1	securelinks.ca 1 redirects securelinks.ca	212 B
60	12

	Domain	Requested by
29	balanced.plus	balanced.plus
11	www.google.com	balanced.plus www.gstatic.com
3	js.zi-scripts.com	balanced.plus js.zi-scripts.com
3	www.googletagmanager.com	balanced.plus www.googletagmanager.com
3	obseu.bzcclandlord.com	balanced.plus obseu.bzcclandlord.com
2	ws.zoominfo.com	js.zi-scripts.com
2	www.google.ca	balanced.plus
2	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.clickcease.com	balanced.plus
1	securelinks.ca	1 redirects
60	12

This site contains links to these domains. Also see Links.

Domain
www.maximizer.com
www.zendesk.com
azure.microsoft.com
www.oracle.com
dotnet.microsoft.com
www.systemx.net
www.lush.com
www.matcor-matsu.com
www.centerragold.com
www.cccu.ca
www.aluminumwindowdesigns.com
stscapital.com
www.linkedin.com
www.instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
balanced.plus WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
*.bzcclandlord.com ZeroSSL ECC Domain Secure Site CA	`2024-05-25` - `2024-08-23`	3 months	crt.sh
clickcease.com Amazon RSA 2048 M02	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.ca WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
zi-scripts.com GTS CA 1P5	`2024-05-27` - `2024-08-25`	3 months	crt.sh
zoominfo.com E5	`2024-06-17` - `2024-09-15`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://balanced.plus/
Frame ID: 4CB7DEF58A5EE6B66693CF687E538C54
Requests: 68 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW&co=aHR0cHM6Ly9iYWxhbmNlZC5wbHVzOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=qnwas5ukian
Frame ID: E7DF70F11482778B7A6ACB095E431D51
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW&co=aHR0cHM6Ly9iYWxhbmNlZC5wbHVzOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=cje0sqvr86ui
Frame ID: 99FB3429DD825921BCE3839B4BA5EE99
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW&co=aHR0cHM6Ly9iYWxhbmNlZC5wbHVzOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=650h1fei3h5d
Frame ID: 775B36520AC08ACF0E7D6DAD01EAB6A6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW&co=aHR0cHM6Ly9iYWxhbmNlZC5wbHVzOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=c3322qiowg4b
Frame ID: CB6281E66894BACD2A174C43878C9712
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW
Frame ID: 9BB09D5D713FC5474AFE78759779A112
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW
Frame ID: 1F5CB3739DC9C8B2A63707A5F4464477
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW
Frame ID: 1E1BC8FCE002712CF2B980080D493FBB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW
Frame ID: 2280F595D38DFE9E08A8C8ED9EBDF6F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IT Consulting & Business Strategy | BALANCED+

Page URL History Show full URLs

https://securelinks.ca/ HTTP 301
https://balanced.plus/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

60
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

12
IPs

3
Countries

1946 kB
Transfer

3680 kB
Size

10
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.maximizer.com/
Title: MaximizerCRM

Search URL Search Domain Scan URL

URL: https://www.zendesk.com/
Title: ZenDesk

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-ca
Title: Azure

Search URL Search Domain Scan URL

URL: https://www.oracle.com/ca-en/database/
Title: Oracle

Search URL Search Domain Scan URL

URL: https://dotnet.microsoft.com/
Title: Microsoft .Net

Search URL Search Domain Scan URL

URL: https://www.systemx.net/
Title: SystemX

Search URL Search Domain Scan URL

URL: https://www.lush.com/uk/en

Search URL Search Domain Scan URL

URL: https://www.matcor-matsu.com/

Search URL Search Domain Scan URL

URL: https://www.centerragold.com/

Search URL Search Domain Scan URL

URL: https://www.cccu.ca/

Search URL Search Domain Scan URL

URL: https://www.aluminumwindowdesigns.com/

Search URL Search Domain Scan URL

URL: https://stscapital.com/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/balancedplus/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/balanced.plus/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/balanced.plus

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securelinks.ca/ HTTP 301
https://balanced.plus/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
balanced.plus/
Redirect Chain

https://securelinks.ca/
https://balanced.plus/

216 KB
35 KB

327ms
42ms

Document
text/html

104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d20d22b342bd10bdd0d13b5adb72805f2957ea0dba32d7dae337f0417400156

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 765704
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=2592000
cf-cache-status: HIT
cf-ray: 89dd9f4c3d76ab6a-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jul 2024 08:07:32 GMT
last-modified: Tue, 25 Jun 2024 09:43:07 GMT
link: <https://balanced.plus/wp-json/>; rel="https://api.w.org/", <https://balanced.plus/wp-json/wp/v2/pages/199>; rel="alternate"; type="application/json", <https://balanced.plus/>; rel=shortlink
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=2592000
cf-cache-status: MISS
cf-ray: 89dd9f42be61abae-YYZ
content-type: text/html; charset=UTF-8
date: Thu, 04 Jul 2024 08:07:32 GMT
location: https://balanced.plus/
server: cloudflare
vary: Accept-Encoding
x-redirect-by: WordPress

GET
H2 200 5971ebae87e602c12e858a86349f12a1.js Show response
obseu.bzcclandlord.com/i/ 103 KB
38 KB 442ms
142ms Script
text/javascript 54.75.69.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.bzcclandlord.com/i/5971ebae87e602c12e858a86349f12a1.js
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 54.75.69.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-69-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f9e28b66593a9f79c5fcc192f539cc4167d17e3b27ad6e613b7289bc8fb0a7d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 04 Jul 2024 08:07:32 GMT
cache-control: max-age=43200
content-encoding: gzip
etag: "19bda-tC92+RlnXEeuMroLLIVWjfcKgTo"
content-length: 38524
expires: Thu, 04 Jul 2024 20:07:32 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 142 KB
43 KB 283ms
48ms Script
application/javascript 99.84.108.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: balanced.plus
URL: https://balanced.plus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.108.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-108-122.iad79.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding: gzip
via: 1.1 91ed69d49df50f5558b0d5ebe4b3af7a.cloudfront.net (CloudFront)
date: Thu, 04 Jul 2024 08:07:20 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop: IAD79-C2
age: 14
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 09:05:15 GMT
server: AmazonS3
etag: W/"e112b8bf96f23bc2970347a3c98e37fc"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: W6kkc_AygEoPN8hUh62oRpLUV_yYPiLSgpDG1AhM6baDQ6M78Tn-oQ==

GET
H2 200 frontend.min.css
balanced.plus/wp-content/themes/bricks/assets/css/ 117 KB
19 KB 49ms
39ms Stylesheet
text/css 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/css/frontend.min.css?ver=1707981770
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69b3989cc91ece69b43516a0ec90402eb1c75c9b3d025eca62e1c35b7c1d772d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89dd9f4c9d92ab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 style.css
balanced.plus/wp-content/themes/bricks-child-1/ 260 B
248 B 75ms
65ms Stylesheet
text/css 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks-child-1/style.css?ver=1668471282
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8e980bb66f2c4ff91ae6a46eefd0bda20abfcfd1eaf4d60190544f08b35fc9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 00:14:42 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89dd9f4c9d93ab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 font-awesome-6-brands.min.css
balanced.plus/wp-content/themes/bricks/assets/css/libs/ 18 KB
5 KB 48ms
38ms Stylesheet
text/css 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/font-awesome-6-brands.min.css?ver=1707981770
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82baaba88ffa2f8bd58a92e033422bf65701c4d8a27b826cce0a67a53175db3f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89dd9f4c9d95ab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 font-awesome-6.min.css
balanced.plus/wp-content/themes/bricks/assets/css/libs/ 79 KB
17 KB 50ms
40ms Stylesheet
text/css 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/font-awesome-6.min.css?ver=1707981770
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165f0b5d5b2b35465318f3a023e65c1023c9738128fe7d08871e2106b5239689

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 814536
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89dd9f4c9d96ab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:51:56 GMT

GET
H2 200 ionicons.min.css
balanced.plus/wp-content/themes/bricks/assets/css/libs/ 29 KB
5 KB 48ms
39ms Stylesheet
text/css 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/ionicons.min.css?ver=1707981770
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35ffa11c1b4bb7c83f7344764d9b78223a11f330384712fe1ec76aa8850f8b78

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89dd9f4c9d97ab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 themify-icons.min.css
balanced.plus/wp-content/themes/bricks/assets/css/libs/ 14 KB
3 KB 72ms
64ms Stylesheet
text/css 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/themify-icons.min.css?ver=1707981770
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1920bd4f343dc0fa342eb5dba0362f0eb66e0dd427d4a54823bc322641eec76e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89dd9f4c9d98ab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 splide.min.css
balanced.plus/wp-content/themes/bricks/assets/css/libs/ 4 KB
1 KB 72ms
64ms Stylesheet
text/css 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/splide.min.css?ver=1707981770
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda9c683e93397090afcdc57ad8f445437f2a6facfb4f7c7e2b3b1af49a92757

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 389843
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89dd9f4c9d9bab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:51:56 GMT

GET
H2 200 jquery.min.js Show response
balanced.plus/wp-includes/js/jquery/ 86 KB
30 KB 54ms
47ms Script
text/javascript 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 22:44:24 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89dd9f4c9d9cab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 jquery-migrate.min.js Show response
balanced.plus/wp-includes/js/jquery/ 13 KB
5 KB 73ms
65ms Script
text/javascript 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 11:19:24 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89dd9f4c9d9dab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 front-end.js Show response
balanced.plus/wp-content/plugins/clickcease-click-fraud-protection/includes/assets/js/ 2 KB
979 B 73ms
66ms Script
text/javascript 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/plugins/clickcease-click-fraud-protection/includes/assets/js/front-end.js?ver=1.0
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e2f8548007f7aaa9cb8fafb7c1e2a9cec5dc429fd7a4c92d66402aadda700a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 19:03:08 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89dd9f4cbda4ab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 logoAsset-1logo.svg
balanced.plus/wp-content/uploads/2022/12/ 24 KB
18 KB 72ms
66ms Image
image/svg+xml 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balanced.plus/wp-content/uploads/2022/12/logoAsset-1logo.svg
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d643f2243312a34a23a261868c94070ab92994db11576c5a347f08d55255da79

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Dec 2022 13:20:10 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 89dd9f4cbda5ab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 22:24:28 GMT

GET
H2 200 fluent-forms-public.css
balanced.plus/wp-content/plugins/fluentform/assets/css/ 26 KB
5 KB 61ms
61ms Stylesheet
text/css 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/plugins/fluentform/assets/css/fluent-forms-public.css?ver=5.1.11
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92887c444a4f7ab9cd50eb506f420b3efec24dcd9ff932fe3f50052edfa90bdf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 05:06:41 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89dd9f4cbda6ab6a-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H3 200 fluentform-public-default.css
balanced.plus/wp-content/plugins/fluentform/assets/css/ 3 KB
1 KB 74ms
74ms Stylesheet
text/css 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/plugins/fluentform/assets/css/fluentform-public-default.css?ver=5.1.11
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667ca8637ae236619d4c7c23390e3b86423d6ca897dcee650ae94a11d68495e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 05:06:41 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 89dd9f4d088eabe2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H3 200 bricks.min.js Show response
balanced.plus/wp-content/themes/bricks/assets/js/ 101 KB
27 KB 48ms
47ms Script
text/javascript 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/js/bricks.min.js?ver=1707981770
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c356bd5af30812abbd8bf52925fb7d71c95d7cc38e9a212d0cb4dd1d1b605a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89dd9f4d0891abe2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H3 200 splide.min.js Show response
balanced.plus/wp-content/themes/bricks/assets/js/libs/ 76 KB
21 KB 57ms
46ms Script
text/javascript 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/js/libs/splide.min.js?ver=4.1.4
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ce02e3be3b3624461b6a168dea286a9ea202db850120a535d8043fadb2650a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 389843
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89dd9f4d389cabe2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:51:56 GMT

GET
H3 200 proslider.js Show response
balanced.plus/wp-content/plugins/bricksextras/components/assets/js/ 40 KB
7 KB 79ms
68ms Script
text/javascript 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/plugins/bricksextras/components/assets/js/proslider.js?ver=1.1.4
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db40792ca68fd3dfe5aa07f40ed712476e7624fede792d36bd749ceeed3df1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 05:06:24 GMT
server: cloudflare
age: 389843
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89dd9f4d389dabe2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:51:57 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
961 B 150ms
59ms Script
text/javascript 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?ver=5.1.11

Requested by

Host: balanced.plus
URL: https://balanced.plus/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

GSE /

Resource Hash

cfce45fef72ed85dc66c57fd1fa7262f9686b08188832fbfce26a7a467d455b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 04 Jul 2024 08:07:32 GMT

GET
H3 200 fluentform-advanced.js Show response
balanced.plus/wp-content/plugins/fluentform/assets/js/ 33 KB
10 KB 79ms
68ms Script
text/javascript 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/plugins/fluentform/assets/js/fluentform-advanced.js?ver=5.1.11
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2a2dec2444dc0a629d8e9f192bb76201bd5e5cbe8d11107c53e661dc418189

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 05:06:41 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89dd9f4d389fabe2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H3 200 form-submission.js Show response
balanced.plus/wp-content/plugins/fluentform/assets/js/ 19 KB
6 KB 80ms
69ms Script
text/javascript 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/plugins/fluentform/assets/js/form-submission.js?ver=5.1.11
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54682204374e6034a16d5edeb4150bb47ec63bae8ba4b0007511a6c01882a90d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 05:06:41 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 89dd9f4d38a1abe2-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 260 KB
93 KB 183ms
63ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHPRF473

Requested by

Host: balanced.plus
URL: https://balanced.plus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

52f99bc9044f61622ff7a5a35877fbbf154d6e693d71920df28d6011006fdce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94390
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 08:07:32 GMT

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8632e6babc33431b6018c85a764a4d67eb4237a067eaea95ea5dbe8a9eb9e38b

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90446aeee550ed0cd241694e77e36ca6a4a0c82ebec97a468b9c21a28f00e75f

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a10b74d31e3c2c6766d954b6bb40c5cab5760f2e3ec00c293c6bf45cf4d30a44

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f4d735316bbe004f0f390d89d2579674dc3fd611a7439e6b971747b3886300b

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da5f4fa2d8e0e632066673453ffc36a3a03fd1901e0515a42be696e9b9828fc2

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9787884df7931bd8055f491fe7a8b26cc983bdaaafb55232c017080e3f92c979

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f440ae0a5b3df46af90a2e0305300919c6b3a9881b9344069c6aecc24efbb52e

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4398a2fc27e0c4f9a543f362e9afe436cddcc17bc3e4069ba74e8146156c5605

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 947e67148480677b6eec8f1bb2eb9d9becea8889d57662c9720e1af38cb9217b

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa95abc871f231da179d66a3c7010249ead5604bc2596e8f167597774a3344f2

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dffef492918ff5d8d63a6e3c3263fea069ebe041dd14f0b923d93059423a3943

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5a5f97192c4a7d73849549e5b3a2d378f9c6269e65ca2cf57572b4aaf1a1012

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Radomir-Tinkov-Gilroy-Bold.woff2
balanced.plus/wp-content/uploads/2022/11/ 26 KB
26 KB 51ms
50ms Font
font/woff2 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/uploads/2022/11/Radomir-Tinkov-Gilroy-Bold.woff2
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f2d68c7cc2e20b8fcdb0789ebbcec14b4ff874ac329421e1aaddf8cd2e92b8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Origin: https://balanced.plus
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 14:26:54 GMT
server: cloudflare
age: 489680
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89dd9f4d78bdabe2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 26164
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H3 200 Radomir-Tinkov-Gilroy-Regular.woff2
balanced.plus/wp-content/uploads/2022/11/ 24 KB
25 KB 42ms
40ms Font
font/woff2 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/uploads/2022/11/Radomir-Tinkov-Gilroy-Regular.woff2
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 576ce5f5146089d97b110f558cc7e768711d596c4c6a3d3b0da3b5e164c8447b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Origin: https://balanced.plus
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 14:27:36 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89dd9f4d78c0abe2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 24868
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H3 200 themify.woff
balanced.plus/wp-content/themes/bricks/assets/fonts/themify/ 55 KB
55 KB 51ms
48ms Font
font/woff 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/fonts/themify/themify.woff?
Requested by: Host: balanced.plus
URL: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/themify-icons.min.css?ver=1707981770
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/themify-icons.min.css?ver=1707981770
Origin: https://balanced.plus
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89dd9f4d78c1abe2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 56108
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H3 200 fa-solid-900.woff2
balanced.plus/wp-content/themes/bricks/assets/fonts/fontawesome/ 147 KB
147 KB 52ms
48ms Font
font/woff2 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by: Host: balanced.plus
URL: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/font-awesome-6.min.css?ver=1707981770
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/font-awesome-6.min.css?ver=1707981770
Origin: https://balanced.plus
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 474859
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89dd9f4d78c2abe2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 150020
expires: Tue, 24 Jun 2025 21:51:57 GMT

GET
H3 200 ionicons.woff2
balanced.plus/wp-content/themes/bricks/assets/fonts/ionicons/ 49 KB
50 KB 97ms
94ms Font
font/woff2 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/fonts/ionicons/ionicons.woff2
Requested by: Host: balanced.plus
URL: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/ionicons.min.css?ver=1707981770
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 649218d06ada6cbd24cd0a01d080a34b497c2c65f16792e3e4afee7bf950e558

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/ionicons.min.css?ver=1707981770
Origin: https://balanced.plus
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 487027
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89dd9f4d78c3abe2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 50632
expires: Tue, 24 Jun 2025 21:51:57 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82d55978ccabaeb81ebc3605ae07beecf78e8bc5cc2f67b772d460c054e00f83

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c39e27dd630bc1d8f50afc4876313c4a6998f06eb4a854c0a0ba57ff7e5db1a4

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7172e698b8c8e4740f8c04a75d72b4a179c6c5ece80ba4fbdbeaf731b259ae1b

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b774ecfba495efb9191ea702fe68e667b9d1ee6904d88a5c6301f23cbde66b6c

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-brands-400.woff2
balanced.plus/wp-content/themes/bricks/assets/fonts/fontawesome/ 107 KB
107 KB 64ms
63ms Font
font/woff2 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/themes/bricks/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: balanced.plus
URL: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/font-awesome-6-brands.min.css?ver=1707981770
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/wp-content/themes/bricks/assets/css/libs/font-awesome-6-brands.min.css?ver=1707981770
Origin: https://balanced.plus
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 07:22:50 GMT
server: cloudflare
age: 810459
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89dd9f4db8d9abe2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 109808
expires: Tue, 24 Jun 2025 21:48:57 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 534 KB
212 KB 166ms
50ms Script
text/javascript 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?ver=5.1.11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Origin: https://balanced.plus
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 13:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216123
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 08:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Jul 2025 13:59:22 GMT

GET
H3 200 unnamed-file.png
balanced.plus/wp-content/uploads/2022/11/ 150 B
426 B 42ms
41ms Image
image/webp 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balanced.plus/wp-content/uploads/2022/11/unnamed-file.png
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b0d1e0b71e90dc1ce9bc9ee70a397e400a23cf9be1b5c355427d0d5a2252f35

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
cf-cache-status: HIT
age: 814535
cf-polished: origFmt=png, origSize=1253
content-disposition: inline; filename="unnamed-file.webp"
alt-svc: h3=":443"; ma=86400
content-length: 150
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Nov 2022 22:41:14 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89dd9f4ea937abe2-YYZ
expires: Tue, 24 Jun 2025 21:51:57 GMT

GET
H3 200 2-1024x576.png
balanced.plus/wp-content/uploads/2024/05/ 713 KB
714 KB 44ms
44ms Image
image/webp 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://balanced.plus/wp-content/uploads/2024/05/2-1024x576.png
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e840e3ff949f2cb8af504924ca58639be7db043629dc834f244433e7d100a17c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:32 GMT
cf-cache-status: HIT
age: 218221
cf-polished: origFmt=png, origSize=877275
content-disposition: inline; filename="2-1024x576.webp"
alt-svc: h3=":443"; ma=86400
content-length: 730506
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 May 2024 18:02:43 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89dd9f4ea938abe2-YYZ
expires: Tue, 24 Jun 2025 22:58:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 355 KB
117 KB 68ms
63ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZR9DRNN23H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHPRF473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

5be6b8d451a58c4af7957d1645efe69becee827f1b8ba6c7ee7f945a1cf51267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 119847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 08:07:33 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 104ms
100ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-G-ZR9DRNN23H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHPRF473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d5d04fa2569e8f779a7b9adf8e857ed075db0436907fb2245dcdc8b53555e7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84158
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 08:07:33 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 124ms
48ms Fetch
text/plain 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZR9DRNN23H&gtm=45je4730v899462811z89170626579za200zb9170626579&_p=1720080452654&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=594928411.1720080453&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720080453&sct=1&seg=0&dl=https%3A%2F%2Fbalanced.plus%2F&dt=IT%20Consulting%20%26%20Business%20Strategy%20%7C%20BALANCED%2B&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2268&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZR9DRNN23H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 08:07:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://balanced.plus
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11056542785/ 3 KB
1 KB 147ms
59ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11056542785/?random=1720080453139&cv=11&fst=1720080453139&bg=ffffff&guid=ON&async=1&gtm=45je4730v899462811z89170626579za200zb9170626579&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalanced.plus%2F&hn=www.googleadservices.com&frm=0&tiba=IT%20Consulting%20%26%20Business%20Strategy%20%7C%20BALANCED%2B&npa=0&pscdl=noapi&auid=1382933556.1720080453&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZR9DRNN23H&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

5053639187f2c71c714860f7ea86f66d7b8ba19fd13561645a46a5d050766b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 08:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1464
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/G-ZR9DRNN23H/ 3 KB
1 KB 119ms
58ms Script
text/javascript 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/G-ZR9DRNN23H/?random=1720080453172&cv=11&fst=1720080453172&bg=ffffff&guid=ON&async=1&gtm=45be4730z89170626579za201zb9170626579&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalanced.plus%2F&hn=www.googleadservices.com&frm=0&tiba=IT%20Consulting%20%26%20Business%20Strategy%20%7C%20BALANCED%2B&npa=0&pscdl=noapi&auid=1382933556.1720080453&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-G-ZR9DRNN23H&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

f71ed2a346910c1eaa19901d62e6ec83d007e31629b2a456845609c7efc6279c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 08:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1443
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame E7DF 0
0 222ms
138ms Document
text/html 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW&co=aHR0cHM6Ly9iYWxhbmNlZC5wbHVzOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=qnwas5ukian

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--RZlFGc-P4dVnUvfstqgTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://balanced.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--RZlFGc-P4dVnUvfstqgTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 08:07:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 99FB 0
0 189ms
107ms Document
text/html 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW&co=aHR0cHM6Ly9iYWxhbmNlZC5wbHVzOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=cje0sqvr86ui

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3XmR3rV6cHxyF3_E5PRLPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://balanced.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3XmR3rV6cHxyF3_E5PRLPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 08:07:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 775B 0
0 148ms
69ms Document
text/html 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW&co=aHR0cHM6Ly9iYWxhbmNlZC5wbHVzOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=650h1fei3h5d

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CWaVKzKS9e_KWmto3HUBrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://balanced.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CWaVKzKS9e_KWmto3HUBrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 08:07:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame CB62 0
0 166ms
91ms Document
text/html 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW&co=aHR0cHM6Ly9iYWxhbmNlZC5wbHVzOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=c3322qiowg4b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vhGPHaPJe1vU2SWcQxehgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://balanced.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vhGPHaPJe1vU2SWcQxehgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 08:07:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ct Show response
obseu.bzcclandlord.com/ 3 KB
1 KB 190ms
189ms Script
text/javascript 54.75.69.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.bzcclandlord.com/ct?id=56529&url=https%3A%2F%2Fbalanced.plus%2F&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1720080453332&hl=2&op=0&ag=3514327459&rand=040252609761167960916221688226210367093222208260701012502019138267260206072786179800&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDkxMThdLFsiYWJuY2giLDFdLFstNCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCJdfSJdLFstMTUsIi0iXSxbLTQ1LCItIl0sWy01MCwiLSJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixicm93c2luZ3RvcGljcyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxzaGFyZWRzdG9yYWdlLGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sc2hhcmVkc3RvcmFnZXNlbGVjdHVybCxneXJvc2NvcGUsaW50ZXJlc3Rjb2hvcnQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGNodWFmb3JtZmFjdG9ycyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxjb21wdXRlcHJlc3N1cmUscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLHByaXZhdGVhZ2dyZWdhdGlvbixjbGlwYm9hcmR3cml0ZSxhdHRyaWJ1dGlvbnJlcG9ydGluZyxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02OCwiLSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTgsIi0iXSxbLTEwLCItIl0sWy0yMCwiNTk0OTI4NDExLjE3MjAwODA0NTMiXSxbLTQxLCItIl0sWy00OSwiLSJdLFstMzIsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkZlhCa1JVVTFOU1VvREZoWldXMHBjVEJkYlExcGFWVmhYWFZWV1MxMFhXbFpVRmxBV0RBQU9DRnhiV0Z3QkRsd1BDUXRhQ0F0Y0FRd0JXQUVQQ2cwQVh3Z0xXQWdYVTBvRENBTVBEZ3dCQ2hBVldFMFpTeGtSVVUxTlNVb0RGaFpXVzBwY1RCZGJRMXBhVlZoWFhWVldTMTBYV2xaVUZsQVdEQUFPQ0Z4YldGd0JEbHdQQ1F0YUNBdGNBUXdCV0FFUENnMEFYd2dMV0FnWFUwb0RDQT09Il0sWy02NCwiWzAsXCJXaW4zMlwiLFt7XCJiXCI6XCJHb29nbGUgQ2hyb21lXCIsXCJ2XCI6XCIxMjZcIn0se1wiYlwiOlwiTm90OkEtQnJhbmRcIixcInZcIjpcIjhcIn0se1wiYlwiOlwiQ2hyb21pdW1cIixcInZcIjpcIjEyNlwifV1dIl0sWy0yLCItIl0sWy01LCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjUsIi0iXSxbLTM4LCJpLC0xLC0xLDEzNTAsMCwyMzEsMCwwLDU2LDYxLC0xLDAsMTkwMy4yLDE5MDMuMiwyNDE3LDI0MTgiXSxbLTYsIi0iXSxbLTEzLCItIl0sWy0xOSwiWzExMCwxMTAsMTEwLDExMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yNiwie1widGpoc1wiOjE0ODUwNzk5LFwidWpoc1wiOjEwNTM3ODc1LFwiamhzbFwiOjQyOTQ3MDUxNTJ9Il0sWy0yOSwiLSJdLFstNTgsIi0iXSxbLTYyLCI4MCJdLFstMjMsIisiXSxbLTI3LCJbNTAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTQwLCIzMyJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQ3LCItIl0sWy01MywiMTAwIl0sWy01NCwie1wiaFwiOltcIjM2ODAzNzc5OTJcIixcIjc1MDU2Mjc0MlwiLFwiXzNcIixcIjMyOTk5MTM2OVwiLFwiMjk3ODU0NDc0MFwiLFwiMjkwNjA4MjU2N1wiLFwiXzFcIixcIjEyOTY5NTc0OVwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTksImRlZmF1bHQiXSxbLTY3LCItIl0sWy0xLCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0xMiwibnVsbCJdLFstMTQsIi0iXSxbLTE2LCIwIl0sWy0xNywiNDgiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTI0LCJbXSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy02MSwie1wid2dzbFwiOlwiNDtyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O3VucmVzdHJpY3RlZF9wb2ludGVyX3BhcmFtZXRlcnM7cG9pbnRlcl9jb21wb3NpdGVfYWNjZXNzO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy0yMSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zNSwiWzE3MjAwODA0NTMzMjUsN10iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNDYsIjAiXSxbLTU1LCIxIl0sWy02NSwiLSJdLFstNjksIi0iXSxbLTksIisiXSxbLTI4LCJlbi1VUyxlbiJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxIl0sWy02MywiMCJdLFsiYm5jaCIsNTJdLFstNywiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDUsdHJ1ZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00NCwiMCwwLDAsNSJdLFstNDgsIjAsMCJdLFstNjAsIi0iXSxbImRkYiIsIjAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwxLDEsMCwwLDEsMCwxLDAsMCwxLDAsMCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDI4LDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=ZUuX3oqsd9&pto=2463&ver=61&gac=594928411.1720080453&mei=&ap=&fe=1&duid=1.1720080453.xVGyhfx5x0AMMZK7&suid=1.1720080453.bN1BHwgDGEhJx9ip&tuid=1.1720080453.Wk1ZqaosIQ0g8Nd2&fbc=-&gtm=W10%3D&it=44%2C1686%2C641&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=Ojk2Oi0%2BOTY6LSY5NjstJj8%2BNjstJj88NjstJj8yNjstJj46NjstaGA2Oi1uc2hKeHJlaDY6LW5zaEZkZTY6LWVkbXk2Og%3D%3D
Requested by: Host: obseu.bzcclandlord.com
URL: https://obseu.bzcclandlord.com/i/5971ebae87e602c12e858a86349f12a1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 54.75.69.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-69-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 92194eb88ffb129d548f26b6d750eeda1f59e1fe44e2638e1ed303befe97b0c0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 04 Jul 2024 08:07:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1207
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/G-ZR9DRNN23H/ 42 B
64 B 55ms
54ms Image
image/gif 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/G-ZR9DRNN23H/?random=1720080453172&cv=11&fst=1720080000000&bg=ffffff&guid=ON&async=1&gtm=45be4730z89170626579za201zb9170626579&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalanced.plus%2F&hn=www.googleadservices.com&frm=0&tiba=IT%20Consulting%20%26%20Business%20Strategy%20%7C%20BALANCED%2B&npa=0&pscdl=noapi&auid=1382933556.1720080453&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLMlNKQ3k2p4ij5vHUxPeOmKG1kvktXQ&random=4155378509&rmt_tld=0&ipr=y

Requested by

Host: balanced.plus
URL: https://balanced.plus/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 08:07:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/G-ZR9DRNN23H/ 42 B
64 B 110ms
60ms Image
image/gif 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/G-ZR9DRNN23H/?random=1720080453172&cv=11&fst=1720080000000&bg=ffffff&guid=ON&async=1&gtm=45be4730z89170626579za201zb9170626579&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalanced.plus%2F&hn=www.googleadservices.com&frm=0&tiba=IT%20Consulting%20%26%20Business%20Strategy%20%7C%20BALANCED%2B&npa=0&pscdl=noapi&auid=1382933556.1720080453&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLMlNKQ3k2p4ij5vHUxPeOmKG1kvktXQ&random=4155378509&rmt_tld=1&ipr=y

Requested by

Host: balanced.plus
URL: https://balanced.plus/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 08:07:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11056542785/ 42 B
64 B 56ms
55ms Image
image/gif 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11056542785/?random=1720080453139&cv=11&fst=1720080000000&bg=ffffff&guid=ON&async=1&gtm=45je4730v899462811z89170626579za200zb9170626579&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalanced.plus%2F&hn=www.googleadservices.com&frm=0&tiba=IT%20Consulting%20%26%20Business%20Strategy%20%7C%20BALANCED%2B&npa=0&pscdl=noapi&auid=1382933556.1720080453&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLSL8XAax-272pWWZqmTv4O5kwueacZg&random=993358456&rmt_tld=0&ipr=y

Requested by

Host: balanced.plus
URL: https://balanced.plus/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 08:07:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/11056542785/ 42 B
64 B 106ms
56ms Image
image/gif 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/11056542785/?random=1720080453139&cv=11&fst=1720080000000&bg=ffffff&guid=ON&async=1&gtm=45je4730v899462811z89170626579za200zb9170626579&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbalanced.plus%2F&hn=www.googleadservices.com&frm=0&tiba=IT%20Consulting%20%26%20Business%20Strategy%20%7C%20BALANCED%2B&npa=0&pscdl=noapi&auid=1382933556.1720080453&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLSL8XAax-272pWWZqmTv4O5kwueacZg&random=993358456&rmt_tld=1&ipr=y

Requested by

Host: balanced.plus
URL: https://balanced.plus/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 08:07:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 403 admin-ajax.php Show response
balanced.plus/wp-admin/ 2 B
240 B 858ms
858ms XHR
text/html 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://balanced.plus/wp-admin/admin-ajax.php

Requested by

Host: balanced.plus
URL: https://balanced.plus/wp-content/plugins/clickcease-click-fraud-protection/includes/assets/js/front-end.js?ver=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 Jul 2024 08:07:34 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://balanced.plus
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 89dd9f529aababe2-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 tc_imp.gif
obseu.bzcclandlord.com/tracker/ 43 B
79 B 123ms
123ms Image
image/gif 54.75.69.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obseu.bzcclandlord.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268eec73dea438f9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5b17886f2e17071a10acf9f29f671d8ad08e012a3f4ef77b2451876ed96491073805209206010a3d0d0a90bf634777be26bb25cb43e2923ff94c67a4132c7c0fd850ed54e285929c68f37950aa2084ba5f7ff35b7b1a2d18c8c9077af562b7818fbd1910fa0a9fc95df820da75c45b956279f02b01f2040e0228d2595fe69fe0a100ba2f965f980cf64d766dbad1276140023df819958d45a95f60e8e4e47116253bc6f57662d4dd09012b4677190bb98e32606d64f5ac183bd5b4f02d97fe58740f30b9e4f0d58a7dacd4dc0ce85ec80a6b61c8b99cb6a03097d9b738c1675fd1acc17d1d44f3606df9820876b08de97e8d07f845b4980a870d97dd75d66071d2d964d27a8f80b9afdeb1b04c7ee86feafeb9364328ae873682be43af570454861e05dbc2db9990a7cb70c96a88de94ab38a03c7b74dc2b65d483920e7f86a633bb06e3945d8670bf3d1a0b148276be079c9fee3ff6c734c408ec8adfcd6c83550435bd52541d3e4c7de6a268b349c2e78164fdde32a6c6778ad8bfad2ec3e3b20f342cd2bb08138af7471a06f4cdec3ff164de9308fdea3caf6ebc23d70fc61ebcab3fce0624e6a88e6f3f3f611f2b0b5c17aafd8d6cd202b4594f4329f8b053de98180cf9a4debabc6ccaf1e5fc86faa7ed4a4f3cf8469ab7596e8041791ad7635e7670f77baf7511deeac1638f60cb2497b62fc5bb11847808283c1f7d1098dcf9d83a7b49871f4494cfc4bdb0cb4f1898b0b9108add273e818600367bf88fd85123b7278d5f9b1fe021d374ac814baef237aa9bf9afe52d19e8f22771c133ffd9a2a1049d7235110794684b50b5a65c91be6acbebe38f03b9f0f26b747f4ee77db919b811f7d83d843851205f3b7a7de15a86813750ba71a7fcf45f989e12cf0d12af467452cbeac31648ac31a39c1ab16a2d1208f8623e88aecb7a9f067acbf94cf28e99a6df1cb808027b4aac652f5080825809f82eedfdc22493c1ac530c6ea86b3c1a44924212f493ed1b188c70318ed5954bc9c8a8901a71eb22b1067644930d702a97c20e4288dfffc4bdf140a328ac6ec93790cc10ceeff92935ec8e5cd0c7fdcb84818a926719d5b872479169c356de0bac&cri=ZUuX3oqsd9&ts=197&cb=1720080453529
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 54.75.69.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-69-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 04 Jul 2024 08:07:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK b219ac09-c243-4571-9c3a-45bbcb3688ef
https://balanced.plus/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://balanced.plus/b219ac09-c243-4571-9c3a-45bbcb3688ef
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd8ea040e9adc7b445769ea93c0eb5b8cb41e39830fa6045e8c5a5fe7480aa28

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 78ms
45ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: balanced.plus
URL: https://balanced.plus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7bcabdeabc928df5f998a410f656db22b6d8973ad3b73851feaba2ee6a44bc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:34 GMT
x-amz-version-id: az1JGSQ.qou05rXeP8ubGTGmlUNWgCp9
via: 1.1 981fd743d9643ae0100d9c3fcfb96f78.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-cf-pop: YUL62-C2
age: 74283
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 11:29:23 GMT
server: cloudflare
etag: W/"e3c441f75699329acb887bf918f755c9"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 89dd9f55eab5a214-YYZ
x-amz-cf-id: YrBdW_J8wV_xfDe4XWy9adUEAwJl6iyAeMzxUzulIN3r5HFD-HcAJA==

GET
H3 200 favicon-150x150.png
balanced.plus/wp-content/uploads/2022/12/ 9 KB
9 KB 42ms
42ms Other
image/webp 104.19.154.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balanced.plus/wp-content/uploads/2022/12/favicon-150x150.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.154.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65e15ab91e2d9d819d4b9aaf2f5930117936116831b18e6368fe02ed94f1791c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://balanced.plus/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:34 GMT
cf-cache-status: HIT
age: 810460
cf-polished: origFmt=png, origSize=12108
content-disposition: inline; filename="favicon-150x150.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8716
cf-bgj: imgq:85,h2pri
last-modified: Wed, 21 Dec 2022 22:37:22 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89dd9f55bbdaabe2-YYZ
expires: Tue, 24 Jun 2025 21:59:36 GMT

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 257ms
228ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://balanced.plus
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,visited_url
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
apigw-requestid: aYK7CiVvPHcEPWw=
cf-cache-status: DYNAMIC
cf-ray: 89dd9f566b055419-YYZ
date: Thu, 04 Jul 2024 08:07:34 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 981fd743d9643ae0100d9c3fcfb96f78.cloudfront.net (CloudFront)
x-amz-cf-id: yaQgLV8F1sTXtNuqCJLqEjR3fCbDAEoyda_e4Jea96QmWxgFjsZ0eA==
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 150 B
649 B 135ms
135ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d7720d0a00dc6b47cc0b6a3992dbda5760f6ce3310020ae7439e85a6e04442ef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer ee09290fd01679919187
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://balanced.plus/
visited_url: https://balanced.plus/

Response headers

date: Thu, 04 Jul 2024 08:07:34 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: YUL62-C2
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: aYK7DiPcPHcESPg=
server: cloudflare
etag: W/"96-lrGaE5KOOrPpxZYn+JIqd6EHVSw"
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://balanced.plus
cf-ray: 89dd9f57db645419-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Amp-Device-Id, X-Amp-Session-Id
x-amz-cf-id: zrDy7YNvAj87XNcJDM0PCB_o_D57rPzQYBN9Mln_OaZYakYLKK5kVQ==

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 9BB0 0
0 58ms
57ms Document
text/html 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PBdc1bhwaea26UwuZzym0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://balanced.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PBdc1bhwaea26UwuZzym0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 08:07:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 1F5C 0
0 116ms
59ms Document
text/html 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KkZ2C_dsENLRukAj2CEyGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://balanced.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KkZ2C_dsENLRukAj2CEyGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 08:07:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 1E1B 0
0 177ms
59ms Document
text/html 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yJ-dzt1IZM08QOX6xijaCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://balanced.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yJ-dzt1IZM08QOX6xijaCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 08:07:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 2280 0
0 229ms
59ms Document
text/html 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lfa62opAAAAAEiILBOC9S7sFj4iXNp2KD5_u5YW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NxotbixyB5049siZuTO0-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://balanced.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NxotbixyB5049siZuTO0-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 08:07:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
ws.zoominfo.com/pixel/64cd505e5e3e73282eb342ca/ 3 KB
2 KB 307ms
279ms Fetch
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/64cd505e5e3e73282eb342ca/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2415d9aeb57f583054dea963cebe32ce5a8613e6a9e83e23f361fd2d18cf9741

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/javascript
visited-url: https://balanced.plus/
Referer: https://balanced.plus/
_vtok: MTQ5Ljg4LjE2LjIzMQ==
_zitok: 0ba3c53d8b9248bf23b81720080454
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 08:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://balanced.plus
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 89dd9f5999eeac2e-YYZ

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/64cd505e5e3e73282eb342ca/ Frame 0
0 112ms
80ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/64cd505e5e3e73282eb342ca/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://balanced.plus
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://balanced.plus
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89dd9f58eca5a1ed-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 08:07:34 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

GET
BLOB 200
OK 5d153190-32c7-44c7-a2b5-81bbcf1c482f Show response
https://balanced.plus/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://balanced.plus/5d153190-32c7-44c7-a2b5-81bbcf1c482f
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2415d9aeb57f583054dea963cebe32ce5a8613e6a9e83e23f361fd2d18cf9741

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 3006
Content-Type: text/javascript

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.balanced.plus/	1970-01-20 23:57:36	Name: _gcl_au Value: 1.1.1382933556.1720080453
.balanced.plus/	1970-01-21 07:24:00	Name: _ga_ZR9DRNN23H Value: GS1.1.1720080453.1.0.1720080453.0.0.0
.balanced.plus/	1970-01-21 07:24:00	Name: _ga Value: GA1.1.594928411.1720080453
.doubleclick.net/	1970-01-20 21:48:01	Name: test_cookie Value: CheckForPermission
.balanced.plus/	1970-01-20 23:59:24	Name: _cq_duid Value: 1.1720080453.xVGyhfx5x0AMMZK7
.balanced.plus/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1720080453.bN1BHwgDGEhJx9ip
obseu.bzcclandlord.com/	1970-01-21 05:51:50	Name: cg_uuid Value: d8c7660e93ce0e66f38031d1e89ef188
.balanced.plus/	1970-01-21 06:33:36	Name: _zitok Value: 0ba3c53d8b9248bf23b81720080454
.zoominfo.com/	1970-01-20 21:48:02	Name: __cf_bm Value: 8UA3MQ31i.PHAmkjuPnYNjHr97hE1TvlM8vRL8MpmfY-1720080454-1.0.1.1-vXg9MQGe5LEBUOz1OMOwcSiI6AAW9RRny0Jw51KZlXKty24kA0zjSiURv1JhKaoNLWSgYHzMT9IxQ1FsPQGqOw
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: nh4FvafgQdB15uxwsSKU.tiYt.B8xPuVyhB0gUnZcBU-1720080454904-0.0.1.1-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://balanced.plus/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balanced.plus
googleads.g.doubleclick.net
js.zi-scripts.com
obseu.bzcclandlord.com
securelinks.ca
ws.zoominfo.com
www.clickcease.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
104.16.117.43
104.19.154.92
142.251.16.156
142.251.163.106
142.251.179.94
172.217.222.97
172.64.150.44
173.194.204.94
216.239.38.178
54.75.69.192
99.84.108.122
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
165f0b5d5b2b35465318f3a023e65c1023c9738128fe7d08871e2106b5239689
1920bd4f343dc0fa342eb5dba0362f0eb66e0dd427d4a54823bc322641eec76e
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
2415d9aeb57f583054dea963cebe32ce5a8613e6a9e83e23f361fd2d18cf9741
2d20d22b342bd10bdd0d13b5adb72805f2957ea0dba32d7dae337f0417400156
35ffa11c1b4bb7c83f7344764d9b78223a11f330384712fe1ec76aa8850f8b78
4398a2fc27e0c4f9a543f362e9afe436cddcc17bc3e4069ba74e8146156c5605
46db40792ca68fd3dfe5aa07f40ed712476e7624fede792d36bd749ceeed3df1
4e2f8548007f7aaa9cb8fafb7c1e2a9cec5dc429fd7a4c92d66402aadda700a9
5053639187f2c71c714860f7ea86f66d7b8ba19fd13561645a46a5d050766b20
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52f99bc9044f61622ff7a5a35877fbbf154d6e693d71920df28d6011006fdce9
54682204374e6034a16d5edeb4150bb47ec63bae8ba4b0007511a6c01882a90d
576ce5f5146089d97b110f558cc7e768711d596c4c6a3d3b0da3b5e164c8447b
5be6b8d451a58c4af7957d1645efe69becee827f1b8ba6c7ee7f945a1cf51267
5ce02e3be3b3624461b6a168dea286a9ea202db850120a535d8043fadb2650a0
649218d06ada6cbd24cd0a01d080a34b497c2c65f16792e3e4afee7bf950e558
65e15ab91e2d9d819d4b9aaf2f5930117936116831b18e6368fe02ed94f1791c
667ca8637ae236619d4c7c23390e3b86423d6ca897dcee650ae94a11d68495e6
69b3989cc91ece69b43516a0ec90402eb1c75c9b3d025eca62e1c35b7c1d772d
6b0d1e0b71e90dc1ce9bc9ee70a397e400a23cf9be1b5c355427d0d5a2252f35
7172e698b8c8e4740f8c04a75d72b4a179c6c5ece80ba4fbdbeaf731b259ae1b
7c8e980bb66f2c4ff91ae6a46eefd0bda20abfcfd1eaf4d60190544f08b35fc9
7e2a2dec2444dc0a629d8e9f192bb76201bd5e5cbe8d11107c53e661dc418189
7f4d735316bbe004f0f390d89d2579674dc3fd611a7439e6b971747b3886300b
82baaba88ffa2f8bd58a92e033422bf65701c4d8a27b826cce0a67a53175db3f
82d55978ccabaeb81ebc3605ae07beecf78e8bc5cc2f67b772d460c054e00f83
8632e6babc33431b6018c85a764a4d67eb4237a067eaea95ea5dbe8a9eb9e38b
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
90446aeee550ed0cd241694e77e36ca6a4a0c82ebec97a468b9c21a28f00e75f
90f2d68c7cc2e20b8fcdb0789ebbcec14b4ff874ac329421e1aaddf8cd2e92b8
92194eb88ffb129d548f26b6d750eeda1f59e1fe44e2638e1ed303befe97b0c0
92887c444a4f7ab9cd50eb506f420b3efec24dcd9ff932fe3f50052edfa90bdf
947e67148480677b6eec8f1bb2eb9d9becea8889d57662c9720e1af38cb9217b
9787884df7931bd8055f491fe7a8b26cc983bdaaafb55232c017080e3f92c979
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a10b74d31e3c2c6766d954b6bb40c5cab5760f2e3ec00c293c6bf45cf4d30a44
aa95abc871f231da179d66a3c7010249ead5604bc2596e8f167597774a3344f2
b774ecfba495efb9191ea702fe68e667b9d1ee6904d88a5c6301f23cbde66b6c
b7bcabdeabc928df5f998a410f656db22b6d8973ad3b73851feaba2ee6a44bc8
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951
c39e27dd630bc1d8f50afc4876313c4a6998f06eb4a854c0a0ba57ff7e5db1a4
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd8ea040e9adc7b445769ea93c0eb5b8cb41e39830fa6045e8c5a5fe7480aa28
cfce45fef72ed85dc66c57fd1fa7262f9686b08188832fbfce26a7a467d455b0
d5d04fa2569e8f779a7b9adf8e857ed075db0436907fb2245dcdc8b53555e7ba
d643f2243312a34a23a261868c94070ab92994db11576c5a347f08d55255da79
d7720d0a00dc6b47cc0b6a3992dbda5760f6ce3310020ae7439e85a6e04442ef
d7c356bd5af30812abbd8bf52925fb7d71c95d7cc38e9a212d0cb4dd1d1b605a
da5f4fa2d8e0e632066673453ffc36a3a03fd1901e0515a42be696e9b9828fc2
dffef492918ff5d8d63a6e3c3263fea069ebe041dd14f0b923d93059423a3943
e5a5f97192c4a7d73849549e5b3a2d378f9c6269e65ca2cf57572b4aaf1a1012
e840e3ff949f2cb8af504924ca58639be7db043629dc834f244433e7d100a17c
eda9c683e93397090afcdc57ad8f445437f2a6facfb4f7c7e2b3b1af49a92757
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f440ae0a5b3df46af90a2e0305300919c6b3a9881b9344069c6aecc24efbb52e
f71ed2a346910c1eaa19901d62e6ec83d007e31629b2a456845609c7efc6279c
f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505
f9e28b66593a9f79c5fcc192f539cc4167d17e3b27ad6e613b7289bc8fb0a7d5
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

balanced.plus Open in urlscan Pro 104.19.154.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

0 %IPv6

12 Domains

12 Subdomains

12 IPs

3 Countries

1946 kBTransfer

3680 kBSize

10 Cookies

15 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

balanced.plus Open in urlscan Pro
104.19.154.92 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

12
IPs

3
Countries

1946 kB
Transfer

3680 kB
Size

10
Cookies

60 HTTP transactions
18 data transactions