friends-with-benefits.com Open in urlscan Pro
3.121.161.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hdj498.blogspot.ae/
Effective URL:
https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738b...
Submission: On July 21 via api (July 21st 2024, 3:13:42 pm UTC) from US — Scanned from US

Summary HTTP 41 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 15 domains to perform 41 HTTP transactions. The main IP is 3.121.161.178, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is friends-with-benefits.com. The Cisco Umbrella rank of the primary domain is 743681.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 29th 2023. Valid for: a year.

This is the only time friends-with-benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2607:f8b0:400... 2607:f8b0:400d:c09::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c21::bf	15169 (GOOGLE) (GOOGLE)
1 1	162.255.119.48 162.255.119.48	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	52.206.218.219 52.206.218.219	14618 (AMAZON-AES) (AMAZON-AES)
1	18.198.93.216 18.198.93.216	16509 (AMAZON-02) (AMAZON-02)
1	3.121.161.178 3.121.161.178	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c1f::5f	15169 (GOOGLE) (GOOGLE)
9	2600:1408:c40... 2600:1408:c400:9::17cd:69b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:1408:c40... 2600:1408:c400:9::17cd:69b2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c01::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3030::ac43:8b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::38 2620:1ec:bdf::38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
41	17

2 2607:f8b0:400d:c09::84 (Morganton, United States) 1 redirects

ASN15169 (GOOGLE, US)

hdj498.blogspot.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hdj498.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::bf (Washington, United States)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.255.119.48 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

candymtch.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.218.219 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-218-219.compute-1.amazonaws.com

trk.securedconfirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.93.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-93-216.eu-central-1.compute.amazonaws.com

my.link23456.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.161.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-161-178.eu-central-1.compute.amazonaws.com

friends-with-benefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1f::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1408:c400:9::17cd:69b8 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.friends-with-benefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1408:c400:9::17cd:69b2 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

lpimg.friends-with-benefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c01::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:8b77 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	friends-with-benefits.com friends-with-benefits.com — Cisco Umbrella Rank: 743681 cdn.friends-with-benefits.com lpimg.friends-with-benefits.com	118 KB
7	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988	144 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 c.clarity.ms — Cisco Umbrella Rank: 1838 t.clarity.ms — Cisco Umbrella Rank: 8415	28 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3618 ka-f.fontawesome.com — Cisco Umbrella Rank: 7493	25 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	184 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	37 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	773 B
1	link23456.com my.link23456.com	27 KB
1	securedconfirm.com 1 redirects trk.securedconfirm.com	2 KB
1	candymtch.site 1 redirects candymtch.site	278 B
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 9911	51 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 24546	46 KB
1	blogspot.com hdj498.blogspot.com	14 KB
1	blogspot.ae 1 redirects hdj498.blogspot.ae	506 B
41	15

	Domain	Requested by
9	cdn.friends-with-benefits.com	friends-with-benefits.com
7	dev.visualwebsiteoptimizer.com	hdj498.blogspot.com friends-with-benefits.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	lpimg.friends-with-benefits.com	friends-with-benefits.com
2	t.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	hdj498.blogspot.com www.clarity.ms
2	www.googletagmanager.com	friends-with-benefits.com www.googletagmanager.com
2	fonts.googleapis.com	friends-with-benefits.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	kit.fontawesome.com	friends-with-benefits.com
1	friends-with-benefits.com	my.link23456.com www.googletagmanager.com
1	my.link23456.com	hdj498.blogspot.com
1	trk.securedconfirm.com	1 redirects
1	candymtch.site	1 redirects
1	www.blogger.com	hdj498.blogspot.com
1	resources.blogblog.com	hdj498.blogspot.com
1	www.gstatic.com	hdj498.blogspot.com
1	hdj498.blogspot.com
1	hdj498.blogspot.ae	1 redirects
41	21

This site contains links to these domains. Also see Links.

Domain
policies.google.com
privacy.microsoft.com
help.twitter.com
stripcash.com
www.awempire.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.blogger.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
ph.guardlnkcaptcha.com Amazon RSA 2048 M02	`2024-02-14` - `2025-03-15`	a year	crt.sh
friends-with-benefits.com Amazon RSA 2048 M02	`2023-11-29` - `2024-12-27`	a year	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
cdn.friends-with-benefits.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
lpimg.friends-with-benefits.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
ka-f.fontawesome.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2024-06-29` - `2025-07-31`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Frame ID: 130BF81BE0BE91F6DE03B4A1EDCD6E07
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Friends-with-benefits

Page URL History Show full URLs

https://hdj498.blogspot.ae/ HTTP 302
https://hdj498.blogspot.com/ Page URL
http://candymtch.site/ HTTP 307
https://candymtch.site/ HTTP 307
http://candymtch.site/ HTTP 302
https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760 HTTP 302
https://my.link23456.com/click?o=3720&a=1508&sub_id1=1022bc8ed335023f30c93245cd1ce4&sub_id3=DLO-8760_ Page URL
https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=73... Page URL

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

41
Requests

93 %
HTTPS

63 %
IPv6

15
Domains

21
Subdomains

17
IPs

2
Countries

674 kB
Transfer

2178 kB
Size

22
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy?hl=en
Title: https://policies.google.com/privacy?hl=en

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/cookies?hl=en
Title: https://policies.google.com/technologies/cookies?hl=en

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us/PrivacyStatement
Title: https://privacy.microsoft.com/en-us/PrivacyStatement

Search URL Search Domain Scan URL

URL: https://help.twitter.com/en/safety-and-security/privacy-controls-for-tailored-ads
Title: https://help.twitter.com/en/safety-and-security/privacy-controls-for-tailored-ads

Search URL Search Domain Scan URL

URL: https://help.twitter.com/en/rules-and-policies/twitter-cookies
Title: https://help.twitter.com/en/rules-and-policies/twitter-cookies

Search URL Search Domain Scan URL

URL: https://stripcash.com/privacy-policy
Title: https://stripcash.com/privacy-policy

Search URL Search Domain Scan URL

URL: https://stripcash.com/cookies-policy
Title: https://stripcash.com/cookies-policy

Search URL Search Domain Scan URL

URL: https://www.awempire.com/privacy-policy
Title: https://www.awempire.com/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.awempire.com/cookie-policy
Title: https://www.awempire.com/cookie-policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hdj498.blogspot.ae/ HTTP 302
https://hdj498.blogspot.com/ Page URL
http://candymtch.site/ HTTP 307
https://candymtch.site/ HTTP 307
http://candymtch.site/ HTTP 302
https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760 HTTP 302
https://my.link23456.com/click?o=3720&a=1508&sub_id1=1022bc8ed335023f30c93245cd1ce4&sub_id3=DLO-8760_ Page URL
https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://hdj498.blogspot.ae/ HTTP 302
https://hdj498.blogspot.com/

Request Chain 4

http://candymtch.site/ HTTP 307
https://candymtch.site/ HTTP 307
http://candymtch.site/ HTTP 302
https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760 HTTP 302
https://my.link23456.com/click?o=3720&a=1508&sub_id1=1022bc8ed335023f30c93245cd1ce4&sub_id3=DLO-8760_

Request Chain 36

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5AFE5604759942D8BEEFFE936F4D3E93&RedC=c.clarity.ms&MXFR=0CC94813EC7363A00D8F5CD0E8736D62 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AFE5604759942D8BEEFFE936F4D3E93&MUID=0D874E31073960D506B15AF2064B61C1

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
hdj498.blogspot.com/
Redirect Chain

https://hdj498.blogspot.ae/
https://hdj498.blogspot.com/

62 KB
14 KB

138ms
72ms

Document
text/html

2607:f8b0:400d:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://hdj498.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 13764
content-type: text/html; charset=UTF-8
date: Sun, 21 Jul 2024 15:13:31 GMT
etag: W/"f73898a177ce114755b1256f20e780202c4e809b86a38c3f2ceee402d2e74187"
expires: Sun, 21 Jul 2024 15:13:31 GMT
last-modified: Fri, 08 Mar 2024 15:47:17 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 198
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Sun, 21 Jul 2024 15:13:31 GMT
expires: Sun, 21 Jul 2024 15:13:31 GMT
location: https://hdj498.blogspot.com/
server: GSE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
4 KB 73ms
18ms Script
text/javascript 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdj498.blogspot.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3475
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 21 Jul 2024 15:13:31 GMT

GET
H2 200 4194078042-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ 134 KB
46 KB 78ms
17ms Script
text/javascript 2607:f8b0:4004:c21::bf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/4194078042-indie_compiled.js

Requested by

Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdj498.blogspot.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 15:37:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46778
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 22:54:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 27 Jul 2024 15:37:02 GMT

GET
H2 200 4118640461-widgets.js
www.blogger.com/static/v1/widgets/ 141 KB
51 KB 71ms
17ms Script
text/javascript 2607:f8b0:4004:c21::bf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/4118640461-widgets.js

Requested by

Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hdj498.blogspot.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 10:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51331
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 22:54:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 20 Jul 2025 10:21:29 GMT

GET
H2

200

click
my.link23456.com/
Redirect Chain

http://candymtch.site/
https://candymtch.site/
http://candymtch.site/
https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760
https://my.link23456.com/click?o=3720&a=1508&sub_id1=1022bc8ed335023f30c93245cd1ce4&sub_id3=DLO-8760_

26 KB
27 KB

861ms
369ms

Document
text/html

18.198.93.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://my.link23456.com/click?o=3720&a=1508&sub_id1=1022bc8ed335023f30c93245cd1ce4&sub_id3=DLO-8760_
Requested by: Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.93.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-93-216.eu-central-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

Referer: https://hdj498.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 21 Jul 2024 15:13:35 GMT
server: nginx/1.24.0

Redirect headers

Accept-CH: Sec-CH-UA-Model, Sec-CH-DPR, DPR
Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 297
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 21 Jul 2024 15:13:35 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://my.link23456.com/click?o=3720&a=1508&sub_id1=1022bc8ed335023f30c93245cd1ce4&sub_id3=DLO-8760_
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 1022bc8ed335023f30c93245cd1ce4
X-Request-Id: 4eb37201c1ac1c0d4abdc1cba10c5518

GET
H2 200 Primary Request / Show response
friends-with-benefits.com/lp/int-nak-btn/ 67 KB
12 KB 475ms
210ms Document
text/html 3.121.161.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Requested by: Host: my.link23456.com
URL: https://my.link23456.com/click?o=3720&a=1508&sub_id1=1022bc8ed335023f30c93245cd1ce4&sub_id3=DLO-8760_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.161.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-161-178.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ab94d1cfc1e09aea0544b4e83c73264459a84b005b41ecc5f98c4256b56bda76

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 21 Jul 2024 15:13:36 GMT
geo_city: New York
server: nginx
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 3 KB
707 B 69ms
34ms Stylesheet
text/css 2607:f8b0:4004:c1f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Raleway

Requested by

Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8681d699eb6d84c903820e0364ebe6cabf98150bb14c6659ecb2cf84a368f54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jul 2024 15:13:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jul 2024 15:13:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 67ms
33ms Stylesheet
text/css 2607:f8b0:4004:c1f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:200,300,400,400i,500,500i,600,600i,700,700i&display=swap

Requested by

Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09f046c81e362c55171995f532ff18d7a4c9e0796c176677e7d3d08a269da0ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jul 2024 15:13:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jul 2024 15:13:36 GMT

GET
H2 200 styles.074781273e726c700a9f359458196e04.css
cdn.friends-with-benefits.com/lp/assets/common/css/ 15 KB
4 KB 128ms
17ms Stylesheet
text/css 2600:1408:c400:9::17cd:69b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.friends-with-benefits.com/lp/assets/common/css/styles.074781273e726c700a9f359458196e04.css
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c6462ecb1c90c7dcb654105ea5056923af1e065f475876f9334f91002f169eb8

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 10:58:54 GMT
etag: W/"6686806e-3c97"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=440350
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721574816636_400219576_296349267_50_918_13_0_255";dur=1
content-length: 3461

GET
H2 200 tests.9d58efc456f03751102365e373d75df3.js Show response
cdn.friends-with-benefits.com/lp/assets/common/js/ 4 KB
2 KB 128ms
18ms Script
application/javascript 2600:1408:c400:9::17cd:69b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.friends-with-benefits.com/lp/assets/common/js/tests.9d58efc456f03751102365e373d75df3.js
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f69db08b2787c9a23a0717c41fa10fef18b3d3f551b9d025c65abd1f64fa4e64

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 11:00:34 GMT
etag: W/"668680d2-112e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=71721
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1721574816636_400219576_296349268_333_925_13_0_219";dur=1
content-length: 1525

GET
H2 200 normalize.5ba84126003571ea3236be78004763a2.css
cdn.friends-with-benefits.com/lp/assets/common/css/ 6 KB
2 KB 139ms
29ms Stylesheet
text/css 2600:1408:c400:9::17cd:69b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.friends-with-benefits.com/lp/assets/common/css/normalize.5ba84126003571ea3236be78004763a2.css
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 02f43997f9636af74fc2387245054f2e934ae4b62c5389833fb5b6cf2eeba6f5

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 11:00:31 GMT
etag: W/"668680cf-180b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=343331
server-timing: cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="1721574816618_400219576_296349265_1293_1008_13_17_255";dur=1
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1754

GET
H2 200 style.9857f23e220ae821032ac418210d0f04.css
cdn.friends-with-benefits.com/lp/assets/buttons/css/ 8 KB
2 KB 148ms
38ms Stylesheet
text/css 2600:1408:c400:9::17cd:69b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.friends-with-benefits.com/lp/assets/buttons/css/style.9857f23e220ae821032ac418210d0f04.css
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c9db2cc35e47bf8dd3945662608d104ca8d0a7a5d53129bdd48aa58f3e0e0d0f

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 10:58:54 GMT
etag: W/"6686806e-1e9d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=405388
server-timing: cdn-cache; desc=HIT, edge; dur=20, origin; dur=0, ak_p; desc="1721574816638_400219576_296349266_2233_745_13_0_255";dur=1
content-length: 1918

GET
H2 200 close.8c78db28b5a3f198d980d880fa39d3c1.png
cdn.friends-with-benefits.com/lp/assets/common/images/ 3 KB
3 KB 128ms
18ms Image
image/png 2600:1408:c400:9::17cd:69b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.friends-with-benefits.com/lp/assets/common/images/close.8c78db28b5a3f198d980d880fa39d3c1.png
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f090abfd9db1d2cecd4458aa419e6132809851c82b33aa4c11ee91a03abd80f2

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
last-modified: Thu, 04 Jul 2024 10:58:54 GMT
etag: "6686806e-af1"
geo_city: Elyria
content-type: image/png
cache-control: max-age=2204799
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1721574816637_400219576_296349271_250_772_13_0_182";dur=1
accept-ranges: bytes
content-length: 2801

GET
H2 200 88IotQniKSbX4HOZoDy3yahEzRFypVk89XFakynP.webp
lpimg.friends-with-benefits.com/domain/ 5 KB
5 KB 192ms
17ms Image
image/webp 2600:1408:c400:9::17cd:69b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpimg.friends-with-benefits.com/domain/88IotQniKSbX4HOZoDy3yahEzRFypVk89XFakynP.webp
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b2 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 81e6e6f544a2db83e611873b2b77745a20cb021929bbe2d6808ec08dfa6f16ce

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
last-modified: Thu, 10 Nov 2022 06:42:48 GMT
x-amz-request-id: 9PNH30CEC8SNEANN
etag: "7ffb7980ecb4a41cfa9639c8466e9aef"
content-type: image/webp
cache-control: max-age=6860901
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721574816676_400219570_470785419_45_922_13_27_219";dur=1
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 4840
x-amz-id-2: 1V9mF4WCAoUpKvsbd/a+qDWH3A/rr551ltDBnctm9JTyt1QF+RbwFfH4IWC6DQY4wMvJdEfSvXY=

GET
H2 200 common.e75f6cb49ca52e4d03896beea90dfe08.js Show response
cdn.friends-with-benefits.com/lp/assets/common/js/ 20 KB
6 KB 15ms
15ms Script
application/javascript 2600:1408:c400:9::17cd:69b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.friends-with-benefits.com/lp/assets/common/js/common.e75f6cb49ca52e4d03896beea90dfe08.js
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 539b06bdc9c549a88fec7674b8b03e264f829756d6f76ef3b441d410d4b0816a

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 11:00:34 GMT
etag: W/"668680d2-5130"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=473527
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721574816657_400219576_296349281_48_989_13_0_182";dur=1
content-length: 5803

GET
H2 200 landing.e5b8664288da17b85dbbbece140918e1.js Show response
cdn.friends-with-benefits.com/lp/assets/common/js/ 37 KB
10 KB 21ms
19ms Script
application/javascript 2600:1408:c400:9::17cd:69b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.friends-with-benefits.com/lp/assets/common/js/landing.e5b8664288da17b85dbbbece140918e1.js
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 07adf31b99cf37d1cbc1c21dbf1b885a71365790bacef7dd00c8ab0c6cff5f41

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 10:58:57 GMT
etag: W/"66868071-935a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=145393
server-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1721574816660_400219576_296349282_274_951_13_0_182";dur=1
content-length: 10338

GET
H2 200 974a8748c4.js Show response
kit.fontawesome.com/ 13 KB
5 KB 80ms
54ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/974a8748c4.js
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a859243e16f4b34b1b9a8fd6195e5f28f4ea6381d82d8c9e31468f4a1eaab9cb

Request headers

Referer: https://friends-with-benefits.com/
Origin: https://friends-with-benefits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8a6c22cc4f96c35a-EWR
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F-K86uFrL__pNzUAMAEB

GET
H2 200 script.205b43770a3985e1ff9387dbfa681845.js Show response
cdn.friends-with-benefits.com/lp/assets/buttons/js/ 11 KB
3 KB 38ms
38ms Script
application/javascript 2600:1408:c400:9::17cd:69b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.friends-with-benefits.com/lp/assets/buttons/js/script.205b43770a3985e1ff9387dbfa681845.js
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6cc95456945cebcd27216c692dafb23e15a9206461b691f40798a94c7369768c

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 10:58:56 GMT
etag: W/"66868070-2b82"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=170006
server-timing: cdn-cache; desc=HIT, edge; dur=20, origin; dur=0, ak_p; desc="1721574816662_400219576_296349284_2022_852_13_0_182";dur=1
content-length: 2873

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 274 KB
95 KB 72ms
26ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGJSH9M

Requested by

Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

212ed6606fce6f02ad3057a40a69f09afff4cb15a433402684144ea7bd1e408d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96762
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jul 2024 15:13:36 GMT

GET
H2 200 e5EDaHIMh4sw8te5crdghlEd2kYmg5VYmnb2jsQ4.webp
lpimg.friends-with-benefits.com/template/ 63 KB
63 KB 54ms
30ms Image
image/webp 2600:1408:c400:9::17cd:69b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpimg.friends-with-benefits.com/template/e5EDaHIMh4sw8te5crdghlEd2kYmg5VYmnb2jsQ4.webp
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b2 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b1c9b96ac1e10e64f9a3b319298da97293681977c737ebe4cebfd5eb8507b855

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
last-modified: Wed, 26 Oct 2022 09:07:32 GMT
x-amz-request-id: J5CZTTCRV37F1R40
etag: "2078eac294445c7b8c09a52b2053f47b"
x-amz-server-side-encryption: AES256
content-type: image/webp
cache-control: max-age=7545059
server-timing: cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, ak_p; desc="1721574816703_400219570_470785420_1520_924_13_0_219";dur=1
accept-ranges: bytes
content-length: 64072
x-amz-id-2: 2UMKmwvS1Ng/TnK6YQVbPCETFqzDlXeXRosPr62xqGw40PLI1CMNs8nGK0uy5SGbk8L/3o+47Ik=

GET
H2 200 background.fd3a8456cceb346c0891c03198a60c38.webp
cdn.friends-with-benefits.com/lp/assets/buttons/images/ 2 KB
2 KB 29ms
27ms Image
image/webp 2600:1408:c400:9::17cd:69b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.friends-with-benefits.com/lp/assets/buttons/images/background.fd3a8456cceb346c0891c03198a60c38.webp
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b61e7fe807b13187a9ada0e9547662d4909a895e64fb46dd7c059a91a4afc6a5

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
last-modified: Thu, 04 Jul 2024 11:00:31 GMT
etag: "668680cf-730"
geo_city: Southington
content-type: image/webp
cache-control: max-age=2030050
server-timing: cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="1721574816681_400219576_296349303_1309_1170_13_0_219";dur=1
accept-ranges: bytes
content-length: 1840

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 49ms
16ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,400i,500,500i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://friends-with-benefits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 07:55:38 GMT
x-content-type-options: nosniff
age: 26278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Jul 2025 07:55:38 GMT

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 44ms
28ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=974a8748c4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/974a8748c4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
via: 1.1 22068bada9db7a55ac57b9824fe6f9b4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: YUL62-C2
age: 11230817
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9R5lY94NJbv0s%2BwUknmD2zwf%2BNESCPccWVXMS6Z2jkPgns8UU%2FdgLIr3wdj2pf28747LzQ3DZ7FRm6QOwWuMuVel6UoHNrxTmq1BhTRun5vELNUy9FsUbG1uY6%2BrX9fvKdSIWQxea%2FyG2Or2%2Bpksuit9lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a6c22ccbc2e42e0-EWR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: YaBi_-wM8292qW5wAupI3UxavBYNH1Y_L6kkcATMjqwlxdznW_Q7fQ==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 36ms
20ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=974a8748c4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/974a8748c4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
via: 1.1 14b9e21ac67dd643dc9e782cb20c49a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK50-P8
age: 11217090
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTAO0WxNpqWqvN30hiCPyYKDmsDhWngw3NdJQXBMA%2BElRjdaigJXhX0NEbUtxlIPWHorXI7KT43BxWMPe0ur3N1%2Fhs9yBu2I35LdyIdBWbzVjpSUFpHMXJz4PD1I2DLQmA8IovT2RykQxgNJkyGKPQ8r2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a6c22ccbc3142e0-EWR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: _YaUjs6kffVptXAUphBkcWBO6EkMyWcTGu-WhZOWFjQu_YAr4XvVUA==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 35ms
20ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=974a8748c4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/974a8748c4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
via: 1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK50-P8
age: 11226591
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2KN2hB86K5Ys%2BszMxs93b6phsrGiFaSmc5FaFUW8GeyWovbIvFKZedj2El4HwnBduw2Cj0mIVQb9Ob7459KuVqS0C8avIvu0yeQ2ZgAtBbFWo0DXIw1%2Bk%2F0w44hN%2BK1awPkWip%2FjdU%2BipW%2BMQgSSZM7zFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a6c22ccbc3042e0-EWR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: JqZzToaU7kmw3t1o2ooaC9UZWOerDJx3pCJK5JNS8q-JvhUYBSL0GQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
89 KB 26ms
25ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EN5YHWKKJL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJSH9M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73fc865d857bce8328ce641deadc4d6faec0f7bf59d1e5ad9181390d2c0d622a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90943
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jul 2024 15:13:36 GMT

GET
H2 200 myzbm75krd Show response
www.clarity.ms/tag/ 1005 B
1 KB 1334ms
70ms Script
application/x-javascript 2620:1ec:bdf::38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/myzbm75krd
Requested by: Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 08e58ebcdc19cc74cb3a1c09dbf833e4a06e600495399c4d3c62a56c0c661d83

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Sun, 21 Jul 2024 15:13:38 GMT
x-azure-ref: 20240721T151338Z-15b94bb6ff9l2slhr3ee6x866g0000000fmg00000000az14
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1005
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 18 KB
7 KB 157ms
115ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=921607&u=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fint-nak-btn%2F%3Fadd%3DBckBtn%26s1%3Dtremfwb_us%26s2%3D1508%26s3%3DDLO-8760_%26tracking_id%3D739cc83c252c17abe1738be1020df0a9&vn=2.1&x=true
Requested by: Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv2 /
Resource Hash: 377aae52a5574f2ba287101e6760b79eba3431c8dd93eb6b18a3833b844f1e9b

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
via: 1.1 google
server: gnv2
etag: W/"1721493096_EA"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://friends-with-benefits.com
cache-control: public, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 worker-7dd77bacd9f634c3a457558f6e7a9664br.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 258 KB
63 KB 110ms
97ms XHR
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/worker-7dd77bacd9f634c3a457558f6e7a9664br.js
Requested by: Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv2 /
Resource Hash: 995a30c618b3b3a3a379460039d9c949556eeaf26c470baeb39fcdd3d12923db

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 20 Jul 2024 16:31:24 GMT
server: gnv2
etag: "669be65c-fa7b"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64123

GET
H3 200 va_gq-44f2640fa93a9e159daaad5254e9d9c2br.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 265 KB
69 KB 35ms
23ms XHR
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-44f2640fa93a9e159daaad5254e9d9c2br.js
Requested by: Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv2 /
Resource Hash: 67bb2be6fdd9cf5ab7213b0611e0a9a59a2239509d3a61a2137ce51ac1df763b

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 20 Jul 2024 16:31:24 GMT
server: gnv2
etag: "669be65c-11202"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70146

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/eu01/ 35 B
146 B 87ms
86ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=921607&d=friends-with-benefits.com&u=D06EDD15108E355B050B96B5AED675D64&h=07d9298dac64421e788afe32f332118a&t=false

Requested by

Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gbel2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gbel2c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/eu01/ 35 B
53 B 88ms
88ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/eu01/s.gif?account_id=921607&u=D06EDD15108E355B050B96B5AED675D64&s=1721574816&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1721574817122%2C%22tO%22%3A10%2C%22tz%22%3A%22Pacific%2FHonolulu%22%7D&cu=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fint-nak-btn%2F%3Fadd%3DBckBtn%26s1%3Dtremfwb_us%26s2%3D1508%26s3%3DDLO-8760_%26tracking_id%3D739cc83c252c17abe1738be1020df0a9&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1721574816135&v=d06c05a4b

Requested by

Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gbel2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 15:13:36 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gbel2c
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
BLOB 200
OK 1b113f3d-0b0c-44b9-8de1-65f22c9e07a3
https://friends-with-benefits.com/ 259 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://friends-with-benefits.com/1b113f3d-0b0c-44b9-8de1-65f22c9e07a3
Requested by: Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=739cc83c252c17abe1738be1020df0a9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f5e94811080c04f09cacb2c61db320f8aa8dcde01d45f086ef72c8af58aa0c1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 265273
Content-Type: application/javascript

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 22ms
21ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=921607&settings_type=1&vn=&eventArch=1&uuid=&ec=1187749&exc=3|6
Requested by: Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv2 /
Resource Hash: 7df378f475bf1ded9b563b607c6c5f91e20cabaa1f8e93d480af98cdf9499aa8

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:36 GMT
content-encoding: gzip
via: 1.1 google
server: gnv2
etag: W/"1721493096_EA"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET collect
friends-with-benefits.com/gtm-server/g/ 0
0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 19ms
19ms Script
application/javascript 2620:1ec:bdf::38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/myzbm75krd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:38 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240721T151338Z-15b94bb6ff9l2slhr3ee6x866g0000000fmg00000000az17
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 19a40f54-801e-0015-1438-d83968000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 nc-a9dbfbedffc9ab437cee43af0b53c5babr.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 9 KB
3 KB 25ms
25ms XHR
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/nc-a9dbfbedffc9ab437cee43af0b53c5babr.js
Requested by: Host: hdj498.blogspot.com
URL: https://hdj498.blogspot.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv2 /
Resource Hash: f2b19452ba4fc065cbed1167581ad6c5bc3b2829befe782a46457ce5ca069f74

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:37 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 20 Jul 2024 16:31:24 GMT
server: gnv2
etag: "669be65c-cc3"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3267

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5AFE5604759942D8BEEFFE936F4D3E93&RedC=c.clarity.ms&MXFR=0CC94813EC7363A00D8F5CD0E8736D62
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AFE5604759942D8BEEFFE936F4D3E93&MUID=0D874E31073960D506B15AF2064B61C1

42 B
441 B

20ms
19ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AFE5604759942D8BEEFFE936F4D3E93&MUID=0D874E31073960D506B15AF2064B61C1
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 15:13:37 GMT
last-modified: Tue, 25 Jun 2024 19:54:30 GMT
server: Microsoft-IIS/10.0
etag: "df9747e39c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 21 Jul 2024 15:13:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0970D435794F409CA8C3EBEA02103A6C Ref B: EWR30EDGE0806 Ref C: 2024-07-21T15:13:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AFE5604759942D8BEEFFE936F4D3E93&MUID=0D874E31073960D506B15AF2064B61C1
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 RigKaMrHtxwKlB7SdbMsS1bttfrEqeOVlCx3hXy2.webp
lpimg.friends-with-benefits.com/domain/ 3 KB
4 KB 20ms
19ms Other
image/webp 2600:1408:c400:9::17cd:69b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lpimg.friends-with-benefits.com/domain/RigKaMrHtxwKlB7SdbMsS1bttfrEqeOVlCx3hXy2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b2 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d215eca5df1a2b7edbe6e37b39337a7da33e012000c357be39c3806abd03c048

Request headers

Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 15:13:38 GMT
last-modified: Thu, 10 Nov 2022 06:42:48 GMT
x-amz-request-id: VQ9EH6CEQ7VKQVAN
etag: "e45933ca76ee03645f55c6de6410bdca"
content-type: image/webp
cache-control: max-age=5403095
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1721574818215_400219570_470785970_246_1412_20_0_219";dur=1
accept-ranges: bytes
content-length: 3306
x-amz-id-2: SYWd8IxRUyoAGPPmXjXUmkAlpTHEhmqt8j3AahOvU8t8EVt0hyLzKKqxoIqiT7Ogvk5Sul0UxTc=

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
289 B 120ms
54ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://friends-with-benefits.com
Date: Sun, 21 Jul 2024 15:13:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
289 B 23ms
21ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://friends-with-benefits.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://friends-with-benefits.com
Date: Sun, 21 Jul 2024 15:13:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: friends-with-benefits.com
URL: https://friends-with-benefits.com/gtm-server/g/collect?v=2&tid=G-EN5YHWKKJL&gtm=45je47h0v9115575705z879004183za200zb79004183&_p=1721574816542&gcs=G100&gcd=13p3p3p3p7&npa=1&dma_cps=-&dma=0&tag_exp=0&gtm_up=1&cid=1676045979.1721574817&ecid=1106500446&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1323814105.1721574817&sst.gcd=13p3p3p3p7&sst.adr=1&sst.tft=1721574816542&sst.ude=0&_s=1&sid=1721574816&sct=1&seg=0&dl=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fint-nak-btn%2F%3Fadd%3DBckBtn%26s1%3Dtremfwb_us%26s2%3D1508%26s3%3DDLO-8760_%26tracking_id%3D739cc83c252c17abe1738be1020df0a9&dt=Friends-with-benefits&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.ga4_id=G-EN5YHWKKJL&tfd=1341&richsstsse

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trk.securedconfirm.com/	1970-01-20 22:57:33	Name: enc_aff_session_9226 Value: ENC03ec7c0d166c928685ff78badf1b06caa7f25730a75f1d78ca53acdffb4d8371e5180100004163b309611f7951ac53e70817f62cd1f71c94293c508b19a03d04a9c1fa6ddbed134c4b0f1891b21a86f6d8d1d1be6f7654000261574d83e26d6626cf1887e44a560c8bac7481f3b326f427378a811176928b6e335898a44f20f1fb13ea7635
trk.securedconfirm.com/	1970-01-21 07:48:54	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
my.link23456.com/	1970-01-20 22:56:06	Name: U-532b81fa223a1b1ec74139a5b8151d12 Value: unique
my.link23456.com/	1970-01-21 00:22:30	Name: o_532b81fa223a1b1ec74139a5b8151d12 Value: a2e89b6e-d64c-4e4f-88a4-5cee6c32ade0
friends-with-benefits.com/	1970-01-20 22:22:59	Name: AWSALB Value: sDAXkWWvlwmmnZbetYPXJUAt5YwjjfjVAdydvqCAZUA9uIVJO9k/mrcrzzR6JkvGCu766xfY7XcFs8nAKgwjB7DoYR74FaZv2tmWXZKCnJZdpliawVKsKLSXeHGi
friends-with-benefits.com/	1970-01-20 22:22:59	Name: AWSALBCORS Value: sDAXkWWvlwmmnZbetYPXJUAt5YwjjfjVAdydvqCAZUA9uIVJO9k/mrcrzzR6JkvGCu766xfY7XcFs8nAKgwjB7DoYR74FaZv2tmWXZKCnJZdpliawVKsKLSXeHGi
.friends-with-benefits.com/	1970-01-21 06:59:57	Name: _vwo_uuid_v2 Value: D06EDD15108E355B050B96B5AED675D64\|07d9298dac64421e788afe32f332118a
.friends-with-benefits.com/	1970-01-21 07:48:54	Name: _vwo_uuid Value: D06EDD15108E355B050B96B5AED675D64
.friends-with-benefits.com/	1970-01-21 00:22:30	Name: _vwo_ds Value: 3%241721574816%3A10.24599525%3A%3A
.friends-with-benefits.com/	1970-01-20 22:12:56	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
.friends-with-benefits.com/	1970-01-21 00:36:54	Name: _vis_opt_s Value: 1%7C
.friends-with-benefits.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
www.clarity.ms/	1970-01-21 06:58:30	Name: CLID Value: 4577a6a7eb0b4b02adc98c2da3896366.20240721.20250721
.friends-with-benefits.com/	1970-01-21 06:58:30	Name: _clck Value: 1nryln%7C2%7Cfnn%7C0%7C1663
.bing.com/	1970-01-21 07:34:30	Name: MUID Value: 0D874E31073960D506B15AF2064B61C1
.c.bing.com/	1970-01-20 22:22:59	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:34:30	Name: SRM_B Value: 0D874E31073960D506B15AF2064B61C1
.friends-with-benefits.com/	1970-01-20 22:14:21	Name: _clsk Value: kqvcum%7C1721574818402%7C1%7C1%7Ct.clarity.ms%2Fcollect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:34:30	Name: MUID Value: 0D874E31073960D506B15AF2064B61C1
.c.clarity.ms/	1970-01-20 22:22:59	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:12:55	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
candymtch.site
cdn.friends-with-benefits.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
friends-with-benefits.com
hdj498.blogspot.ae
hdj498.blogspot.com
ka-f.fontawesome.com
kit.fontawesome.com
lpimg.friends-with-benefits.com
my.link23456.com
resources.blogblog.com
t.clarity.ms
trk.securedconfirm.com
www.blogger.com
www.clarity.ms
www.googletagmanager.com
www.gstatic.com
friends-with-benefits.com
162.255.119.48
18.198.93.216
20.110.205.119
20.114.189.70
2600:1408:c400:9::17cd:69b2
2600:1408:c400:9::17cd:69b8
2606:4700:3030::ac43:8b77
2606:4700:4400::6812:2844
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1f::5f
2607:f8b0:4004:c21::bf
2607:f8b0:400d:c01::61
2607:f8b0:400d:c09::84
2620:1ec:bdf::38
2620:1ec:c11::237
3.121.161.178
34.96.102.137
52.206.218.219
02f43997f9636af74fc2387245054f2e934ae4b62c5389833fb5b6cf2eeba6f5
07adf31b99cf37d1cbc1c21dbf1b885a71365790bacef7dd00c8ab0c6cff5f41
08e58ebcdc19cc74cb3a1c09dbf833e4a06e600495399c4d3c62a56c0c661d83
09f046c81e362c55171995f532ff18d7a4c9e0796c176677e7d3d08a269da0ca
212ed6606fce6f02ad3057a40a69f09afff4cb15a433402684144ea7bd1e408d
377aae52a5574f2ba287101e6760b79eba3431c8dd93eb6b18a3833b844f1e9b
539b06bdc9c549a88fec7674b8b03e264f829756d6f76ef3b441d410d4b0816a
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
67bb2be6fdd9cf5ab7213b0611e0a9a59a2239509d3a61a2137ce51ac1df763b
6cc95456945cebcd27216c692dafb23e15a9206461b691f40798a94c7369768c
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
73fc865d857bce8328ce641deadc4d6faec0f7bf59d1e5ad9181390d2c0d622a
7df378f475bf1ded9b563b607c6c5f91e20cabaa1f8e93d480af98cdf9499aa8
7f5e94811080c04f09cacb2c61db320f8aa8dcde01d45f086ef72c8af58aa0c1
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
81e6e6f544a2db83e611873b2b77745a20cb021929bbe2d6808ec08dfa6f16ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8681d699eb6d84c903820e0364ebe6cabf98150bb14c6659ecb2cf84a368f54e
995a30c618b3b3a3a379460039d9c949556eeaf26c470baeb39fcdd3d12923db
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a859243e16f4b34b1b9a8fd6195e5f28f4ea6381d82d8c9e31468f4a1eaab9cb
ab94d1cfc1e09aea0544b4e83c73264459a84b005b41ecc5f98c4256b56bda76
b1c9b96ac1e10e64f9a3b319298da97293681977c737ebe4cebfd5eb8507b855
b61e7fe807b13187a9ada0e9547662d4909a895e64fb46dd7c059a91a4afc6a5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c6462ecb1c90c7dcb654105ea5056923af1e065f475876f9334f91002f169eb8
c9db2cc35e47bf8dd3945662608d104ca8d0a7a5d53129bdd48aa58f3e0e0d0f
d215eca5df1a2b7edbe6e37b39337a7da33e012000c357be39c3806abd03c048
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f090abfd9db1d2cecd4458aa419e6132809851c82b33aa4c11ee91a03abd80f2
f2b19452ba4fc065cbed1167581ad6c5bc3b2829befe782a46457ce5ca069f74
f69db08b2787c9a23a0717c41fa10fef18b3d3f551b9d025c65abd1f64fa4e64
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

friends-with-benefits.com Open in urlscan Pro 3.121.161.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

93 %HTTPS

63 %IPv6

15 Domains

21 Subdomains

17 IPs

2 Countries

674 kBTransfer

2178 kBSize

22 Cookies

9 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

friends-with-benefits.com Open in urlscan Pro
3.121.161.178 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

63 %
IPv6

15
Domains

21
Subdomains

17
IPs

2
Countries

674 kB
Transfer

2178 kB
Size

22
Cookies

41 HTTP transactions
0 data transactions