urlscan.io logo urlscan.io
SecurityTrails logo

friends-with-benefits.com Open in urlscan Pro
35.158.45.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ndi8m.blogspot.com/
Effective URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee...
Submission: On July 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 39 HTTP transactions. The main IP is 35.158.45.94, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is friends-with-benefits.com. The Cisco Umbrella rank of the primary domain is 743681.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 29th 2023. Valid for: a year.
This is the only time friends-with-benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 162.255.119.48 22612 (NAMECHEAP...)
1 1 52.206.218.219 14618 (AMAZON-AES)
1 18.198.93.216 16509 (AMAZON-02)
2 35.158.45.94 16509 (AMAZON-02)
12 2600:1408:ec0... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
7 34.96.102.137 396982 (GOOGLE-CL...)
2 23.96.124.68 8075 (MICROSOFT...)
39 14
1    2607:f8b0:400d:c00::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
ndi8m.blogspot.com
1    2607:f8b0:400d:c02::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:400d:c00::bf (Morganton, United States)

ASN15169 (GOOGLE, US)
resources.blogblog.com
www.blogger.com
1    162.255.119.48 (United States)

ASN22612 (NAMECHEAP-NET, US)
candymtch.site
1    52.206.218.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-218-219.compute-1.amazonaws.com
trk.securedconfirm.com
1    18.198.93.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-93-216.eu-central-1.compute.amazonaws.com
my.link23456.com
2    35.158.45.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-45-94.eu-central-1.compute.amazonaws.com
friends-with-benefits.com
12    2600:1408:ec00:17::17d7:91 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.friends-with-benefits.com
2    2607:f8b0:400d:c09::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:1408:c400:25::17da:d9b7 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
lpimg.friends-with-benefits.com
1    2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2620:1ec:29:1::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
7    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    23.96.124.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.clarity.ms
Apex Domain
Subdomains		 Transfer
17 friends-with-benefits.com
friends-with-benefits.com — Cisco Umbrella Rank: 743681
cdn.friends-with-benefits.com
lpimg.friends-with-benefits.com
400 KB
7 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988
144 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
s.clarity.ms — Cisco Umbrella Rank: 8495
28 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
184 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
37 KB
1 link23456.com
my.link23456.com
27 KB
1 securedconfirm.com
trk.securedconfirm.com
2 KB
1 candymtch.site
candymtch.site
278 B
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9911
51 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 24546
46 KB
1 blogspot.com
ndi8m.blogspot.com
14 KB
39 12
Domain Requested by
12 cdn.friends-with-benefits.com friends-with-benefits.com
7 dev.visualwebsiteoptimizer.com ndi8m.blogspot.com
friends-with-benefits.com
3 lpimg.friends-with-benefits.com friends-with-benefits.com
2 s.clarity.ms www.clarity.ms
2 www.clarity.ms ndi8m.blogspot.com
www.clarity.ms
2 www.googletagmanager.com friends-with-benefits.com
www.googletagmanager.com
2 fonts.googleapis.com friends-with-benefits.com
2 friends-with-benefits.com my.link23456.com
www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 my.link23456.com ndi8m.blogspot.com
1 trk.securedconfirm.com 1 redirects
1 candymtch.site 1 redirects
1 www.blogger.com ndi8m.blogspot.com
1 resources.blogblog.com ndi8m.blogspot.com
1 www.gstatic.com ndi8m.blogspot.com
1 ndi8m.blogspot.com
39 16

This site contains links to these domains. Also see Links.

Domain
policies.google.com
privacy.microsoft.com
help.twitter.com
stripcash.com
www.awempire.com
Subject Issuer Validity Valid
misc-sni.blogspot.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.blogger.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
ph.guardlnkcaptcha.com
Amazon RSA 2048 M02		 2024-02-14 -
2025-03-15		 a year crt.sh
friends-with-benefits.com
Amazon RSA 2048 M02		 2023-11-29 -
2024-12-27		 a year crt.sh
cdn.friends-with-benefits.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
lpimg.friends-with-benefits.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Frame ID: 72E43FC981DBAFF79A6DBC2BAFFF10B0
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Friends-with-benefits

Page URL History Show full URLs

  1. https://ndi8m.blogspot.com/ Page URL
  2. http://candymtch.site/ HTTP 307
    https://candymtch.site/ HTTP 307
    http://candymtch.site/ HTTP 302
    https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760 HTTP 302
    https://my.link23456.com/click?o=3720&a=1508&sub_id1=102b0b48ee96b2742ac2bb81c8cec4&sub_id3=DLO-8760_ Page URL
  3. https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracki... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

97 %
HTTPS

60 %
IPv6

12
Domains

16
Subdomains

14
IPs

2
Countries

932 kB
Transfer

2361 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ndi8m.blogspot.com/ Page URL
  2. http://candymtch.site/ HTTP 307
    https://candymtch.site/ HTTP 307
    http://candymtch.site/ HTTP 302
    https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760 HTTP 302
    https://my.link23456.com/click?o=3720&a=1508&sub_id1=102b0b48ee96b2742ac2bb81c8cec4&sub_id3=DLO-8760_ Page URL
  3. https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://candymtch.site/ HTTP 307
  • https://candymtch.site/ HTTP 307
  • http://candymtch.site/ HTTP 302
  • https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760 HTTP 302
  • https://my.link23456.com/click?o=3720&a=1508&sub_id1=102b0b48ee96b2742ac2bb81c8cec4&sub_id3=DLO-8760_

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ndi8m.blogspot.com/ 		62 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ndi8m.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
13758
content-type
text/html; charset=UTF-8
date
Tue, 23 Jul 2024 07:01:40 GMT
etag
W/"099eaf7c0de7aea97ffbda2758d712ccc7600ff68d0f4310573fab3d353c7d50"
expires
Tue, 23 Jul 2024 07:01:40 GMT
last-modified
Wed, 13 Mar 2024 10:19:09 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ndi8m.blogspot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3475
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 23 Jul 2024 07:01:40 GMT
4194078042-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/4194078042-indie_compiled.js
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::bf Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ndi8m.blogspot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 12:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46778
x-xss-protection
0
last-modified
Tue, 16 Jul 2024 22:54:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 28 Jul 2024 12:03:57 GMT
4118640461-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/4118640461-widgets.js
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::bf Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ndi8m.blogspot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51331
x-xss-protection
0
last-modified
Tue, 16 Jul 2024 22:54:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 21 Jul 2025 01:22:36 GMT
click
my.link23456.com/
Redirect Chain
  • http://candymtch.site/
  • https://candymtch.site/
  • http://candymtch.site/
  • https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760
  • https://my.link23456.com/click?o=3720&a=1508&sub_id1=102b0b48ee96b2742ac2bb81c8cec4&sub_id3=DLO-8760_
26 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.link23456.com/click?o=3720&a=1508&sub_id1=102b0b48ee96b2742ac2bb81c8cec4&sub_id3=DLO-8760_
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.93.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-93-216.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash

Request headers

Referer
https://ndi8m.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 23 Jul 2024 07:01:44 GMT
server
nginx/1.24.0

Redirect headers

Accept-CH
Sec-CH-UA-Model, Sec-CH-DPR, DPR
Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 23 Jul 2024 07:01:43 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://my.link23456.com/click?o=3720&a=1508&sub_id1=102b0b48ee96b2742ac2bb81c8cec4&sub_id3=DLO-8760_
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102b0b48ee96b2742ac2bb81c8cec4
X-Request-Id
81e9f87703b914f29c277f8257260a1b
Primary Request /
friends-with-benefits.com/lp/pre-jar-int-nak-btn/ 		42 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Requested by
Host: my.link23456.com
URL: https://my.link23456.com/click?o=3720&a=1508&sub_id1=102b0b48ee96b2742ac2bb81c8cec4&sub_id3=DLO-8760_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.158.45.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-45-94.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7f9dc076e5577335f3378b0613c36ac507013aca45a11b028ee1c829f0cbd458

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jul 2024 07:01:45 GMT
geo_city
New York
server
nginx
vary
Accept-Encoding
jquery.min.397754ba49e9e0cf4e7c190da78dda05.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/jquery.min.397754ba49e9e0cf4e7c190da78dda05.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:31 GMT
etag
W/"668680cf-169d5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=361575
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105534_399898257_427088432_13_502_13_0_219";dur=1
content-length
32772
css
fonts.googleapis.com/ 		3 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald|Raleway
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8681d699eb6d84c903820e0364ebe6cabf98150bb14c6659ecb2cf84a368f54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jul 2024 07:01:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jul 2024 07:01:45 GMT
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,400i,500,500i,600,600i,700,700i&display=swap
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09f046c81e362c55171995f532ff18d7a4c9e0796c176677e7d3d08a269da0ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jul 2024 05:09:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jul 2024 07:01:45 GMT
styles.074781273e726c700a9f359458196e04.css
cdn.friends-with-benefits.com/lp/assets/common/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/css/styles.074781273e726c700a9f359458196e04.css
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c6462ecb1c90c7dcb654105ea5056923af1e065f475876f9334f91002f169eb8

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 10:58:54 GMT
etag
W/"6686806e-3c97"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=297016
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105534_399898257_427088431_11_525_13_111_255";dur=1
content-length
3461
tests.9d58efc456f03751102365e373d75df3.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/tests.9d58efc456f03751102365e373d75df3.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f69db08b2787c9a23a0717c41fa10fef18b3d3f551b9d025c65abd1f64fa4e64

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:34 GMT
etag
W/"668680d2-112e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=524738
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105534_399898257_427088433_12_529_13_0_219";dur=1
content-length
1525
style.8933a3397c7af8ba9899ffaa5718be4c.css
cdn.friends-with-benefits.com/lp/assets/prelanding/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/css/style.8933a3397c7af8ba9899ffaa5718be4c.css
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
749a20ef4dc934f607705f66f3d848553cbc11f20611a5868ba71564b1ef38dd

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 10:58:54 GMT
etag
W/"6686806e-1cf9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=580026
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105410_399898257_427088430_14_521_13_111_255";dur=1
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1977
close.8c78db28b5a3f198d980d880fa39d3c1.png
cdn.friends-with-benefits.com/lp/assets/common/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/images/close.8c78db28b5a3f198d980d880fa39d3c1.png
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f090abfd9db1d2cecd4458aa419e6132809851c82b33aa4c11ee91a03abd80f2

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
last-modified
Tue, 04 Jun 2024 13:08:03 GMT
etag
"665f11b3-af1"
geo_city
Boydton
content-type
image/png
cache-control
max-age=1292762
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105535_399898257_427088434_22_372_13_0_182";dur=1
accept-ranges
bytes
content-length
2801
radar-scanner.78b803a76793d8269b3c25b9e138f987.gif
cdn.friends-with-benefits.com/lp/assets/prelanding/images/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/images/radar-scanner.78b803a76793d8269b3c25b9e138f987.gif
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c7019cba2004ebe060ca044a6de3c7013f0b8a46871b6cd4aad62200686fd317

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
last-modified
Sat, 29 Jun 2024 08:25:10 GMT
etag
"667fc4e6-1905f"
geo_city
Summerville
content-type
image/gif
cache-control
max-age=543060
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105535_399898257_427088435_24_335_13_0_182";dur=1
accept-ranges
bytes
content-length
102495
common.e75f6cb49ca52e4d03896beea90dfe08.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/common.e75f6cb49ca52e4d03896beea90dfe08.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
69be9d8f56dd602423287452cf499613dfb32dda7cbf12a0e9edcc23a41c85b7

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 10:58:56 GMT
etag
W/"66868070-4fdb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=457736
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105562_399898257_427088487_8_356_13_0_182";dur=1
content-length
5805
prelanding.ca918634e523cd632838925a2e57b422.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		2 KB
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/prelanding.ca918634e523cd632838925a2e57b422.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8bd590ce60c4462f9d9c9679d94b9f7b8a4688fd8df9506a4bdac498310c7fe7

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:34 GMT
etag
W/"668680d2-7b5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=254897
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105583_399898257_427088545_7_446_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
783
quic-version
0x00000001
loader.1e4843b51481a2e2237edb7251524bbb.js
cdn.friends-with-benefits.com/lp/assets/prelanding/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/js/loader.1e4843b51481a2e2237edb7251524bbb.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4564832033acb72c0883877783189fc55f157b146f35c8dfcb659a9250c2ca5f

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:50 GMT
etag
W/"668680e2-c78"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=413917
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105590_399898257_427088550_6_361_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1103
quic-version
0x00000001
gtm.js
www.googletagmanager.com/ 		274 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGJSH9M
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72d71cdac4f1555c6fa464a4f2824b71f4c23694b1340f437f9dad93de4edbd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96823
x-xss-protection
0
last-modified
Tue, 23 Jul 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jul 2024 07:01:45 GMT
OVx9x5uSrzvhakAGJfI2kJPrxviS1uiN9s5gTI2m.webp
lpimg.friends-with-benefits.com/template/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpimg.friends-with-benefits.com/template/OVx9x5uSrzvhakAGJfI2kJPrxviS1uiN9s5gTI2m.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:25::17da:d9b7 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
16f717b0b79cdb75671b229fbba962b4676e5ce9cf0c61ecccf50635564088f5

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
last-modified
Mon, 31 Oct 2022 08:52:17 GMT
x-amz-request-id
07G3N0PJTNW835RZ
etag
"34e88832a8f11c052bd6cb98f468540b"
content-type
image/webp
cache-control
max-age=4685503
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105726_400425399_34093161_99_1088_13_23_219";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
128046
x-amz-id-2
AT7SI2R+BD5RyOEghgDUd41HhKEhY+l/PpbkdG2TncayAHas2FdwIy2Vt1VEEYSFQgA75I+579A=
PwRQzXtIlD6D5j6bwIbtNApRTvTxuUQ1oSytRFz0.webp
lpimg.friends-with-benefits.com/template/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpimg.friends-with-benefits.com/template/PwRQzXtIlD6D5j6bwIbtNApRTvTxuUQ1oSytRFz0.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:25::17da:d9b7 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ff512665a0db3d5b9edbfdc6395c7fb812f1458c2ae2e93ddb426dcd2c2675f

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
last-modified
Mon, 31 Oct 2022 08:52:17 GMT
x-amz-request-id
045BYQ1RY8B8MKNR
etag
"0f297449fd0de6b7b3f23677185088b3"
content-type
image/webp
cache-control
max-age=4751863
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105752_400425399_34093162_77_1078_13_0_219";dur=1
accept-ranges
bytes
content-length
77812
x-amz-id-2
suedA1bfChE1N3xICVeTa1aSB4ATT/Htls/e7rbCrqRrAdiH9t8R4zOhfEOOiz9u9T2MTu/a7lg=
warning.123594de630aba4fb44d23e3c906166a.webp
cdn.friends-with-benefits.com/lp/assets/prelanding/images/ 		650 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/images/warning.123594de630aba4fb44d23e3c906166a.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
559a1ddfc2fd25a689d728d9d8b6433d6fe062b1f6af304b2d8b979c93b83d66

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
last-modified
Mon, 01 Jul 2024 06:41:57 GMT
etag
"66824fb5-28a"
geo_city
Annandale
content-type
image/webp
cache-control
max-age=757223
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105604_399898257_427088585_6_432_-_-_-";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
650
quic-version
0x00000001
sos.f86431f76723924286832e8461fae35b.webp
cdn.friends-with-benefits.com/lp/assets/prelanding/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/images/sos.f86431f76723924286832e8461fae35b.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
383772cf6f8abbac578f4e352709526e0e34ec807550d6bf388d4d7ac12909bd

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
last-modified
Fri, 28 Jun 2024 20:17:52 GMT
etag
"667f1a70-71e"
geo_city
Plympton-Wyoming
content-type
image/webp
cache-control
max-age=486109
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105605_399898257_427088586_6_421_-_-_-";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1822
quic-version
0x00000001
bgprofiles.8134f4273e1a8706fa281f7452d02e0e.webp
cdn.friends-with-benefits.com/lp/assets/prelanding/images/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/images/bgprofiles.8134f4273e1a8706fa281f7452d02e0e.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2600:1408:ec00:17::17d7:91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3bbffbf7cfdc47dba07b10e697b5a42da8f3aff2824bee2a0c39ea475c4fa63a

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
last-modified
Thu, 04 Jul 2024 10:58:54 GMT
etag
"6686806e-7e6e"
geo_city
Wilmington
content-type
image/webp
cache-control
max-age=1504097
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718105606_399898257_427088587_8_412_-_-_-";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
32366
quic-version
0x00000001
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,400i,500,500i,600,600i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://friends-with-benefits.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 02:11:38 GMT
x-content-type-options
nosniff
age
449407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Jul 2025 02:11:38 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EN5YHWKKJL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJSH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a009bb0633bd4aa46d8f79ce3557f87a93970713aa47bdb740325497bcd71332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90961
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jul 2024 07:01:45 GMT
myzbm75krd
www.clarity.ms/tag/ 		868 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/myzbm75krd
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2074523d879d5d9b3f924449abedc585a7dad2d5a766feca68a1322c5d24635

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Tue, 23 Jul 2024 07:01:45 GMT
x-azure-ref
20240723T070145Z-17f67b96dd5jq6rqtyk2f9fcgs0000000k8g000000003x8g
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
868
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
j.php
dev.visualwebsiteoptimizer.com/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=921607&u=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fpre-jar-int-nak-btn%2F%3Fadd%3DBckBtn%26s1%3Dtremfwb_us%26s2%3D1508%26s3%3DDLO-8760_%26tracking_id%3D711f140d6fb0ee51bce3efdb3529318b&vn=2.1&x=true
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2 /
Resource Hash
cf2b63d7225b083803f539636c4a1d35e9404a1b69ee754fe53f10ab0fe2f215

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
via
1.1 google
server
gnv2
etag
W/"1721659995_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://friends-with-benefits.com
cache-control
public, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
worker-c915ab823ebd563abf66a77e2c3deb39br.js
dev.visualwebsiteoptimizer.com/edrv/ 		258 KB
63 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/worker-c915ab823ebd563abf66a77e2c3deb39br.js
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2 /
Resource Hash
96dd3fd9e04ac5cb0210f57259834db79ab00b369a068c31139e984d880bb984

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 22 Jul 2024 14:52:59 GMT
server
gnv2
etag
"669e724b-fa31"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64049
va_gq-89d8d0d604c1769f3757e94bafcdb6babr.js
dev.visualwebsiteoptimizer.com/edrv/ 		265 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/va_gq-89d8d0d604c1769f3757e94bafcdb6babr.js
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2 /
Resource Hash
200ddaa7e651aad5bd3ab189ba1c4e5d5e1f708312b6aeaa6770fdff90c8d109

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:44 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 22 Jul 2024 14:53:00 GMT
server
gnv2
etag
"669e724c-11286"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70278
v.gif
dev.visualwebsiteoptimizer.com/eu01/ 		35 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=921607&d=friends-with-benefits.com&u=D1D409BD1111FD9E3308CA46CB5E80CEC&h=1a13ad468dda86c1c0b67fd5087c791e&t=false
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel2c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
via
1.1 google
x-content-type-options
nosniff
server
gbel2c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
clarity.js
www.clarity.ms/s/0.7.41/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/myzbm75krd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
br
last-modified
Sun, 21 Jul 2024 14:04:16 GMT
etag
W/"0x8DCA98E022AFB67"
vary
Accept-Encoding
x-azure-ref
20240723T070145Z-17f67b96dd5jq6rqtyk2f9fcgs0000000k8g000000003x8k
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d2e5d483-601e-0050-4080-dbec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
131e7d88-7e7f-4a7e-ab0d-c451625986d0
https://friends-with-benefits.com/ 		259 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://friends-with-benefits.com/131e7d88-7e7f-4a7e-ab0d-c451625986d0
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9b9142b8134bedb8b3f3a77909620f2b22cc9f16bb007a51b09eb8c0f00e67e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
265302
Content-Type
application/javascript
s.gif
dev.visualwebsiteoptimizer.com/eu01/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/eu01/s.gif?account_id=921607&u=D1D409BD1111FD9E3308CA46CB5E80CEC&s=1721718105&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1721718105970%2C%22tO%22%3A10%2C%22tz%22%3A%22Pacific%2FHonolulu%22%7D&cu=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fpre-jar-int-nak-btn%2F%3Fadd%3DBckBtn%26s1%3Dtremfwb_us%26s2%3D1508%26s3%3DDLO-8760_%26tracking_id%3D711f140d6fb0ee51bce3efdb3529318b&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1721718105984&v=ff5cfb64d
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jul 2024 07:01:46 GMT
via
1.1 google
x-content-type-options
nosniff
server
gbel1c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
collect
s.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends-with-benefits.com
Date
Tue, 23 Jul 2024 07:01:46 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
settings.js
dev.visualwebsiteoptimizer.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=921607&settings_type=1&vn=&eventArch=1&uuid=&ec=1187749&exc=3|6
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2 /
Resource Hash
8614c74786d8ff09c919c64ebeb01e98a01ba963aba1b66ec717e5274610cf4b

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:45 GMT
content-encoding
gzip
via
1.1 google
server
gnv2
etag
W/"1721659995_EA"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
nc-540af4cba28831db620b515dd2c40441br.js
dev.visualwebsiteoptimizer.com/edrv/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/nc-540af4cba28831db620b515dd2c40441br.js
Requested by
Host: ndi8m.blogspot.com
URL: https://ndi8m.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2 /
Resource Hash
4561f6053ad79d7d78d38d2563dc345fe5118965ef7aa32bb525ab1529e9c5d9

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:46 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 22 Jul 2024 14:53:00 GMT
server
gnv2
etag
"669e724c-cbc"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3260
RigKaMrHtxwKlB7SdbMsS1bttfrEqeOVlCx3hXy2.webp
lpimg.friends-with-benefits.com/domain/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lpimg.friends-with-benefits.com/domain/RigKaMrHtxwKlB7SdbMsS1bttfrEqeOVlCx3hXy2.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:25::17da:d9b7 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d215eca5df1a2b7edbe6e37b39337a7da33e012000c357be39c3806abd03c048

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:46 GMT
last-modified
Thu, 10 Nov 2022 06:42:48 GMT
x-amz-request-id
PGRQQRT6K6B0RZ6M
etag
"e45933ca76ee03645f55c6de6410bdca"
content-type
image/webp
cache-control
max-age=5209139
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721718106113_400425399_34093242_45_877_21_0_219";dur=1
accept-ranges
bytes
content-length
3306
x-amz-id-2
cpDuxa/U1GswM0SpsfO7X4ucx9+aoo12xpj7caopdq4qD0R/r36zD0YXdGBOuf206PTqEao/Eck=
collect
friends-with-benefits.com/gtm-server/g/ 		65 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://friends-with-benefits.com/gtm-server/g/collect?v=2&tid=G-EN5YHWKKJL&gtm=45je47h0v9115575705z879004183za200zb79004183&_p=1721718105304&gcs=G100&gcd=13p3p3p3p7&npa=1&dma_cps=-&dma=0&tag_exp=0&gtm_up=1&cid=1327405543.1721718106&ecid=1330301360&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=1069633919.1721718106&sst.gcd=13p3p3p3p7&sst.adr=1&sst.tft=1721718105304&sst.ude=0&_s=1&sid=1721718105&sct=1&seg=0&dl=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fpre-jar-int-nak-btn%2F%3Fadd%3DBckBtn%26s1%3Dtremfwb_us%26s2%3D1508%26s3%3DDLO-8760_%26tracking_id%3D711f140d6fb0ee51bce3efdb3529318b&dt=Friends-with-benefits&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.ga4_id=G-EN5YHWKKJL&tfd=1545&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EN5YHWKKJL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.158.45.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-45-94.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends-with-benefits.com/lp/pre-jar-int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=711f140d6fb0ee51bce3efdb3529318b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
s.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends-with-benefits.com
Date
Tue, 23 Jul 2024 07:01:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| detectAdBlock function| showAdblockPopupIfDetected function| loadScript function| scriptLoadError function| mainScriptLoadError function| sleep function| getHostnameWithProtocol function| $ function| jQuery function| _0x8312 function| _0x5b66 object| TESTS string| domain object| oauth_providers string| oauth_url string| finish_text object| email_autofill_domains string| homepage_uri boolean| show_cookie_box number| latitude number| longitude string| locale object| isTest string| redirectTo function| _0x54a8bb function| _0x32c6 function| _0x5a21 object| Cookie object| CookieBox object| Placeholder function| _0x1c26 function| _0xb7b6f7 function| _0x2067 function| addRedirectionEventToSubmitButtons function| _0x15d6 function| _0x1884 object| google_tag_manager object| google_tag_data function| clarity object| code object| _vwo_code number| _vwo_settings_timer object| _VWO string| _vwo_mt string| _vwo_cookieDomain string| _vwo_surveyAssetsBaseUrl object| VWO number| _vwo_acc_id object| vwo_iehack_queue object| VWOOmni string| _vwo_cdn_url number| _vwo_library_timer string| _vis_opt_lib object| mainThread function| JSONStringify object| _vwo_evq function| _vwo_ev object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vis_opt_queue object| fetcher function| _removeVwoGlobalStyle function| vwo_$ object| functionWrapper string| _vwo_server_url function| _vwo_s object| _vwo_exp string| _vwo_uuid function| _vis_opt_goal_conversion function| _vis_opt_register_conversion function| _vis_opt_revenue_conversion function| _vis_opt_createCookie function| _vis_opt_readCookie function| _vis_opt_element_loaded boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_surveySettings object| _vwo_exp_ids object| _vwo_pa boolean| vwo_libExecuted object| gaGlobal

14 Cookies

Domain/Path Name / Value
trk.securedconfirm.com/ Name: enc_aff_session_9226
Value: ENC0389db6acbde186c8bec496a2817723151ebc164c043f6b1623a2419daa429f946edc503e80ead8bf694ba75f7d63088647f773997eb5531dd5d9199c36d1c501951e9413ef39e95dd799c3a9b71ccbd4a989bf5b0d9ee2caffc34758f5141ebcdbdf03ebc234ea0c48391a83b7af9b85aa16e90d1e48f197b1f079620f08989d215db7eee
trk.securedconfirm.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
my.link23456.com/ Name: U-532b81fa223a1b1ec74139a5b8151d12
Value: unique
my.link23456.com/ Name: o_532b81fa223a1b1ec74139a5b8151d12
Value: aef83af6-5b6c-40f4-9cee-1832b728cde7
.friends-with-benefits.com/ Name: _vwo_uuid_v2
Value: D1D409BD1111FD9E3308CA46CB5E80CEC|1a13ad468dda86c1c0b67fd5087c791e
.friends-with-benefits.com/ Name: _clck
Value: 154c0db%7C2%7Cfnp%7C0%7C1665
.friends-with-benefits.com/ Name: _vwo_uuid
Value: D1D409BD1111FD9E3308CA46CB5E80CEC
.friends-with-benefits.com/ Name: _vwo_ds
Value: 3%241721718105%3A68.84244716%3A%3A
.friends-with-benefits.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.friends-with-benefits.com/ Name: _vis_opt_s
Value: 1%7C
.friends-with-benefits.com/ Name: _vis_opt_test_cookie
Value: 1
.friends-with-benefits.com/ Name: _clsk
Value: 1m7ejsc%7C1721718106234%7C1%7C1%7Cs.clarity.ms%2Fcollect
friends-with-benefits.com/ Name: AWSALB
Value: Es+Xde33mPMUSni/Fe26aDPgUI8pyExX9v1jWBdaEppen/7A+xIB18qykfNSYQkqhSXNUTqmARvZMHF3EAxo39PtxvPnG7Io2sGlMpeRbdudUaTHLuTPiKAx9REmVOB0u3PVOi8qINIO5C8VzEYoiJ97IoeyZXJwvwdH8bMWMZcYrGM1YJNJYCR9eNtJMA==
friends-with-benefits.com/ Name: AWSALBCORS
Value: Es+Xde33mPMUSni/Fe26aDPgUI8pyExX9v1jWBdaEppen/7A+xIB18qykfNSYQkqhSXNUTqmARvZMHF3EAxo39PtxvPnG7Io2sGlMpeRbdudUaTHLuTPiKAx9REmVOB0u3PVOi8qINIO5C8VzEYoiJ97IoeyZXJwvwdH8bMWMZcYrGM1YJNJYCR9eNtJMA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

candymtch.site
cdn.friends-with-benefits.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
friends-with-benefits.com
lpimg.friends-with-benefits.com
my.link23456.com
ndi8m.blogspot.com
resources.blogblog.com
s.clarity.ms
trk.securedconfirm.com
www.blogger.com
www.clarity.ms
www.googletagmanager.com
www.gstatic.com
162.255.119.48
18.198.93.216
23.96.124.68
2600:1408:c400:25::17da:d9b7
2600:1408:ec00:17::17d7:91
2607:f8b0:400d:c00::84
2607:f8b0:400d:c00::bf
2607:f8b0:400d:c02::5e
2607:f8b0:400d:c04::61
2607:f8b0:400d:c07::5e
2607:f8b0:400d:c09::5f
2620:1ec:29:1::38
34.96.102.137
35.158.45.94
52.206.218.219
09f046c81e362c55171995f532ff18d7a4c9e0796c176677e7d3d08a269da0ca
16f717b0b79cdb75671b229fbba962b4676e5ce9cf0c61ecccf50635564088f5
200ddaa7e651aad5bd3ab189ba1c4e5d5e1f708312b6aeaa6770fdff90c8d109
383772cf6f8abbac578f4e352709526e0e34ec807550d6bf388d4d7ac12909bd
3bbffbf7cfdc47dba07b10e697b5a42da8f3aff2824bee2a0c39ea475c4fa63a
4561f6053ad79d7d78d38d2563dc345fe5118965ef7aa32bb525ab1529e9c5d9
4564832033acb72c0883877783189fc55f157b146f35c8dfcb659a9250c2ca5f
559a1ddfc2fd25a689d728d9d8b6433d6fe062b1f6af304b2d8b979c93b83d66
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
69be9d8f56dd602423287452cf499613dfb32dda7cbf12a0e9edcc23a41c85b7
6ff512665a0db3d5b9edbfdc6395c7fb812f1458c2ae2e93ddb426dcd2c2675f
72d71cdac4f1555c6fa464a4f2824b71f4c23694b1340f437f9dad93de4edbd4
749a20ef4dc934f607705f66f3d848553cbc11f20611a5868ba71564b1ef38dd
7f9dc076e5577335f3378b0613c36ac507013aca45a11b028ee1c829f0cbd458
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8614c74786d8ff09c919c64ebeb01e98a01ba963aba1b66ec717e5274610cf4b
8681d699eb6d84c903820e0364ebe6cabf98150bb14c6659ecb2cf84a368f54e
8bd590ce60c4462f9d9c9679d94b9f7b8a4688fd8df9506a4bdac498310c7fe7
96dd3fd9e04ac5cb0210f57259834db79ab00b369a068c31139e984d880bb984
a009bb0633bd4aa46d8f79ce3557f87a93970713aa47bdb740325497bcd71332
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c6462ecb1c90c7dcb654105ea5056923af1e065f475876f9334f91002f169eb8
c7019cba2004ebe060ca044a6de3c7013f0b8a46871b6cd4aad62200686fd317
c9b9142b8134bedb8b3f3a77909620f2b22cc9f16bb007a51b09eb8c0f00e67e
cf2b63d7225b083803f539636c4a1d35e9404a1b69ee754fe53f10ab0fe2f215
d215eca5df1a2b7edbe6e37b39337a7da33e012000c357be39c3806abd03c048
e2074523d879d5d9b3f924449abedc585a7dad2d5a766feca68a1322c5d24635
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
f090abfd9db1d2cecd4458aa419e6132809851c82b33aa4c11ee91a03abd80f2
f69db08b2787c9a23a0717c41fa10fef18b3d3f551b9d025c65abd1f64fa4e64