urlscan.io logo urlscan.io
SecurityTrails logo

friends-with-benefits.com Open in urlscan Pro
18.159.114.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cdn.cust247.com/clic.php?key=h72rrg31xcnfb7ub0njy&clickid=fe79c9cf55c34dc3b432a92a443173d5&subid=cf-30&email=did...
Effective URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w...
Submission: On July 31 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 37 HTTP transactions. The main IP is 18.159.114.6, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is friends-with-benefits.com. The Cisco Umbrella rank of the primary domain is 743681.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 29th 2023. Valid for: a year.
This is the only time friends-with-benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.147.39 13335 (CLOUDFLAR...)
1 2 3.162.103.126 16509 (AMAZON-02)
1 99.84.191.40 16509 (AMAZON-02)
2 18.159.114.6 16509 (AMAZON-02)
2 142.250.31.97 15169 (GOOGLE)
12 23.53.35.241 20940 (AKAMAI-ASN1)
2 172.253.63.95 15169 (GOOGLE)
3 23.53.35.229 20940 (AKAMAI-ASN1)
1 142.251.16.94 15169 (GOOGLE)
7 34.96.102.137 396982 (GOOGLE-CL...)
2 13.107.246.40 8075 (MICROSOFT...)
2 172.175.234.12 8075 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 13.107.21.237 8068 (MICROSOFT...)
37 13
1    172.67.147.39 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cust247.com
2    3.162.103.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-126.iad61.r.cloudfront.net
www.totallylink.com
1    99.84.191.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-40.iad89.r.cloudfront.net
www.realinternetspeed.com
2    18.159.114.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-114-6.eu-central-1.compute.amazonaws.com
friends-with-benefits.com
2    142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net
www.googletagmanager.com
12    23.53.35.241 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-35-241.deploy.static.akamaitechnologies.com
cdn.friends-with-benefits.com
2    172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net
fonts.googleapis.com
3    23.53.35.229 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-35-229.deploy.static.akamaitechnologies.com
lpimg.friends-with-benefits.com
1    142.251.16.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
fonts.gstatic.com
7    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    172.175.234.12 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.clarity.ms
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
17 friends-with-benefits.com
friends-with-benefits.com — Cisco Umbrella Rank: 743681
cdn.friends-with-benefits.com
lpimg.friends-with-benefits.com
400 KB
7 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988
145 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
n.clarity.ms — Cisco Umbrella Rank: 16846
c.clarity.ms — Cisco Umbrella Rank: 1838
29 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
184 KB
2 totallylink.com
www.totallylink.com
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
772 B
1 gstatic.com
fonts.gstatic.com
33 KB
1 realinternetspeed.com
www.realinternetspeed.com
738 B
1 cust247.com
cdn.cust247.com
714 B
37 10
Domain Requested by
12 cdn.friends-with-benefits.com friends-with-benefits.com
7 dev.visualwebsiteoptimizer.com www.totallylink.com
friends-with-benefits.com
3 lpimg.friends-with-benefits.com friends-with-benefits.com
2 c.clarity.ms 1 redirects
2 n.clarity.ms www.clarity.ms
2 www.clarity.ms www.totallylink.com
www.clarity.ms
2 fonts.googleapis.com friends-with-benefits.com
2 www.googletagmanager.com friends-with-benefits.com
www.googletagmanager.com
2 friends-with-benefits.com www.googletagmanager.com
2 www.totallylink.com 1 redirects
1 c.bing.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 www.realinternetspeed.com
1 cdn.cust247.com 1 redirects
37 14

This site contains links to these domains. Also see Links.

Domain
policies.google.com
privacy.microsoft.com
help.twitter.com
stripcash.com
www.awempire.com
Subject Issuer Validity Valid
www.totallylink.com
Amazon RSA 2048 M03		 2024-04-16 -
2025-05-15		 a year crt.sh
www.realinternetspeed.com
Amazon RSA 2048 M03		 2024-04-16 -
2025-05-15		 a year crt.sh
friends-with-benefits.com
Amazon RSA 2048 M02		 2023-11-29 -
2024-12-27		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdn.friends-with-benefits.com
E5		 2024-07-25 -
2024-10-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
lpimg.friends-with-benefits.com
E5		 2024-07-25 -
2024-10-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Frame ID: 9B8074F588698A2B473BFC7EA0A1BE45
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Friends-with-benefits

Page URL History Show full URLs

  1. http://cdn.cust247.com/clic.php?key=h72rrg31xcnfb7ub0njy&clickid=fe79c9cf55c34dc3b432a92a443173d5&s... HTTP 307
    https://cdn.cust247.com/clic.php?key=h72rrg31xcnfb7ub0njy&clickid=fe79c9cf55c34dc3b432a92a443173d5&s... HTTP 302
    https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc?source=11&subid=cf-30&email=didier_vnf5... HTTP 307
    https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vn... Page URL
  2. https://www.realinternetspeed.com/redirect?target=BASE64aHR0cHM6Ly9mcmllbmRzLXdpdGgtYmVuZWZpdHMuY29tL2xwL3ByZS... Page URL
  3. https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

795 kB
Transfer

1993 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cdn.cust247.com/clic.php?key=h72rrg31xcnfb7ub0njy&clickid=fe79c9cf55c34dc3b432a92a443173d5&subid=cf-30&email=didier_vnf55%40hotmail.fr HTTP 307
    https://cdn.cust247.com/clic.php?key=h72rrg31xcnfb7ub0njy&clickid=fe79c9cf55c34dc3b432a92a443173d5&subid=cf-30&email=didier_vnf55%40hotmail.fr HTTP 302
    https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99 HTTP 307
    https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99 Page URL
  2. https://www.realinternetspeed.com/redirect?target=BASE64aHR0cHM6Ly9mcmllbmRzLXdpdGgtYmVuZWZpdHMuY29tL2xwL3ByZS1qYXItaW50LW5hay8_czE9Y2NpbnZmd2Jzb2lfY2FfZGVzayZzMj0zODlmODU5Ni1mZmVjLTQ2MDMtYmY0Yi0zNGViY2E2ZDgwZjUmdHJhY2tpbmdfaWQ9dzZ2NHJsNzUxOW9iYXQzMzNidm51MmNl&ts=1722402016330&hash=Sr2NyfQQINcRfwMWsX_WDHYaECeZbe1feG4za5j4mEY&rm=D Page URL
  3. https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cdn.cust247.com/clic.php?key=h72rrg31xcnfb7ub0njy&clickid=fe79c9cf55c34dc3b432a92a443173d5&subid=cf-30&email=didier_vnf55%40hotmail.fr HTTP 307
  • https://cdn.cust247.com/clic.php?key=h72rrg31xcnfb7ub0njy&clickid=fe79c9cf55c34dc3b432a92a443173d5&subid=cf-30&email=didier_vnf55%40hotmail.fr HTTP 302
  • https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99 HTTP 307
  • https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
Request Chain 33
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8782742239D9456BAA274DB5FC0382A8&RedC=c.clarity.ms&MXFR=115FAEF27B89614B18BABA3F7F896FEA HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8782742239D9456BAA274DB5FC0382A8&MUID=2410E7AED74466B51F1EF363D6EE6760

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
2
www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/
Redirect Chain
  • http://cdn.cust247.com/clic.php?key=h72rrg31xcnfb7ub0njy&clickid=fe79c9cf55c34dc3b432a92a443173d5&subid=cf-30&email=didier_vnf55%40hotmail.fr
  • https://cdn.cust247.com/clic.php?key=h72rrg31xcnfb7ub0njy&clickid=fe79c9cf55c34dc3b432a92a443173d5&subid=cf-30&email=didier_vnf55%40hotmail.fr
  • https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
  • https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
593 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-126.iad61.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Wed, 31 Jul 2024 05:00:16 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront)
x-amz-cf-id
NAF0w2xfndyO9JzKQAPqIalvRNYxsHVriQGRNdusUs8nZInZ2PYbFw==
x-amz-cf-pop
IAD61-P1
x-cache
Miss from cloudfront

Redirect headers

accept-ch
sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-full-version-list,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Wed, 31 Jul 2024 05:00:16 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
pragma
no-cache
server
nginx
via
1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront)
x-amz-cf-id
o9SebAcfbHIfRoAl_qGeI7IlQ96-d8DkqPn37gqYQBPyid4YGdhc_A==
x-amz-cf-pop
IAD61-P1
x-cache
Miss from cloudfront
redirect
www.realinternetspeed.com/ 		411 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.realinternetspeed.com/redirect?target=BASE64aHR0cHM6Ly9mcmllbmRzLXdpdGgtYmVuZWZpdHMuY29tL2xwL3ByZS1qYXItaW50LW5hay8_czE9Y2NpbnZmd2Jzb2lfY2FfZGVzayZzMj0zODlmODU5Ni1mZmVjLTQ2MDMtYmY0Yi0zNGViY2E2ZDgwZjUmdHJhY2tpbmdfaWQ9dzZ2NHJsNzUxOW9iYXQzMzNidm51MmNl&ts=1722402016330&hash=Sr2NyfQQINcRfwMWsX_WDHYaECeZbe1feG4za5j4mEY&rm=D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-40.iad89.r.cloudfront.net
Software
nginx /
Resource Hash
cfadaecd26078c1ba9501c9014a450f951818712ff8052e92d0f41e98cc0a2d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Wed, 31 Jul 2024 05:00:16 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 237bd7e86f7f99cead16dc4ecb5fed20.cloudfront.net (CloudFront)
x-amz-cf-id
0stG2WM-GH80seGbBbpeW0ZibHP-flROwDMjR-lwncFhEA6GHvpmNQ==
x-amz-cf-pop
IAD89-C2
x-cache
Miss from cloudfront
Primary Request /
friends-with-benefits.com/lp/pre-jar-int-nak/ 		41 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.114.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-114-6.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7cc445fe3d7bacb1f74bce1dd12df8b711a40dcfdd467e5e9796fb86885f54ad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Jul 2024 05:00:17 GMT
geo_city
Toronto
server
nginx
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		275 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGJSH9M
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f86ae9f0993d1befcbaa559c9830a1bb686d5d751bd95c019e04ce398bebc0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97061
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jul 2024 05:00:17 GMT
jquery.min.397754ba49e9e0cf4e7c190da78dda05.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/jquery.min.397754ba49e9e0cf4e7c190da78dda05.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:31 GMT
etag
W/"668680cf-169d5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=137365
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402018037_389287857_1494141202_381_432_38_0_219";dur=1
content-length
32772
css
fonts.googleapis.com/ 		3 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald|Raleway
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
8681d699eb6d84c903820e0364ebe6cabf98150bb14c6659ecb2cf84a368f54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 05:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 04:42:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 05:00:19 GMT
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,400i,500,500i,600,600i,700,700i&display=swap
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
09f046c81e362c55171995f532ff18d7a4c9e0796c176677e7d3d08a269da0ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 05:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 04:54:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 05:00:19 GMT
styles.074781273e726c700a9f359458196e04.css
cdn.friends-with-benefits.com/lp/assets/common/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/css/styles.074781273e726c700a9f359458196e04.css
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c6462ecb1c90c7dcb654105ea5056923af1e065f475876f9334f91002f169eb8

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
content-encoding
gzip
last-modified
Thu, 25 Jul 2024 19:30:24 GMT
etag
W/"66a2a7d0-3c97"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=157468
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402018034_389287857_1494141201_30_588_38_0_255";dur=1
content-length
3461
tests.9d58efc456f03751102365e373d75df3.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/tests.9d58efc456f03751102365e373d75df3.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f69db08b2787c9a23a0717c41fa10fef18b3d3f551b9d025c65abd1f64fa4e64

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:34 GMT
etag
W/"668680d2-112e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=117478
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402018034_389287857_1494141203_115_578_38_0_219";dur=1
content-length
1525
style.8933a3397c7af8ba9899ffaa5718be4c.css
cdn.friends-with-benefits.com/lp/assets/prelanding/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/css/style.8933a3397c7af8ba9899ffaa5718be4c.css
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
749a20ef4dc934f607705f66f3d848553cbc11f20611a5868ba71564b1ef38dd

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2024 06:47:13 GMT
etag
W/"66a73af1-1cf9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=441519
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402017966_389287857_1494141176_19_802_38_65_255";dur=1
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1977
close.8c78db28b5a3f198d980d880fa39d3c1.png
cdn.friends-with-benefits.com/lp/assets/common/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/images/close.8c78db28b5a3f198d980d880fa39d3c1.png
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f090abfd9db1d2cecd4458aa419e6132809851c82b33aa4c11ee91a03abd80f2

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
last-modified
Thu, 04 Jul 2024 10:58:54 GMT
etag
"6686806e-af1"
geo_city
Elyria
content-type
image/png
cache-control
max-age=1377697
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402018034_389287857_1494141205_33_521_38_0_182";dur=1
accept-ranges
bytes
content-length
2801
radar-scanner.78b803a76793d8269b3c25b9e138f987.gif
cdn.friends-with-benefits.com/lp/assets/prelanding/images/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/images/radar-scanner.78b803a76793d8269b3c25b9e138f987.gif
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c7019cba2004ebe060ca044a6de3c7013f0b8a46871b6cd4aad62200686fd317

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
last-modified
Thu, 04 Jul 2024 10:58:54 GMT
etag
"6686806e-1905f"
geo_city
Gardners
content-type
image/gif
cache-control
max-age=2029325
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402018034_389287857_1494141204_34_625_38_0_182";dur=1
accept-ranges
bytes
content-length
102495
common.e75f6cb49ca52e4d03896beea90dfe08.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/common.e75f6cb49ca52e4d03896beea90dfe08.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88658d9d68f03918e34f16668bd4cf5430ee9ebb3eb9ead2ced0490d881c1cf2

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
content-encoding
gzip
last-modified
Thu, 25 Jul 2024 19:30:26 GMT
etag
W/"66a2a7d2-518d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=318153
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402018080_389287857_1494141827_172_652_38_0_182";dur=1
content-length
5835
prelanding.ca918634e523cd632838925a2e57b422.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		2 KB
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/prelanding.ca918634e523cd632838925a2e57b422.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8bd590ce60c4462f9d9c9679d94b9f7b8a4688fd8df9506a4bdac498310c7fe7

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:34 GMT
etag
W/"668680d2-7b5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=115315
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402018133_389287857_1494142886_9_673_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
783
quic-version
0x00000001
loader.1e4843b51481a2e2237edb7251524bbb.js
cdn.friends-with-benefits.com/lp/assets/prelanding/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/js/loader.1e4843b51481a2e2237edb7251524bbb.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f43e6c1c9a45e27d1196ec4c2d69ec80d07667cda428b3ec5962fff628df8777

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
content-encoding
gzip
last-modified
Thu, 25 Jul 2024 19:30:44 GMT
etag
W/"66a2a7e4-ca6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=274338
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402018181_389287857_1494143294_9_677_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1124
quic-version
0x00000001
js
www.googletagmanager.com/gtag/ 		254 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EN5YHWKKJL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJSH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d4709c6f124399c785def7db84cc8f15bd9ee6d7a644f5b78073073185d0ed2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91229
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 05:00:19 GMT
zWgrLfqoEMmZB8ERpZ6WZsQAP5iZ8Q69U1PhwVII.webp
lpimg.friends-with-benefits.com/template/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpimg.friends-with-benefits.com/template/zWgrLfqoEMmZB8ERpZ6WZsQAP5iZ8Q69U1PhwVII.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.229 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
16f717b0b79cdb75671b229fbba962b4676e5ce9cf0c61ecccf50635564088f5

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
last-modified
Mon, 31 Oct 2022 08:38:55 GMT
x-amz-request-id
44KSXMCCVWKN00A8
etag
"34e88832a8f11c052bd6cb98f468540b"
content-type
image/webp
cache-control
max-age=7763541
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402019688_389287845_3299030557_70_1113_39_0_219";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
128046
x-amz-id-2
ooH7J7k/14uGqQbcPzs/UA2zizfUIQ6tViQB1AU0BC04OAAFQ58I5Gviv/SrlNFd+++AcASv3dk=
GvzcUgLKd02piL208PCzbYv8Ih9UVLiD2hWXv6Af.webp
lpimg.friends-with-benefits.com/template/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpimg.friends-with-benefits.com/template/GvzcUgLKd02piL208PCzbYv8Ih9UVLiD2hWXv6Af.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.229 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ff512665a0db3d5b9edbfdc6395c7fb812f1458c2ae2e93ddb426dcd2c2675f

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
last-modified
Mon, 31 Oct 2022 08:38:55 GMT
x-amz-request-id
9CX5Z161WBGMAJTS
etag
"0f297449fd0de6b7b3f23677185088b3"
content-type
image/webp
cache-control
max-age=6104375
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402019741_389287845_3299030559_157_1204_39_53_219";dur=1
accept-ranges
bytes
content-length
77812
x-amz-id-2
AJMtfzzK2hTEEHjbpkrmstNzLItnGZDSz/tSDhn0RZ9y1z9qyNa7rqUIr/NHtdlEKptx19j25YA=
warning.123594de630aba4fb44d23e3c906166a.webp
cdn.friends-with-benefits.com/lp/assets/prelanding/images/ 		650 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/images/warning.123594de630aba4fb44d23e3c906166a.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
559a1ddfc2fd25a689d728d9d8b6433d6fe062b1f6af304b2d8b979c93b83d66

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
last-modified
Thu, 04 Jul 2024 11:00:32 GMT
etag
"668680d0-28a"
geo_city
Knoxville
content-type
image/webp
cache-control
max-age=1708898
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402019223_389287857_1494157670_10_780_-_-_-";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
650
quic-version
0x00000001
sos.f86431f76723924286832e8461fae35b.webp
cdn.friends-with-benefits.com/lp/assets/prelanding/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/images/sos.f86431f76723924286832e8461fae35b.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
383772cf6f8abbac578f4e352709526e0e34ec807550d6bf388d4d7ac12909bd

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
last-modified
Thu, 25 Jul 2024 19:30:24 GMT
etag
"66a2a7d0-71e"
content-type
image/webp
cache-control
max-age=2135088
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402019225_389287857_1494157686_10_779_-_-_-";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1822
quic-version
0x00000001
bgprofiles.8134f4273e1a8706fa281f7452d02e0e.webp
cdn.friends-with-benefits.com/lp/assets/prelanding/images/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/prelanding/images/bgprofiles.8134f4273e1a8706fa281f7452d02e0e.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.53.35.241 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3bbffbf7cfdc47dba07b10e697b5a42da8f3aff2824bee2a0c39ea475c4fa63a

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
last-modified
Sat, 29 Jun 2024 20:53:25 GMT
etag
"66807445-7e6e"
geo_city
Rockville
content-type
image/webp
cache-control
max-age=2160119
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402019226_389287857_1494157688_11_687_-_-_-";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
32366
quic-version
0x00000001
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,400i,500,500i,600,600i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://friends-with-benefits.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 07:57:09 GMT
x-content-type-options
nosniff
age
162190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Jul 2025 07:57:09 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		21 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=921607&u=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fpre-jar-int-nak%2F%3Fs1%3Dccinvfwbsoi_ca_desk%26s2%3D389f8596-ffec-4603-bf4b-34ebca6d80f5%26tracking_id%3Dw6v4rl7519obat333bvnu2ce&vn=2.1&x=true
Requested by
Host: www.totallylink.com
URL: https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
0648b24c426d2ffeaf23bf497598892c25a39e5de97b88a3a4c2250ea105f4b5

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
content-encoding
gzip
via
1.1 google
server
gnv1
etag
W/"1722354610_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://friends-with-benefits.com
cache-control
public, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
myzbm75krd
www.clarity.ms/tag/ 		1005 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/myzbm75krd
Requested by
Host: www.totallylink.com
URL: https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b7b85902f1d8ed0297a789ed601665c2e4cf49732628b172b6041682af12cb2f

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
date
Wed, 31 Jul 2024 05:00:19 GMT
x-azure-ref
20240731T050019Z-17fd6bb7c96fldcm42ra7zuqc400000008wg000000000us2
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1005
expires
-1
worker-52899c61b5e53153561b1a9d5896bdb9br.js
dev.visualwebsiteoptimizer.com/edrv/ 		258 KB
63 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/worker-52899c61b5e53153561b1a9d5896bdb9br.js
Requested by
Host: www.totallylink.com
URL: https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
86ecb4fe5002073a76e8efea2918ec678fe8909c9dfe7ca4b9c13319ae22f52a

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 30 Jul 2024 15:49:54 GMT
server
gnv1
etag
"66a90ba2-fa00"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64000
va_gq-54c81854d2f9a2f2b427ecc52cc94853br.js
dev.visualwebsiteoptimizer.com/edrv/ 		266 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/va_gq-54c81854d2f9a2f2b427ecc52cc94853br.js
Requested by
Host: www.totallylink.com
URL: https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
d11a411866e207acbb0f4ac0a96a9b4013475259e899f3a0877fba431c50259d

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 30 Jul 2024 15:49:55 GMT
server
gnv1
etag
"66a90ba3-113fe"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70654
v.gif
dev.visualwebsiteoptimizer.com/eu01/ 		35 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=921607&d=friends-with-benefits.com&u=DC54A7CECFCDB65DDC831F93898E6CC24&h=6bb8b9f4a3726267f3760e684660aa72&t=false
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel01c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:18 GMT
via
1.1 google
x-content-type-options
nosniff
server
gbel01c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
e74f8cec-ec82-42b5-8cea-d610a02fbc0e
https://friends-with-benefits.com/ 		259 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://friends-with-benefits.com/e74f8cec-ec82-42b5-8cea-d610a02fbc0e
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fcb338710f2d3a7691da54ec17b22ecde48b219598c4ed7ba0714c32eea5e4c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
265304
Content-Type
application/javascript
s.gif
dev.visualwebsiteoptimizer.com/eu01/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/eu01/s.gif?account_id=921607&u=DC54A7CECFCDB65DDC831F93898E6CC24&s=1722402019&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-ca%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1722402019605%2C%22tO%22%3A7%2C%22tz%22%3A%22America%2FVancouver%22%7D&cu=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fpre-jar-int-nak%2F%3Fs1%3Dccinvfwbsoi_ca_desk%26s2%3D389f8596-ffec-4603-bf4b-34ebca6d80f5%26tracking_id%3Dw6v4rl7519obat333bvnu2ce&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1722402019617&v=5e3fdb8c0
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel01c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 05:00:18 GMT
via
1.1 google
x-content-type-options
nosniff
server
gbel01c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
clarity.js
www.clarity.ms/s/0.7.41/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/myzbm75krd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
content-encoding
br
last-modified
Fri, 26 Jul 2024 23:49:00 GMT
etag
W/"0x8DCADCD85F8E42A"
vary
Accept-Encoding
x-azure-ref
20240731T050019Z-17fd6bb7c96fldcm42ra7zuqc400000008wg000000000us5
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8f3f2af4-601e-0050-7a2c-e0ec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
settings.js
dev.visualwebsiteoptimizer.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=921607&settings_type=1&vn=&eventArch=1&uuid=&ec=1187749&exc=3|6
Requested by
Host: www.totallylink.com
URL: https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
75a1a2fb8a8a6b3c3ebeca49558a1494995307edb0a47a23761c699579c8cc95

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
content-encoding
gzip
via
1.1 google
server
gnv1
etag
W/"1722354610_EA"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
n.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends-with-benefits.com
Date
Wed, 31 Jul 2024 05:00:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
collect
friends-with-benefits.com/gtm-server/g/ 		65 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://friends-with-benefits.com/gtm-server/g/collect?v=2&tid=G-EN5YHWKKJL&gtm=45je47t0v9115575705z879004183za200zb79004183&_p=1722402017736&gcs=G100&gcd=13p3p3p3p7&npa=1&dma_cps=-&dma=0&tag_exp=95250752&gtm_up=1&cid=2118748533.1722402020&ecid=1734228184&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA-ON&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=709928038.1722402020&sst.etld=google.ca&sst.gcd=13p3p3p3p7&sst.adr=1&sst.tft=1722402017736&sst.ude=0&_s=1&sid=1722402019&sct=1&seg=0&dl=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fpre-jar-int-nak%2F%3Fs1%3Dccinvfwbsoi_ca_desk%26s2%3D389f8596-ffec-4603-bf4b-34ebca6d80f5%26tracking_id%3Dw6v4rl7519obat333bvnu2ce&dt=Friends-with-benefits&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.ga4_id=G-EN5YHWKKJL&ep.s1=ccinvfwbsoi_ca_desk&tfd=3008&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EN5YHWKKJL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.114.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-114-6.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends-with-benefits.com/lp/pre-jar-int-nak/?s1=ccinvfwbsoi_ca_desk&s2=389f8596-ffec-4603-bf4b-34ebca6d80f5&tracking_id=w6v4rl7519obat333bvnu2ce
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
nc-b58cb36ac55f5ddb99f2b88655aa4bd7br.js
dev.visualwebsiteoptimizer.com/edrv/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/nc-b58cb36ac55f5ddb99f2b88655aa4bd7br.js
Requested by
Host: www.totallylink.com
URL: https://www.totallylink.com/26dd6d97-a271-4c6f-b1e1-285f577a3cfc/2?source=11&subid=cf-30&email=didier_vnf55@hotmail.fr&cid=f72batlbgqdi4a99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
9d999b82020b77734225db28165cb573f4479110e2bb59bac1ee2aeef6a06336

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 30 Jul 2024 15:49:55 GMT
server
gnv1
etag
"66a90ba3-cb8"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3256
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8782742239D9456BAA274DB5FC0382A8&RedC=c.clarity.ms&MXFR=115FAEF27B89614B18BABA3F7F896FEA
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8782742239D9456BAA274DB5FC0382A8&MUID=2410E7AED74466B51F1EF363D6EE6760
42 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8782742239D9456BAA274DB5FC0382A8&MUID=2410E7AED74466B51F1EF363D6EE6760
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 05:00:21 GMT
last-modified
Tue, 25 Jun 2024 19:54:30 GMT
server
Microsoft-IIS/10.0
etag
"df9747e39c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Jul 2024 05:00:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EFA9BE9CCC56494BA261B9C7FD745DDE Ref B: YTO01EDGE0509 Ref C: 2024-07-31T05:00:21Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8782742239D9456BAA274DB5FC0382A8&MUID=2410E7AED74466B51F1EF363D6EE6760
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
RigKaMrHtxwKlB7SdbMsS1bttfrEqeOVlCx3hXy2.webp
lpimg.friends-with-benefits.com/domain/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lpimg.friends-with-benefits.com/domain/RigKaMrHtxwKlB7SdbMsS1bttfrEqeOVlCx3hXy2.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.35.229 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-35-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d215eca5df1a2b7edbe6e37b39337a7da33e012000c357be39c3806abd03c048

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 05:00:19 GMT
last-modified
Thu, 10 Nov 2022 06:42:48 GMT
x-amz-request-id
25EX8QXP4JPZZJZC
etag
"e45933ca76ee03645f55c6de6410bdca"
content-type
image/webp
cache-control
max-age=6339843
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722402019921_389287845_3299033041_40_738_38_0_219";dur=1
accept-ranges
bytes
content-length
3306
x-amz-id-2
eAJRe+sPAMDmw4IwKOyIQW6PWPxWIYXPpJ2o/M8gq7ckuZO04rmL6ZcfI65qKOxTVdFBGC0WdsQ=
collect
n.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends-with-benefits.com
Date
Wed, 31 Jul 2024 05:00:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| detectAdBlock function| showAdblockPopupIfDetected function| loadScript function| scriptLoadError function| mainScriptLoadError function| sleep function| getHostnameWithProtocol object| google_tag_manager object| google_tag_data function| $ function| jQuery function| _0x8312 function| _0x5b66 object| TESTS string| domain object| oauth_providers string| oauth_url string| finish_text object| email_autofill_domains string| homepage_uri boolean| show_cookie_box number| latitude number| longitude string| locale object| isTest string| redirectTo function| _0x1500 function| _0x38f881 function| _0x1b7b object| Cookie object| CookieBox object| Placeholder function| _0x1c26 function| _0xb7b6f7 function| _0x2067 function| addRedirectionEventToSubmitButtons function| _0x30b6 function| _0x3d20 object| code object| _vwo_code number| _vwo_settings_timer function| clarity object| _VWO string| _vwo_mt string| _vwo_cookieDomain string| _vwo_surveyAssetsBaseUrl object| VWO number| _vwo_acc_id object| vwo_iehack_queue object| VWOOmni string| _vwo_cdn_url number| _vwo_library_timer object| mainThread function| JSONStringify object| _vwo_evq function| _vwo_ev object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vis_opt_queue object| fetcher function| _removeVwoGlobalStyle function| vwo_$ object| functionWrapper string| _vwo_server_url function| _vwo_s object| _vwo_exp string| _vwo_uuid function| _vis_opt_goal_conversion function| _vis_opt_register_conversion function| _vis_opt_revenue_conversion function| _vis_opt_createCookie function| _vis_opt_readCookie function| _vis_opt_element_loaded boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_surveySettings object| _vwo_exp_ids object| _vwo_pa object| gaGlobal boolean| vwo_libExecuted

22 Cookies

Domain/Path Name / Value
cdn.cust247.com/ Name: uclick
Value: tlbgqdi4
cdn.cust247.com/ Name: uclickhash
Value: tlbgqdi4-tlbgqdi4-gh0-0-qqi4-9r2t-9ra9-27f2a1
.www.totallylink.com/ Name: 26dd6d97-a271-4c6f-b1e1-285f577a3cfc-v4
Value: 8hRr7kSU4mNIUoEnhQj5O4nRscGizHOAfP26s4chKU4
.www.totallylink.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22w6v4rl7519obat333bvnu2ce%22%2C%22caid%22%3A%2226dd6d97-a271-4c6f-b1e1-285f577a3cfc%22%7D
.friends-with-benefits.com/ Name: _vwo_uuid_v2
Value: DC54A7CECFCDB65DDC831F93898E6CC24|6bb8b9f4a3726267f3760e684660aa72
www.clarity.ms/ Name: CLID
Value: 59ccb460af2643c3b7a1e52e680e5b18.20240731.20250731
.friends-with-benefits.com/ Name: _vwo_uuid
Value: DC54A7CECFCDB65DDC831F93898E6CC24
.friends-with-benefits.com/ Name: _vwo_ds
Value: 3%241722402019%3A70.76341391%3A%3A
.friends-with-benefits.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.friends-with-benefits.com/ Name: _vis_opt_s
Value: 1%7C
.friends-with-benefits.com/ Name: _vis_opt_test_cookie
Value: 1
.friends-with-benefits.com/ Name: _clck
Value: 8qv14a%7C2%7Cfnx%7C0%7C1673
friends-with-benefits.com/ Name: AWSALB
Value: O6Pv5JdT87BjooiFz7c5kto56/YPYKSCs9IgYNNfz5OHoTPiqTrH9psesbOlafWnmdO5I6yy4DATalNQmPJDAh6X7cyI+2BV1Yg93i+pCe3+Dt+W18tP1APl7UEtXz2XTnEtpx5LllbRuqbne9nhwLBgrIHea/A78sVW/TZ9HsuWgENiIRmFdqNNRYJXoQ==
friends-with-benefits.com/ Name: AWSALBCORS
Value: O6Pv5JdT87BjooiFz7c5kto56/YPYKSCs9IgYNNfz5OHoTPiqTrH9psesbOlafWnmdO5I6yy4DATalNQmPJDAh6X7cyI+2BV1Yg93i+pCe3+Dt+W18tP1APl7UEtXz2XTnEtpx5LllbRuqbne9nhwLBgrIHea/A78sVW/TZ9HsuWgENiIRmFdqNNRYJXoQ==
.friends-with-benefits.com/ Name: _clsk
Value: 1aogdxv%7C1722402020397%7C1%7C1%7Cn.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 2410E7AED74466B51F1EF363D6EE6760
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2410E7AED74466B51F1EF363D6EE6760
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2410E7AED74466B51F1EF363D6EE6760
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.cust247.com
cdn.friends-with-benefits.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
friends-with-benefits.com
lpimg.friends-with-benefits.com
n.clarity.ms
www.clarity.ms
www.googletagmanager.com
www.realinternetspeed.com
www.totallylink.com
13.107.21.237
13.107.246.40
142.250.31.97
142.251.16.94
172.175.234.12
172.253.63.95
172.67.147.39
18.159.114.6
20.110.205.119
23.53.35.229
23.53.35.241
3.162.103.126
34.96.102.137
99.84.191.40
0648b24c426d2ffeaf23bf497598892c25a39e5de97b88a3a4c2250ea105f4b5
09f046c81e362c55171995f532ff18d7a4c9e0796c176677e7d3d08a269da0ca
16f717b0b79cdb75671b229fbba962b4676e5ce9cf0c61ecccf50635564088f5
1fcb338710f2d3a7691da54ec17b22ecde48b219598c4ed7ba0714c32eea5e4c
383772cf6f8abbac578f4e352709526e0e34ec807550d6bf388d4d7ac12909bd
3bbffbf7cfdc47dba07b10e697b5a42da8f3aff2824bee2a0c39ea475c4fa63a
559a1ddfc2fd25a689d728d9d8b6433d6fe062b1f6af304b2d8b979c93b83d66
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
6ff512665a0db3d5b9edbfdc6395c7fb812f1458c2ae2e93ddb426dcd2c2675f
749a20ef4dc934f607705f66f3d848553cbc11f20611a5868ba71564b1ef38dd
75a1a2fb8a8a6b3c3ebeca49558a1494995307edb0a47a23761c699579c8cc95
7cc445fe3d7bacb1f74bce1dd12df8b711a40dcfdd467e5e9796fb86885f54ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8681d699eb6d84c903820e0364ebe6cabf98150bb14c6659ecb2cf84a368f54e
86ecb4fe5002073a76e8efea2918ec678fe8909c9dfe7ca4b9c13319ae22f52a
88658d9d68f03918e34f16668bd4cf5430ee9ebb3eb9ead2ced0490d881c1cf2
8bd590ce60c4462f9d9c9679d94b9f7b8a4688fd8df9506a4bdac498310c7fe7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d999b82020b77734225db28165cb573f4479110e2bb59bac1ee2aeef6a06336
b7b85902f1d8ed0297a789ed601665c2e4cf49732628b172b6041682af12cb2f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c6462ecb1c90c7dcb654105ea5056923af1e065f475876f9334f91002f169eb8
c7019cba2004ebe060ca044a6de3c7013f0b8a46871b6cd4aad62200686fd317
cfadaecd26078c1ba9501c9014a450f951818712ff8052e92d0f41e98cc0a2d3
d11a411866e207acbb0f4ac0a96a9b4013475259e899f3a0877fba431c50259d
d215eca5df1a2b7edbe6e37b39337a7da33e012000c357be39c3806abd03c048
d4709c6f124399c785def7db84cc8f15bd9ee6d7a644f5b78073073185d0ed2b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
f090abfd9db1d2cecd4458aa419e6132809851c82b33aa4c11ee91a03abd80f2
f43e6c1c9a45e27d1196ec4c2d69ec80d07667cda428b3ec5962fff628df8777
f69db08b2787c9a23a0717c41fa10fef18b3d3f551b9d025c65abd1f64fa4e64
f86ae9f0993d1befcbaa559c9830a1bb686d5d751bd95c019e04ce398bebc0e9