urlscan.io logo urlscan.io
SecurityTrails logo

friends-with-benefits.com Open in urlscan Pro
3.121.161.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aer5v.blogspot.com/
Effective URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8...
Submission: On July 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 14 domains to perform 42 HTTP transactions. The main IP is 3.121.161.178, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is friends-with-benefits.com. The Cisco Umbrella rank of the primary domain is 743681.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 29th 2023. Valid for: a year.
This is the only time friends-with-benefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 162.255.119.48 22612 (NAMECHEAP...)
1 1 52.21.124.51 14618 (AMAZON-AES)
1 18.197.191.217 16509 (AMAZON-02)
2 3.121.161.178 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
9 2600:141b:f00... 20940 (AKAMAI-ASN1)
2 2600:141b:b00... 20940 (AKAMAI-ASN1)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 172.67.139.119 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
7 34.96.102.137 396982 (GOOGLE-CL...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 23.202.61.116 20940 (AKAMAI-ASN1)
3 20.231.53.73 8075 (MICROSOFT...)
42 18
1    2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)
aer5v.blogspot.com
1    2607:f8b0:4006:80a::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:821::2009 (United States)

ASN15169 (GOOGLE, US)
resources.blogblog.com
www.blogger.com
1    162.255.119.48 (United States)

ASN22612 (NAMECHEAP-NET, US)
candymtch.site
1    52.21.124.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-124-51.compute-1.amazonaws.com
trk.securedconfirm.com
1    18.197.191.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-191-217.eu-central-1.compute.amazonaws.com
my.link23456.com
2    3.121.161.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-161-178.eu-central-1.compute.amazonaws.com
friends-with-benefits.com
2    2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2600:141b:f000:3::17c8:4 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.friends-with-benefits.com
2    2600:141b:b000::1737:ebc8 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)
lpimg.friends-with-benefits.com
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
7    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    23.202.61.116 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-202-61-116.deploy.static.akamaitechnologies.com
lpimg.friends-with-benefits.com
3    20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
Apex Domain
Subdomains		 Transfer
14 friends-with-benefits.com
friends-with-benefits.com — Cisco Umbrella Rank: 743681
cdn.friends-with-benefits.com
lpimg.friends-with-benefits.com
118 KB
7 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988
144 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
c.clarity.ms — Cisco Umbrella Rank: 1838
q.clarity.ms — Cisco Umbrella Rank: 8520
29 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3618
ka-f.fontawesome.com — Cisco Umbrella Rank: 7493
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
184 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
37 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
774 B
1 link23456.com
my.link23456.com
27 KB
1 securedconfirm.com
trk.securedconfirm.com
2 KB
1 candymtch.site
candymtch.site
278 B
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9911
51 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 24546
46 KB
1 blogspot.com
aer5v.blogspot.com
14 KB
42 14
Domain Requested by
9 cdn.friends-with-benefits.com friends-with-benefits.com
7 dev.visualwebsiteoptimizer.com aer5v.blogspot.com
friends-with-benefits.com
3 q.clarity.ms www.clarity.ms
3 ka-f.fontawesome.com kit.fontawesome.com
3 lpimg.friends-with-benefits.com friends-with-benefits.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms aer5v.blogspot.com
www.clarity.ms
2 www.googletagmanager.com friends-with-benefits.com
www.googletagmanager.com
2 fonts.googleapis.com friends-with-benefits.com
2 friends-with-benefits.com my.link23456.com
www.googletagmanager.com
1 c.bing.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 kit.fontawesome.com friends-with-benefits.com
1 my.link23456.com aer5v.blogspot.com
1 trk.securedconfirm.com 1 redirects
1 candymtch.site 1 redirects
1 www.blogger.com aer5v.blogspot.com
1 resources.blogblog.com aer5v.blogspot.com
1 www.gstatic.com aer5v.blogspot.com
1 aer5v.blogspot.com
42 20

This site contains links to these domains. Also see Links.

Domain
policies.google.com
privacy.microsoft.com
help.twitter.com
stripcash.com
www.awempire.com
Subject Issuer Validity Valid
misc-sni.blogspot.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.blogger.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
ph.guardlnkcaptcha.com
Amazon RSA 2048 M02		 2024-02-14 -
2025-03-15		 a year crt.sh
friends-with-benefits.com
Amazon RSA 2048 M02		 2023-11-29 -
2024-12-27		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
cdn.friends-with-benefits.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
lpimg.friends-with-benefits.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
ka-f.fontawesome.com
WE1		 2024-07-01 -
2024-09-29		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Frame ID: FE6FA6BE71B439D6A1DFB2A728308654
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Friends-with-benefits

Page URL History Show full URLs

  1. https://aer5v.blogspot.com/ Page URL
  2. http://candymtch.site/ HTTP 307
    https://candymtch.site/ HTTP 307
    http://candymtch.site/ HTTP 302
    https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760 HTTP 302
    https://my.link23456.com/click?o=3720&a=1508&sub_id1=102645271803029e2f74b262e2bdcd&sub_id3=DLO-8760_ Page URL
  3. https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e6... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

42
Requests

95 %
HTTPS

55 %
IPv6

14
Domains

20
Subdomains

18
IPs

2
Countries

675 kB
Transfer

2185 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aer5v.blogspot.com/ Page URL
  2. http://candymtch.site/ HTTP 307
    https://candymtch.site/ HTTP 307
    http://candymtch.site/ HTTP 302
    https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760 HTTP 302
    https://my.link23456.com/click?o=3720&a=1508&sub_id1=102645271803029e2f74b262e2bdcd&sub_id3=DLO-8760_ Page URL
  3. https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://candymtch.site/ HTTP 307
  • https://candymtch.site/ HTTP 307
  • http://candymtch.site/ HTTP 302
  • https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760 HTTP 302
  • https://my.link23456.com/click?o=3720&a=1508&sub_id1=102645271803029e2f74b262e2bdcd&sub_id3=DLO-8760_
Request Chain 31
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=681D7CE994FD443684BA257375D8C761&RedC=c.clarity.ms&MXFR=302EB3354E5A67503AFCA7F64A5A693A HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=681D7CE994FD443684BA257375D8C761&MUID=117F057EDE7C62FB3C0811BDDF8763B9

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
aer5v.blogspot.com/ 		69 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aer5v.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
14348
content-type
text/html; charset=UTF-8
date
Sun, 21 Jul 2024 11:23:27 GMT
etag
W/"1e92d6fd6208087a88513654418816d0b1d950489c05914684114b653e00ce8f"
expires
Sun, 21 Jul 2024 11:23:27 GMT
last-modified
Tue, 20 Feb 2024 06:06:01 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aer5v.blogspot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3475
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 21 Jul 2024 11:23:28 GMT
4194078042-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/4194078042-indie_compiled.js
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aer5v.blogspot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 11:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46778
x-xss-protection
0
last-modified
Tue, 16 Jul 2024 22:54:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 24 Jul 2024 11:03:20 GMT
4118640461-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/4118640461-widgets.js
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aer5v.blogspot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 01:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51331
x-xss-protection
0
last-modified
Tue, 16 Jul 2024 02:55:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 17 Jul 2025 01:22:56 GMT
click
my.link23456.com/
Redirect Chain
  • http://candymtch.site/
  • https://candymtch.site/
  • http://candymtch.site/
  • https://trk.securedconfirm.com/aff_c?offer_id=9135&aff_id=8760
  • https://my.link23456.com/click?o=3720&a=1508&sub_id1=102645271803029e2f74b262e2bdcd&sub_id3=DLO-8760_
26 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.link23456.com/click?o=3720&a=1508&sub_id1=102645271803029e2f74b262e2bdcd&sub_id3=DLO-8760_
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.191.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-191-217.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash

Request headers

Referer
https://aer5v.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 21 Jul 2024 11:23:33 GMT
server
nginx/1.24.0

Redirect headers

Accept-CH
Sec-CH-UA-Model, Sec-CH-DPR, DPR
Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 21 Jul 2024 11:23:32 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://my.link23456.com/click?o=3720&a=1508&sub_id1=102645271803029e2f74b262e2bdcd&sub_id3=DLO-8760_
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102645271803029e2f74b262e2bdcd
X-Request-Id
4d89a395ac54af1ba74b743d49a06202
Primary Request /
friends-with-benefits.com/lp/int-nak-btn/ 		67 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Requested by
Host: my.link23456.com
URL: https://my.link23456.com/click?o=3720&a=1508&sub_id1=102645271803029e2f74b262e2bdcd&sub_id3=DLO-8760_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.161.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-161-178.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
69508117f692171e54b07a39c64621cd955d2b9ced0205c12ee01092c4092991

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 Jul 2024 11:23:33 GMT
geo_city
El Segundo
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald|Raleway
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8681d699eb6d84c903820e0364ebe6cabf98150bb14c6659ecb2cf84a368f54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 11:16:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jul 2024 11:23:34 GMT
css
fonts.googleapis.com/ 		18 KB
922 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,400i,500,500i,600,600i,700,700i&display=swap
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09f046c81e362c55171995f532ff18d7a4c9e0796c176677e7d3d08a269da0ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 11:23:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jul 2024 11:23:34 GMT
styles.074781273e726c700a9f359458196e04.css
cdn.friends-with-benefits.com/lp/assets/common/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/css/styles.074781273e726c700a9f359458196e04.css
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3::17c8:4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c6462ecb1c90c7dcb654105ea5056923af1e065f475876f9334f91002f169eb8

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:31 GMT
etag
W/"668680cf-3c97"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=182215
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721561014595_388869124_2606034665_22_789_132_0_255";dur=1
content-length
3461
tests.9d58efc456f03751102365e373d75df3.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/tests.9d58efc456f03751102365e373d75df3.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3::17c8:4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f69db08b2787c9a23a0717c41fa10fef18b3d3f551b9d025c65abd1f64fa4e64

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:34 GMT
etag
W/"668680d2-112e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=345873
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721561014595_388869124_2606034667_29_819_132_0_219";dur=1
content-length
1525
normalize.5ba84126003571ea3236be78004763a2.css
cdn.friends-with-benefits.com/lp/assets/common/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/css/normalize.5ba84126003571ea3236be78004763a2.css
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3::17c8:4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
02f43997f9636af74fc2387245054f2e934ae4b62c5389833fb5b6cf2eeba6f5

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:31 GMT
etag
W/"668680cf-180b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=368492
server-timing
cdn-cache; desc=HIT, edge; dur=27, origin; dur=0, ak_p; desc="1721561014454_388869124_2606034664_2636_788_132_136_255";dur=1
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1754
style.9857f23e220ae821032ac418210d0f04.css
cdn.friends-with-benefits.com/lp/assets/buttons/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/buttons/css/style.9857f23e220ae821032ac418210d0f04.css
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3::17c8:4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c9db2cc35e47bf8dd3945662608d104ca8d0a7a5d53129bdd48aa58f3e0e0d0f

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 10:58:54 GMT
etag
W/"6686806e-1e9d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=520068
server-timing
cdn-cache; desc=HIT, edge; dur=11, origin; dur=0, ak_p; desc="1721561014595_388869124_2606034666_1075_782_132_0_255";dur=1
content-length
1918
close.8c78db28b5a3f198d980d880fa39d3c1.png
cdn.friends-with-benefits.com/lp/assets/common/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/images/close.8c78db28b5a3f198d980d880fa39d3c1.png
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3::17c8:4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f090abfd9db1d2cecd4458aa419e6132809851c82b33aa4c11ee91a03abd80f2

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
last-modified
Thu, 04 Jul 2024 11:00:31 GMT
etag
"668680cf-af1"
geo_city
Chandler
content-type
image/png
cache-control
max-age=1281067
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721561014595_388869124_2606034668_28_699_132_0_182";dur=1
accept-ranges
bytes
content-length
2801
88IotQniKSbX4HOZoDy3yahEzRFypVk89XFakynP.webp
lpimg.friends-with-benefits.com/domain/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpimg.friends-with-benefits.com/domain/88IotQniKSbX4HOZoDy3yahEzRFypVk89XFakynP.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:b000::1737:ebc8 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
81e6e6f544a2db83e611873b2b77745a20cb021929bbe2d6808ec08dfa6f16ce

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
last-modified
Thu, 10 Nov 2022 06:42:48 GMT
x-amz-request-id
1R1ZJ7A399V6H7SF
etag
"7ffb7980ecb4a41cfa9639c8466e9aef"
content-type
image/webp
cache-control
max-age=6143001
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721561014451_389540804_1745980207_43_765_132_148_182";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
4840
x-amz-id-2
Qs6tAhp6/zxPJBSgUF1Lyaz86rXgIBRhMoyZbFbEPR9L8OcYvm+BFjGsUiKrB9wR6BxIKV6nuc4=
common.e75f6cb49ca52e4d03896beea90dfe08.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/common.e75f6cb49ca52e4d03896beea90dfe08.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3::17c8:4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
539b06bdc9c549a88fec7674b8b03e264f829756d6f76ef3b441d410d4b0816a

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:34 GMT
etag
W/"668680d2-5130"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=215488
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721561014735_388869124_2606034743_18_872_134_0_182";dur=1
content-length
5803
landing.e5b8664288da17b85dbbbece140918e1.js
cdn.friends-with-benefits.com/lp/assets/common/js/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/common/js/landing.e5b8664288da17b85dbbbece140918e1.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3::17c8:4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
de1195828ec1d23d3453b10d87a96cd954390b779e5fbf5238a6f9ab65d683a0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 11:00:34 GMT
etag
W/"668680d2-9268"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=116047
server-timing
cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1721561014738_388869124_2606034744_495_672_133_0_182";dur=1
content-length
10108
974a8748c4.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/974a8748c4.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a859243e16f4b34b1b9a8fd6195e5f28f4ea6381d82d8c9e31468f4a1eaab9cb

Request headers

Referer
https://friends-with-benefits.com/
Origin
https://friends-with-benefits.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8a6ad1d6ddb1100b-LAX
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F-K8_JFGlLHD1OYASnbB
script.205b43770a3985e1ff9387dbfa681845.js
cdn.friends-with-benefits.com/lp/assets/buttons/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.friends-with-benefits.com/lp/assets/buttons/js/script.205b43770a3985e1ff9387dbfa681845.js
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3::17c8:4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6cc95456945cebcd27216c692dafb23e15a9206461b691f40798a94c7369768c

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
last-modified
Thu, 04 Jul 2024 10:58:56 GMT
etag
W/"66868070-2b82"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=183886
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1721561014739_388869124_2606034745_682_659_133_0_182";dur=1
content-length
2873
gtm.js
www.googletagmanager.com/ 		274 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGJSH9M
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0322f62d67fb4da2b8d6e821bc8c8a321aeec1f8c6f28abd43b377f829f613e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96907
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Jul 2024 11:23:35 GMT
e5EDaHIMh4sw8te5crdghlEd2kYmg5VYmnb2jsQ4.webp
lpimg.friends-with-benefits.com/template/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpimg.friends-with-benefits.com/template/e5EDaHIMh4sw8te5crdghlEd2kYmg5VYmnb2jsQ4.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:b000::1737:ebc8 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1c9b96ac1e10e64f9a3b319298da97293681977c737ebe4cebfd5eb8507b855

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
last-modified
Wed, 26 Oct 2022 09:07:32 GMT
x-amz-request-id
QBW2E24SBWB856TV
etag
"2078eac294445c7b8c09a52b2053f47b"
x-amz-server-side-encryption
AES256
content-type
image/webp
cache-control
max-age=5883413
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1721561014766_389540804_1745980512_593_723_132_0_146";dur=1
accept-ranges
bytes
content-length
64072
x-amz-id-2
WHH+bL6d+RwUQwmA2MwpxG+zzoZxRWPS7FYg0sqSHzWqCaUEtOkPm5e8A7++0ekQD2GoZCbVgNsaxZ5BX4SFtQ==
background.fd3a8456cceb346c0891c03198a60c38.webp
cdn.friends-with-benefits.com/lp/assets/buttons/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.friends-with-benefits.com/lp/assets/buttons/images/background.fd3a8456cceb346c0891c03198a60c38.webp
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3::17c8:4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b61e7fe807b13187a9ada0e9547662d4909a895e64fb46dd7c059a91a4afc6a5

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
last-modified
Thu, 04 Jul 2024 10:58:54 GMT
etag
"6686806e-730"
geo_city
Halifax
content-type
image/webp
cache-control
max-age=1638885
server-timing
cdn-cache; desc=HIT, edge; dur=34, origin; dur=0, ak_p; desc="1721561014767_388869124_2606034766_3357_950_133_0_219";dur=1
accept-ranges
bytes
content-length
1840
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,400i,500,500i,600,600i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://friends-with-benefits.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 08:45:25 GMT
x-content-type-options
nosniff
age
355090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Jul 2025 08:45:25 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=974a8748c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/974a8748c4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:35 GMT
content-encoding
gzip
via
1.1 81316ca7254949464a40e31d08fd91bc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LAX50-P4
age
10782433
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rzGJjWW0rU3D%2Bk4D%2FbslnbY8EWHAirf8j8bj%2F%2FEw2FBliP7Zk54FHt1ZTBIaEx3EgSKk4JMc72%2FkfJcXBwnOmYEI1jwVw5ovj51TrWC2ROgKgT8GenFpYV%2Bq%2B4khrQPkwjKUmuN2Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a6ad1d85abf102c-LAX
access-control-allow-headers
fa-kit-token
x-amz-cf-id
3xSkyUstldEroghvzTsoYoAmU8OLNmi9-GjzX3t_JUOh4wTjaqtzUw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=974a8748c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/974a8748c4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:35 GMT
content-encoding
gzip
via
1.1 2ec67fd94557d4806c5b473c972cb654.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LAX50-P4
age
10767436
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5FrrpXhOK7eIalpETCrxemx9%2FmQIyfcmP0%2Bqx4mx%2BXdpcjAfUdLLQJzGGj3noFPknYkwisDDdP350aTiq14Pdxtm1JOd1Vpf5izqReJkzPOmNObNZs6FDNRlN%2B10mNcaqPuWn5w4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a6ad1d85ac2102c-LAX
access-control-allow-headers
fa-kit-token
x-amz-cf-id
X_2KKml3NEpP4riCcr0l_L8U1Lar8oGAGRiCz6oaHh0xuLGzAIfwAg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=974a8748c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/974a8748c4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:35 GMT
content-encoding
gzip
via
1.1 de28d65bfe168f9fd89c7a7ed3628bfa.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LAX50-P4
age
10292451
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZsvQ8rM4JTIOiy%2B4dkyi2XqHZpM8X9EPFFHlnyG65HdW%2B4k24SOCPZ8v6Qwt8L7aZjeTFiTeM7hz7dzrlcT0PTD2PuBBJcakyMZqa1wpAwnuT6yWKnZMX%2F0CH5SYRL6PDHVBAl9Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a6ad1d85ac5102c-LAX
access-control-allow-headers
fa-kit-token
x-amz-cf-id
FQ052DmB47NxqO6MgHyn2Y59-IgUVDEr4WaT8t0hmwMkPz_ZaWBbog==
js
www.googletagmanager.com/gtag/ 		253 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EN5YHWKKJL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJSH9M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
180a448505dbc2b11f824a54b817750393cc5898a54e6d7eb9eddac137aa0dd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90945
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jul 2024 11:23:35 GMT
myzbm75krd
www.clarity.ms/tag/ 		1005 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/myzbm75krd
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2a6c224ac6862d46fa0c97441760f6213c044c0b09cae0a41305df821fe1e6d7

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Sun, 21 Jul 2024 11:23:35 GMT
x-azure-ref
20240721T112335Z-17f5ddf5675l4ggh2edmdx1xsc0000000fwg000000005vmn
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1005
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
j.php
dev.visualwebsiteoptimizer.com/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=921607&u=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fint-nak-btn%2F%3Fadd%3DBckBtn%26s1%3Dtremfwb_us%26s2%3D1508%26s3%3DDLO-8760_%26tracking_id%3De663482729310033210fe8a20861ef74&vn=2.1&x=true
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gla2 /
Resource Hash
6fdacd4522be0625b01322579e5bc7d2ac24a748bb905999d75742ce97aaba31

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
content-encoding
gzip
via
1.1 google
server
gla2
etag
W/"1721490021_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://friends-with-benefits.com
cache-control
public, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
worker-7dd77bacd9f634c3a457558f6e7a9664br.js
dev.visualwebsiteoptimizer.com/edrv/ 		258 KB
63 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/worker-7dd77bacd9f634c3a457558f6e7a9664br.js
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gla2 /
Resource Hash
995a30c618b3b3a3a379460039d9c949556eeaf26c470baeb39fcdd3d12923db

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:35 GMT
content-encoding
br
via
1.1 google
last-modified
Sat, 20 Jul 2024 15:39:53 GMT
server
gla2
etag
"669bda49-fa7b"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64123
va_gq-44f2640fa93a9e159daaad5254e9d9c2br.js
dev.visualwebsiteoptimizer.com/edrv/ 		265 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/va_gq-44f2640fa93a9e159daaad5254e9d9c2br.js
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gla2 /
Resource Hash
67bb2be6fdd9cf5ab7213b0611e0a9a59a2239509d3a61a2137ce51ac1df763b

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:35 GMT
content-encoding
br
via
1.1 google
last-modified
Sat, 20 Jul 2024 15:39:53 GMT
server
gla2
etag
"669bda49-11202"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70146
v.gif
dev.visualwebsiteoptimizer.com/eu01/ 		35 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=921607&d=friends-with-benefits.com&u=D1EEE63AF228C836880F67B37E995675D&h=47e0b016339292de3a45db8ca43df0e3&t=false
Requested by
Host: friends-with-benefits.com
URL: https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel2c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:34 GMT
via
1.1 google
x-content-type-options
nosniff
server
gbel2c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/myzbm75krd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:35 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240721T112335Z-17f5ddf5675l4ggh2edmdx1xsc0000000fwg000000005vn5
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
f96a8543-701e-0001-2b40-d87107000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=681D7CE994FD443684BA257375D8C761&RedC=c.clarity.ms&MXFR=302EB3354E5A67503AFCA7F64A5A693A
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=681D7CE994FD443684BA257375D8C761&MUID=117F057EDE7C62FB3C0811BDDF8763B9
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=681D7CE994FD443684BA257375D8C761&MUID=117F057EDE7C62FB3C0811BDDF8763B9
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 11:23:36 GMT
last-modified
Tue, 25 Jun 2024 19:54:30 GMT
server
Microsoft-IIS/10.0
etag
"df9747e39c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 21 Jul 2024 11:23:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F41A9D531E4F45718DAC900F53D699F7 Ref B: LAXEDGE1613 Ref C: 2024-07-21T11:23:36Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=681D7CE994FD443684BA257375D8C761&MUID=117F057EDE7C62FB3C0811BDDF8763B9
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
RigKaMrHtxwKlB7SdbMsS1bttfrEqeOVlCx3hXy2.webp
lpimg.friends-with-benefits.com/domain/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lpimg.friends-with-benefits.com/domain/RigKaMrHtxwKlB7SdbMsS1bttfrEqeOVlCx3hXy2.webp
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.202.61.116 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-202-61-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d215eca5df1a2b7edbe6e37b39337a7da33e012000c357be39c3806abd03c048

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:36 GMT
last-modified
Thu, 10 Nov 2022 06:42:48 GMT
x-amz-request-id
VSM4R5X8KTTG8HQ5
etag
"e45933ca76ee03645f55c6de6410bdca"
content-type
image/webp
cache-control
max-age=2666258
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721561014925_389452660_659203510_9_702_-_-_-";dur=1
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
3306
x-amz-id-2
P3O5HmujK7nBF4V4ZUty3sRBYm/qLEXXmgXzTzIqe9kQL8OERHykU3ZzGQ+qYj980ZnDGDorMjE=
quic-version
0x00000001
nc-a9dbfbedffc9ab437cee43af0b53c5babr.js
dev.visualwebsiteoptimizer.com/edrv/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/nc-a9dbfbedffc9ab437cee43af0b53c5babr.js
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gla2 /
Resource Hash
f2b19452ba4fc065cbed1167581ad6c5bc3b2829befe782a46457ce5ca069f74

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:36 GMT
content-encoding
br
via
1.1 google
last-modified
Sat, 20 Jul 2024 15:39:53 GMT
server
gla2
etag
"669bda49-cc3"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3267
s.gif
dev.visualwebsiteoptimizer.com/eu01/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/eu01/s.gif?account_id=921607&u=D1EEE63AF228C836880F67B37E995675D&s=1721561014&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1721561016382%2C%22tO%22%3A10%2C%22tz%22%3A%22Pacific%2FHonolulu%22%7D&cu=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fint-nak-btn%2F%3Fadd%3DBckBtn%26s1%3Dtremfwb_us%26s2%3D1508%26s3%3DDLO-8760_%26tracking_id%3De663482729310033210fe8a20861ef74&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1721561014397&v=d06c05a4b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel2c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 11:23:35 GMT
via
1.1 google
x-content-type-options
nosniff
server
gbel2c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
d523efaf-483a-433a-8e89-dd9553a69492
https://friends-with-benefits.com/ 		259 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://friends-with-benefits.com/d523efaf-483a-433a-8e89-dd9553a69492
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4adebd64125eeb6a1fcc93b747a69c661f20135919dbc3e9a3574cff2641406a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
265273
Content-Type
application/javascript
collect
q.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends-with-benefits.com
Date
Sun, 21 Jul 2024 11:23:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
friends-with-benefits.com/gtm-server/g/ 		65 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://friends-with-benefits.com/gtm-server/g/collect?v=2&tid=G-EN5YHWKKJL&gtm=45je47h0v9115575705z879004183za200zb79004183&_p=1721561014235&gcs=G100&gcd=13p3p3p3p7&npa=1&dma_cps=-&dma=0&tag_exp=0&gtm_up=1&cid=742278780.1721561016&ecid=1532462632&ul=en-us&sr=1600x1200&_fplc=0&ur=US-CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&sst.rnd=997277848.1721561016&sst.gcd=13p3p3p3p7&sst.adr=1&sst.tft=1721561014235&sst.ude=0&_s=1&sid=1721561015&sct=1&seg=0&dl=https%3A%2F%2Ffriends-with-benefits.com%2Flp%2Fint-nak-btn%2F%3Fadd%3DBckBtn%26s1%3Dtremfwb_us%26s2%3D1508%26s3%3DDLO-8760_%26tracking_id%3De663482729310033210fe8a20861ef74&dt=Friends-with-benefits&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.ga4_id=G-EN5YHWKKJL&tfd=3121&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EN5YHWKKJL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.161.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-161-178.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends-with-benefits.com/lp/int-nak-btn/?add=BckBtn&s1=tremfwb_us&s2=1508&s3=DLO-8760_&tracking_id=e663482729310033210fe8a20861ef74
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
settings.js
dev.visualwebsiteoptimizer.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=921607&settings_type=1&vn=&eventArch=1&uuid=&ec=1187749&exc=3|6
Requested by
Host: aer5v.blogspot.com
URL: https://aer5v.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gla2 /
Resource Hash
41fcbaa3bab253991f669647e28c1edd5c533b1b3679ef8a82af5244dac4249f

Request headers

Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 11:23:35 GMT
content-encoding
gzip
via
1.1 google
server
gla2
etag
W/"1721490021_EA"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
q.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends-with-benefits.com
Date
Sun, 21 Jul 2024 11:23:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
q.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://friends-with-benefits.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends-with-benefits.com
Date
Sun, 21 Jul 2024 11:23:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| detectAdBlock function| showAdblockPopupIfDetected function| loadScript function| scriptLoadError function| mainScriptLoadError function| sleep function| getHostnameWithProtocol function| _0x8312 function| _0x5b66 object| TESTS string| domain object| oauth_providers string| oauth_url string| finish_text object| email_autofill_domains string| homepage_uri boolean| show_cookie_box number| latitude number| longitude string| locale object| isTest function| _0x4c06 function| _0x2e1e7d function| _0x1d28 object| Cookie object| CookieBox object| Placeholder function| _0x5e262d function| _0x19ea function| _0x12ec object| DOM object| REGISTRATION object| ERROR function| sendGTMEvent function| setCookie function| autocomplete object| FontAwesomeKitConfig function| _0x2717 function| _0x1dd0 function| next function| back function| nextStep function| backStepButton function| showothers function| registerWith object| google_tag_manager object| google_tag_data function| clarity object| code object| _vwo_code number| _vwo_settings_timer object| _VWO string| _vwo_mt string| _vwo_cookieDomain string| _vwo_surveyAssetsBaseUrl object| VWO number| _vwo_acc_id object| vwo_iehack_queue object| VWOOmni string| _vwo_cdn_url number| _vwo_library_timer string| _vis_opt_lib object| mainThread function| JSONStringify object| _vwo_evq function| _vwo_ev object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vis_opt_queue object| fetcher function| _removeVwoGlobalStyle function| vwo_$ object| functionWrapper string| _vwo_server_url function| _vwo_s object| _vwo_exp string| _vwo_uuid object| gaGlobal function| _vis_opt_goal_conversion function| _vis_opt_register_conversion function| _vis_opt_revenue_conversion function| _vis_opt_createCookie function| _vis_opt_readCookie function| _vis_opt_element_loaded boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_surveySettings object| _vwo_exp_ids object| _vwo_pa boolean| vwo_libExecuted

22 Cookies

Domain/Path Name / Value
trk.securedconfirm.com/ Name: enc_aff_session_9226
Value: ENC03077f13eb08d155484af8e8d35741b8f457c1693e8584f157ca90fe632f5b8a68eddd337e1a3784edfea571f749e4770eb0e3a30908bbf9dabdbcbe9015d0cf7437a8be2783685bc8cf1530f919c269038a37264f5872ccc745a8605e1c7369064f56138664f8166f6fdc32fba14d9959b6fec45286e9ce8ad0535abaa4f35a3809ee4538
trk.securedconfirm.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
my.link23456.com/ Name: U-532b81fa223a1b1ec74139a5b8151d12
Value: unique
my.link23456.com/ Name: o_532b81fa223a1b1ec74139a5b8151d12
Value: abfb7dea-f94e-48e0-90a4-925de43694d7
.friends-with-benefits.com/ Name: _vwo_uuid_v2
Value: D1EEE63AF228C836880F67B37E995675D|47e0b016339292de3a45db8ca43df0e3
www.clarity.ms/ Name: CLID
Value: 06dcdec2ed294f81a5c5a6242417bda9.20240721.20250721
.friends-with-benefits.com/ Name: _clck
Value: ofwpoa%7C2%7Cfnn%7C0%7C1663
.friends-with-benefits.com/ Name: _vwo_uuid
Value: D1EEE63AF228C836880F67B37E995675D
.friends-with-benefits.com/ Name: _vwo_ds
Value: 3%241721561014%3A77.56970036%3A%3A
.friends-with-benefits.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.friends-with-benefits.com/ Name: _vis_opt_s
Value: 1%7C
.friends-with-benefits.com/ Name: _vis_opt_test_cookie
Value: 1
.bing.com/ Name: MUID
Value: 117F057EDE7C62FB3C0811BDDF8763B9
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 117F057EDE7C62FB3C0811BDDF8763B9
.friends-with-benefits.com/ Name: _clsk
Value: 7tkbax%7C1721561017105%7C1%7C1%7Cq.clarity.ms%2Fcollect
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 117F057EDE7C62FB3C0811BDDF8763B9
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
friends-with-benefits.com/ Name: AWSALB
Value: mp/qQpPydXfVsxcOkCpvTChinDT6v9l62CcKJy/QVMEwUGXcUQoZDnluhsJHu2onNChoy2/AEwDqEfcns64hp9niOr3npj0dvhgDXUpCpnycuLILQ2d4oh5809bVU8K2+YxvmdSBWeDRvLtb5cPuQ5LEuhTJlmRyCDKaGiVCCJ+wdNUwcek7keXiH7c/Rg==
friends-with-benefits.com/ Name: AWSALBCORS
Value: mp/qQpPydXfVsxcOkCpvTChinDT6v9l62CcKJy/QVMEwUGXcUQoZDnluhsJHu2onNChoy2/AEwDqEfcns64hp9niOr3npj0dvhgDXUpCpnycuLILQ2d4oh5809bVU8K2+YxvmdSBWeDRvLtb5cPuQ5LEuhTJlmRyCDKaGiVCCJ+wdNUwcek7keXiH7c/Rg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aer5v.blogspot.com
c.bing.com
c.clarity.ms
candymtch.site
cdn.friends-with-benefits.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
friends-with-benefits.com
ka-f.fontawesome.com
kit.fontawesome.com
lpimg.friends-with-benefits.com
my.link23456.com
q.clarity.ms
resources.blogblog.com
trk.securedconfirm.com
www.blogger.com
www.clarity.ms
www.googletagmanager.com
www.gstatic.com
162.255.119.48
172.67.139.119
18.197.191.217
20.110.205.119
20.231.53.73
23.202.61.116
2600:141b:b000::1737:ebc8
2600:141b:f000:3::17c8:4
2606:4700:4400::6812:2844
2607:f8b0:4006:809::2003
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80e::2001
2607:f8b0:4006:81e::2008
2607:f8b0:4006:821::2009
2607:f8b0:4006:823::200a
2620:1ec:bdf::40
2620:1ec:c11::237
3.121.161.178
34.96.102.137
52.21.124.51
02f43997f9636af74fc2387245054f2e934ae4b62c5389833fb5b6cf2eeba6f5
09f046c81e362c55171995f532ff18d7a4c9e0796c176677e7d3d08a269da0ca
180a448505dbc2b11f824a54b817750393cc5898a54e6d7eb9eddac137aa0dd7
2a6c224ac6862d46fa0c97441760f6213c044c0b09cae0a41305df821fe1e6d7
41fcbaa3bab253991f669647e28c1edd5c533b1b3679ef8a82af5244dac4249f
4adebd64125eeb6a1fcc93b747a69c661f20135919dbc3e9a3574cff2641406a
539b06bdc9c549a88fec7674b8b03e264f829756d6f76ef3b441d410d4b0816a
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
67bb2be6fdd9cf5ab7213b0611e0a9a59a2239509d3a61a2137ce51ac1df763b
69508117f692171e54b07a39c64621cd955d2b9ced0205c12ee01092c4092991
6cc95456945cebcd27216c692dafb23e15a9206461b691f40798a94c7369768c
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6fdacd4522be0625b01322579e5bc7d2ac24a748bb905999d75742ce97aaba31
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
81e6e6f544a2db83e611873b2b77745a20cb021929bbe2d6808ec08dfa6f16ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8681d699eb6d84c903820e0364ebe6cabf98150bb14c6659ecb2cf84a368f54e
995a30c618b3b3a3a379460039d9c949556eeaf26c470baeb39fcdd3d12923db
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a859243e16f4b34b1b9a8fd6195e5f28f4ea6381d82d8c9e31468f4a1eaab9cb
b1c9b96ac1e10e64f9a3b319298da97293681977c737ebe4cebfd5eb8507b855
b61e7fe807b13187a9ada0e9547662d4909a895e64fb46dd7c059a91a4afc6a5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c6462ecb1c90c7dcb654105ea5056923af1e065f475876f9334f91002f169eb8
c9db2cc35e47bf8dd3945662608d104ca8d0a7a5d53129bdd48aa58f3e0e0d0f
d215eca5df1a2b7edbe6e37b39337a7da33e012000c357be39c3806abd03c048
de1195828ec1d23d3453b10d87a96cd954390b779e5fbf5238a6f9ab65d683a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
f0322f62d67fb4da2b8d6e821bc8c8a321aeec1f8c6f28abd43b377f829f613e
f090abfd9db1d2cecd4458aa419e6132809851c82b33aa4c11ee91a03abd80f2
f2b19452ba4fc065cbed1167581ad6c5bc3b2829befe782a46457ce5ca069f74
f69db08b2787c9a23a0717c41fa10fef18b3d3f551b9d025c65abd1f64fa4e64
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda