urlscan.io logo urlscan.io
SecurityTrails logo

www.secretbenefits.com Open in urlscan Pro
104.17.207.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mainting-minues.xyz/08cfd36c-7f42-4542-9f4d-f640d268bfdf?variant=a1v54
Effective URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medi...
Submission: On September 08 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 31 HTTP transactions. The main IP is 104.17.207.19, located in and belongs to CLOUDFLARENET, US. The main domain is www.secretbenefits.com. The Cisco Umbrella rank of the primary domain is 246537.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 10th 2023. Valid for: a year.
This is the only time www.secretbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.22.112.25 14618 (AMAZON-AES)
1 1 18.213.16.6 14618 (AMAZON-AES)
1 17 104.17.207.19 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (STACKPATH...)
3 142.251.163.97 15169 (GOOGLE)
2 142.251.167.95 15169 (GOOGLE)
1 104.16.56.101 13335 (CLOUDFLAR...)
1 172.253.63.94 15169 (GOOGLE)
5 142.251.111.139 15169 (GOOGLE)
1 172.253.63.154 15169 (GOOGLE)
1 158.69.52.117 16276 (OVH)
31 9
1    23.22.112.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-112-25.compute-1.amazonaws.com
mainting-minues.xyz
1    18.213.16.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-16-6.compute-1.amazonaws.com
exn98.voluumtrk.com
17    104.17.207.19 (None, )

ASN13335 (CLOUDFLARENET, US)
www.secretbenefits.com
system.secretbenefits.com
static.secretbenefits.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.trackjs.com
3    142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net
www.googletagmanager.com
2    142.251.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net
fonts.googleapis.com
1    104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
fonts.gstatic.com
5    142.251.111.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f139.1e100.net
www.google-analytics.com
1    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
stats.g.doubleclick.net
1    158.69.52.117 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-3.tjsint.net
usage.trackjs.com
Apex Domain
Subdomains		 Transfer
17 secretbenefits.com
www.secretbenefits.com — Cisco Umbrella Rank: 246537
system.secretbenefits.com — Cisco Umbrella Rank: 690805
static.secretbenefits.com — Cisco Umbrella Rank: 370071
466 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
226 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
2 KB
2 trackjs.com
cdn.trackjs.com — Cisco Umbrella Rank: 13387
usage.trackjs.com — Cisco Umbrella Rank: 4193
10 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
351 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1103
7 KB
1 voluumtrk.com
exn98.voluumtrk.com — Cisco Umbrella Rank: 762131
1 KB
1 mainting-minues.xyz
mainting-minues.xyz
562 B
31 10
Domain Requested by
14 www.secretbenefits.com 1 redirects www.secretbenefits.com
cdn.trackjs.com
5 www.google-analytics.com www.googletagmanager.com
cdn.trackjs.com
3 www.googletagmanager.com www.secretbenefits.com
www.googletagmanager.com
2 static.secretbenefits.com www.secretbenefits.com
2 fonts.googleapis.com www.secretbenefits.com
1 usage.trackjs.com
1 stats.g.doubleclick.net cdn.trackjs.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.cloudflareinsights.com www.secretbenefits.com
1 system.secretbenefits.com www.secretbenefits.com
1 cdn.trackjs.com www.secretbenefits.com
1 exn98.voluumtrk.com 1 redirects
1 mainting-minues.xyz 1 redirects
31 13

This site contains links to these domains. Also see Links.

Domain
exn98.voluumtrk.com
Subject Issuer Validity Valid
secretbenefits.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
cdn.trackjs.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.trackjs.com
RapidSSL TLS RSA CA G1		 2023-07-31 -
2024-08-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Frame ID: 05978024442FCABE628B3941A44EFD0F
Requests: 29 HTTP requests in this frame

Frame: https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Frame ID: FA358EAB252072A0A6AB91C8D25B3C8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Secret Benefits - Where Experienced & Attractive People Meet

Page URL History Show full URLs

  1. https://mainting-minues.xyz/08cfd36c-7f42-4542-9f4d-f640d268bfdf?variant=a1v54 HTTP 302
    https://exn98.voluumtrk.com/8617db48-ade7-4bac-917b-3fec9acf0798?utm_content=a1v54 HTTP 302
    https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

31
Requests

97 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

780 kB
Transfer

1854 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mainting-minues.xyz/08cfd36c-7f42-4542-9f4d-f640d268bfdf?variant=a1v54 HTTP 302
    https://exn98.voluumtrk.com/8617db48-ade7-4bac-917b-3fec9acf0798?utm_content=a1v54 HTTP 302
    https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.secretbenefits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request not%20escorts
www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/
Redirect Chain
  • https://mainting-minues.xyz/08cfd36c-7f42-4542-9f4d-f640d268bfdf?variant=a1v54
  • https://exn98.voluumtrk.com/8617db48-ade7-4bac-917b-3fec9acf0798?utm_content=a1v54
  • https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-...
11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
c45838cc216064427d1ad4646aad60c5c769c84a897e2ca2805eeae8b6e06f92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8034bcec5e8538e5-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 08 Sep 2023 05:19:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
link
<https://www.secretbenefits.com/assets/landings/montreal-6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354.css>; rel=preload; as=style; nopush,<https://www.secretbenefits.com/assets/marketing.default-24d53e90293ab7f61902ac7932e3ebbe1b25da00efb7109140f6e1a67c3badd5.css>; rel=preload; as=style; nopush,<https://www.secretbenefits.com/assets/bridge-5d73540becf9a7b6010ce6b4e42ed885a0866dd28025d2a43c1e8fe1c5389aef.js>; rel=preload; as=script; nopush,<https://www.secretbenefits.com/assets/public-8740492b04fbe4372df3d995b5cc67b5583cc5fc3ba65120b6cc51a0831b7ab4.js>; rel=preload; as=script; nopush,<https://www.secretbenefits.com/assets/validators-711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e.js>; rel=preload; as=script; nopush
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
sb-version
202308100001
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R)
x-request-id
9faccc40-80f2-4e19-aa7a-e77ee3f088cd
x-runtime
0.029657
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Fri, 08 Sep 2023 05:19:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
pragma
no-cache
server
nginx
montreal-6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354.css
www.secretbenefits.com/assets/landings/ 		2 KB
692 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/assets/landings/montreal-6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 14:51:17 GMT
server
cloudflare
age
6709888
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8034bcee883438e5-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 07 Sep 2024 05:19:41 GMT
marketing.default-24d53e90293ab7f61902ac7932e3ebbe1b25da00efb7109140f6e1a67c3badd5.css
www.secretbenefits.com/assets/ 		140 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/assets/marketing.default-24d53e90293ab7f61902ac7932e3ebbe1b25da00efb7109140f6e1a67c3badd5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24d53e90293ab7f61902ac7932e3ebbe1b25da00efb7109140f6e1a67c3badd5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Aug 2023 08:18:59 GMT
server
cloudflare
age
2580095
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8034bcee883538e5-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 07 Sep 2024 05:19:41 GMT
bridge-5d73540becf9a7b6010ce6b4e42ed885a0866dd28025d2a43c1e8fe1c5389aef.js
www.secretbenefits.com/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/assets/bridge-5d73540becf9a7b6010ce6b4e42ed885a0866dd28025d2a43c1e8fe1c5389aef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d73540becf9a7b6010ce6b4e42ed885a0866dd28025d2a43c1e8fe1c5389aef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 14:51:56 GMT
server
cloudflare
age
3265802
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8034bcee883738e5-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 07 Sep 2024 05:19:41 GMT
public-8740492b04fbe4372df3d995b5cc67b5583cc5fc3ba65120b6cc51a0831b7ab4.js
www.secretbenefits.com/assets/ 		649 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/assets/public-8740492b04fbe4372df3d995b5cc67b5583cc5fc3ba65120b6cc51a0831b7ab4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8740492b04fbe4372df3d995b5cc67b5583cc5fc3ba65120b6cc51a0831b7ab4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Aug 2023 16:42:31 GMT
server
cloudflare
age
1341340
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8034bcee883938e5-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 07 Sep 2024 05:19:41 GMT
validators-711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e.js
www.secretbenefits.com/assets/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/assets/validators-711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Mar 2023 09:19:58 GMT
server
cloudflare
age
6709888
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8034bcee883a38e5-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 07 Sep 2024 05:19:41 GMT
t.js
cdn.trackjs.com/agent/v3/latest/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a

Request headers

Referer
https://www.secretbenefits.com/
Origin
https://www.secretbenefits.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:42 GMT
content-encoding
gzip
x-amz-meta-cache-control
s-max-age=3600, max-age=604800, public
last-modified
Thu, 05 Aug 2021 14:40:38 GMT
server
AmazonS3
x-amz-request-id
NP9B6Q5R8GNEQEFA
etag
"48ead32171e554edb2744890102504b0"
x-hw
1694150382.cds183.ch4.hn,1694150382.cds215.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-max-age=3600, max-age=604800, public
x-amz-meta-content-type
application/javascript
accept-ranges
bytes
content-length
9283
x-amz-id-2
Upj2eiIKmgUYsaT5YRx3H1BBsrIGSKYHgJYN01iTjT+gAwWCKsfa8EBDna0Wl+jP03e/EpxsUdI=
js
www.googletagmanager.com/gtag/ 		215 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PNCMZBZDY8
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
635c0b19dbcd766e2acbd226f3f67df515fa0896e591a05952ba6102dbef7562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Sep 2023 05:19:42 GMT
script.js
www.secretbenefits.com/js/ 		1 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/js/script.js
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 14:24:30 GMT
server
cloudflare
age
53712
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400
cross-origin-resource-policy
cross-origin
cf-ray
8034bcf0bf1e542b-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 09 Oct 2023 05:19:42 GMT
dd93c6567418dafcf478ded5ff4bc157.png
system.secretbenefits.com/1f6d1f980e1fe0855b17346bc9bd4d5d/ 		195 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://system.secretbenefits.com/1f6d1f980e1fe0855b17346bc9bd4d5d/dd93c6567418dafcf478ded5ff4bc157.png
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b024456eab8d63dd944967d80acc0316cf8618549d0001b7b968ff5e1aa4667

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:42 GMT
cf-cache-status
HIT
x-amz-request-id
FQPJRMSJ1Z73JMH5
age
6447
alt-svc
h3=":443"; ma=86400
content-length
199558
x-amz-id-2
5S8QND3i7SRoT2zkfOz7mPY7d0X7zQKZz3akXjCFZiqVzQseK2ZEcZJhlrqOtZDupdcbbs97r7egXN3nyCmhuQ==
last-modified
Wed, 21 Sep 2022 14:51:48 GMT
server
cloudflare
etag
"dea48fc547f3253e9b6a14c629006679"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8034bcf0fa1138e5-YYZ
expires
Mon, 09 Oct 2023 05:19:42 GMT
css2
fonts.googleapis.com/ 		12 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Flex:wght,XTRA,YTAS,YTDE,YTFI@300,480,720,-210,740;400,480,720,-210,740;500,480,720,-210,740;700,480,720,-210,740&display=swap
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
38d88460abbde9b5233bb92609fe2dcd8d10e94dad6cd8b41faf09de0471c0d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Sep 2023 05:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 05:19:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Sep 2023 05:19:41 GMT
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Sep 2023 05:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 05:19:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Sep 2023 05:19:41 GMT
SB-IconFont.woff2
static.secretbenefits.com/fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.secretbenefits.com/fonts/SB-IconFont.woff2
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107b2ce10a06f9f4dc41dfc13558927bc1f9480703ec5c532d614406a63ec511

Request headers

Referer
https://www.secretbenefits.com/
Origin
https://www.secretbenefits.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:41 GMT
x-amz-version-id
null
via
1.1 9efae6bd11203a2d6052a905ad31f308.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD56-P9
age
4538
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13612
last-modified
Fri, 07 Jul 2023 14:01:00 GMT
server
cloudflare
etag
"45adbd516e09e40d63dda4021b346710"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8034bcef5d7f39f9-YYZ
x-amz-cf-id
MgGz3vZyS1AD_YXML3rdRnP3SWGBcLuyqUhGGYqBzP11-HQRlCAknw==
expires
Mon, 09 Oct 2023 05:19:41 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://www.secretbenefits.com/
Origin
https://www.secretbenefits.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:42 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8034bcf33ed6a1ed-YYZ
logo-white.svg
static.secretbenefits.com/themes/default/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.secretbenefits.com/themes/default/logo-white.svg
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/marketing.default-24d53e90293ab7f61902ac7932e3ebbe1b25da00efb7109140f6e1a67c3badd5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7780831ffa9962c47c5a50b51e548eb06b24cc191a37ec261c82c359f62f5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:43 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
PKK63A73VFVQCHP5
age
4074
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
OnecUMiR1qzunPIc3W5mhfW3qvMQrbBwUEq9UL6EFU9Wax15IRr9SdjWO86BATy7VyYiECvm7jQ=
last-modified
Wed, 05 Apr 2023 07:45:35 GMT
server
cloudflare
etag
W/"8626716976e9c6ab86f08273dc81e483"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2678400
cf-ray
8034bcf61b37542b-YYZ
expires
Mon, 09 Oct 2023 05:19:43 GMT
NaO5cZLOBv5T3oB7Cb4i0xG2bABEwTZXc7yZsWIEzvBfH8JUoVt_c_v1HvwJd2uoHzgCEBtOHRsTftDvFHTjLI5Ug8R7Ia1uZfB0nw9Cgdm9oYDZAEs57Ux2xfP1zPcIDZt3xnf9dHnhdhChXfgV.woff2
fonts.gstatic.com/s/robotoflex/v9/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoflex/v9/NaO5cZLOBv5T3oB7Cb4i0xG2bABEwTZXc7yZsWIEzvBfH8JUoVt_c_v1HvwJd2uoHzgCEBtOHRsTftDvFHTjLI5Ug8R7Ia1uZfB0nw9Cgdm9oYDZAEs57Ux2xfP1zPcIDZt3xnf9dHnhdhChXfgV.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:wght,XTRA,YTAS,YTDE,YTFI@300,480,720,-210,740;400,480,720,-210,740;500,480,720,-210,740;700,480,720,-210,740&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
53332adcfa31b48320b85b358003e317af419379dfe29ad56fe877704cfaedde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.secretbenefits.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 06:01:09 GMT
x-content-type-options
nosniff
age
83914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48644
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 19:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Sep 2024 06:01:09 GMT
collect
www.google-analytics.com/g/ 		0
167 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PNCMZBZDY8&gtm=45je3960&_p=704814078&cid=952849824.1694150383&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694150383&sct=1&seg=0&dl=https%3A%2F%2Fwww.secretbenefits.com%2Fwelcome%2Fvoluum_montreal_d_124_c%2Fll_sp%2Fnot%2520escorts%3Futm_campaign%3Dll_sp%26utm_source%3Dll_sp%26utm_medium%3Dad%26utm_term%3Dnot%2520escorts%26utm_content%3Dad%26cep%3DQ6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw%26lptoken%3D165294dd15eb21b8811f&dt=Secret%20Benefits%20-%20Where%20Experienced%20%26%20Attractive%20People%20Meet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNCMZBZDY8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 05:19:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.secretbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-489364-37&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNCMZBZDY8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
acc1c04efd6a7e1dbc4ec2e5f41df4a14bc1edf413d88550431a6cebfb73780f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68332
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Sep 2023 05:19:43 GMT
event
www.secretbenefits.com/api/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/api/event
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Sep 2023 05:19:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
8034bcf67b78542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F4LUzCkYNCWsFfEB7iEh
visits
www.secretbenefits.com/ahoy/ 		56 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/ahoy/visits
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
0fd0660e4b60c2b4892d7bfddfd6471f1f6d869d78df47d0e382b1a3ae55f292
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
X-Requested-With
XMLHttpRequest
X-CSRF-Token
ZI61iBYXPmjTQFZ3oJNTazeYCdSyt8Ajhl8KhvWyGUvkm0qItIC3dsS537Tz1dFCgf9reUO6l_6egWBCtTnl7g
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 08 Sep 2023 05:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R)
status
200 OK
sb-version
202308100001
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d226efe4-4721-46a5-8b12-d7e536188497
pragma
no-cache
x-runtime
0.006188
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"0fd0660e4b60c2b4892d7bfddfd6471f"
x-download-options
noopen
vary
Accept
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-store
cf-ray
8034bcf68b7a542b-YYZ
expires
Mon, 01 Jan 1990 00:00:00 GMT
events
www.secretbenefits.com/ahoy/ 		0
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/ahoy/events
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/public-8740492b04fbe4372df3d995b5cc67b5583cc5fc3ba65120b6cc51a0831b7ab4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryjIwLeX9qzyBnMB7K

Response headers

date
Fri, 08 Sep 2023 05:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R)
status
200 OK
sb-version
202308100001
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f776e8e8-0503-4e0c-9502-4f01c66ce086
pragma
no-cache
x-runtime
0.008289
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-store
cf-ray
8034bcf68b7c542b-YYZ
expires
Mon, 01 Jan 1990 00:00:00 GMT
main.js
www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/ Frame FA35
Redirect Chain
  • https://www.secretbenefits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
Protocol
H3
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b24620d1fa9d2f939e393886a98ccdef8d647a6ae104b71f41b0935b924db5c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8034bcf70bca542b-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 08 Sep 2023 05:19:43 GMT
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8034bcf6cbaa542b-YYZ
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		243 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G28DQ6FYF9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-489364-37&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3f035c251e8966c5ec04b82065baaccb33a4c04f53560d6e37e6f276e03d32e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 05:19:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83713
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Sep 2023 05:19:43 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-489364-37&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Sep 2023 04:32:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2830
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 08 Sep 2023 06:32:33 GMT
8034bcec5e8538e5
www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame FA35 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/jsd/r/8034bcec5e8538e5
Requested by
Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Sep 2023 05:19:43 GMT
content-encoding
br
server
cloudflare
cf-ray
8034bcf81c65542b-YYZ
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=704814078&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secretbenefits.com%2Fwelcome%2Fvoluum_montreal_d_124_c%2Fll_sp%2Fnot%2520escorts%3Futm_campaign%3Dll_sp%26utm_source%3Dll_sp%26utm_medium%3Dad%26utm_term%3Dnot%2520escorts%26utm_content%3Dad%26cep%3DQ6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw%26lptoken%3D165294dd15eb21b8811f&ul=en-us&de=UTF-8&dt=Secret%20Benefits%20-%20Where%20Experienced%20%26%20Attractive%20People%20Meet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1302377278&gjid=222229363&cid=952849824.1694150383&tid=UA-489364-37&_gid=2074623618.1694150383&_r=1&gtm=457e3960&jsscut=1&z=687364721
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.secretbenefits.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 05:19:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.secretbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-G28DQ6FYF9&gtm=45je3960&_p=704814078&cid=952849824.1694150383&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1694150383&sct=1&seg=0&dl=https%3A%2F%2Fwww.secretbenefits.com%2Fwelcome%2Fvoluum_montreal_d_124_c%2Fll_sp%2Fnot%2520escorts%3Futm_campaign%3Dll_sp%26utm_source%3Dll_sp%26utm_medium%3Dad%26utm_term%3Dnot%2520escorts%26utm_content%3Dad%26cep%3DQ6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw%26lptoken%3D165294dd15eb21b8811f&dt=Secret%20Benefits%20-%20Where%20Experienced%20%26%20Attractive%20People%20Meet&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G28DQ6FYF9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 05:19:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.secretbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-489364-37&cid=952849824.1694150383&jid=1302377278&gjid=222229363&_gid=2074623618.1694150383&_u=YADAAUAAAAAAACAAI~&z=906271213
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.secretbenefits.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 08 Sep 2023 05:19:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.secretbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
usage.gif
usage.trackjs.com/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usage.trackjs.com/usage.gif?token=c186aa1a0614494d9fe42ffe9ff4cb35&correlationId=603429d3-09fc-4eb2-88a2-7885065ed664&application=production&x=a3383211-38f0-4234-a511-9f078c4b9b4c&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.52.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
prd-usage-3.tjsint.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Fri, 08 Sep 2023 05:19:43 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
www.secretbenefits.com/cdn-cgi/ 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.secretbenefits.com/cdn-cgi/rum?
Requested by
Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.207.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.secretbenefits.com/welcome/voluum_montreal_d_124_c/ll_sp/not%20escorts?utm_campaign=ll_sp&utm_source=ll_sp&utm_medium=ad&utm_term=not%20escorts&utm_content=ad&cep=Q6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw&lptoken=165294dd15eb21b8811f
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type
application/json

Response headers

date
Fri, 08 Sep 2023 05:19:43 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.secretbenefits.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8034bcf8accd542b-YYZ
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PNCMZBZDY8&gtm=45je3960&_p=704814078&cid=952849824.1694150383&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694150383&sct=1&seg=0&dl=https%3A%2F%2Fwww.secretbenefits.com%2Fwelcome%2Fvoluum_montreal_d_124_c%2Fll_sp%2Fnot%2520escorts%3Futm_campaign%3Dll_sp%26utm_source%3Dll_sp%26utm_medium%3Dad%26utm_term%3Dnot%2520escorts%26utm_content%3Dad%26cep%3DQ6ohCvJIJSlhhdkN7ANLO-56kLAJCbDegnznJGNxC-jgrzyKYG3Vpr1S8Dw3DU9WmFsxmKvR_4S8ypBXublj1KUUCU9zzuDJGHxWAFtxQc1_D54IZcvDpYXF9QoZPTQdelg31Ub2IuZTMhICm5NhujbdFrYghu_JnK-tSkxgziRuf496C_EQ9idjiavmoKSWGkha8lQ9w4AS1HuiEG8O5HHK_J2M3BBLSPeV5wiRlFbu29fWpZXHT7Sb3cSqpQtf56iuHE0mcTW76hy2Vuviot09EEzaGMNuDsJQyg-JAb27NYWh-gIYUO0BI8ndB5z8e_i7DfRii7J-m3f8KKJr8VSIq9F8oeOr-SPzUpxAIgc2LhpTMyRDej6-rjMWC5emKV4ZLM8nZeAf-kS3ghb7vw%26lptoken%3D165294dd15eb21b8811f&dt=Secret%20Benefits%20-%20Where%20Experienced%20%26%20Attractive%20People%20Meet&en=scroll&epn.percent_scrolled=90&_et=46
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNCMZBZDY8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.secretbenefits.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Sep 2023 05:19:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.secretbenefits.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| trackJs object| TrackJS function| gtag object| dataLayer function| sign_fn function| linkPrefetchStrategy object| SA function| $ function| jQuery function| clearImmediate function| setImmediate object| regeneratorRuntime object| angular function| _ object| Cookies object| google_tag_manager object| google_tag_data object| ClientSideValidations object| gaGlobal function| plausible object| __cfBeacon string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

15 Cookies

Domain/Path Name / Value
.mainting-minues.xyz/ Name: 08cfd36c-7f42-4542-9f4d-f640d268bfdf-v4
Value: 7Go4BoNKh1p4QavZik7hBho7E-EBJYbVulYn3UjvLX4
.mainting-minues.xyz/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22wl58ahmc6m2n9ler2ev5ou8g%22%2C%22caid%22%3A%2208cfd36c-7f42-4542-9f4d-f640d268bfdf%22%7D
.exn98.voluumtrk.com/ Name: 8617db48-ade7-4bac-917b-3fec9acf0798-v4
Value: HOafdK6yqTJT4326Xhc0iYB1ae8ZnXtd6gSc7IYLBVQ
.exn98.voluumtrk.com/ Name: cep-v4
Value: p0MTC_lngSikyKpYPxWGPBP5IvE-jx8GErYqL7EB0kT5sxt-95ROX-dpEdm4Ds-mwMv_0mxOukVQolVkCVO6BOSrvK9CsYQz-BXFk7PCqyxeRttOsQtMQquTLkA6XhYpQQombqnr0Z1NX18lstSF6Vt4NDDAEn8poo0AzYuXOi3FBiy8Cjq7sk46L9ny6tjoF3dvRMpsE7QnvYbIFSsIeBoEv6U2H9GRshQ4EeDxe2hSMddKD2RHGyKg2_fd5_-LYE4lrBd_FsWoLFLs9whv7fejAPZmtlR8WVWFhzNvlkdMwD5wU9QJnDiDzONSSeQyIM4vSiORVg7RmV43FD_YXxVKPvDGcH0I5--8D0CfO1OJA1z9gih5C2PU_jSC9yBEDaEdLzRYWpBswVxch1Ql1w
www.secretbenefits.com/ Name: device
Value: mA6cPDuKykis5LqNoPTqT4wJPuFS36H%2Fs73i%2Bi5euWMU4kuT9uyYOmGy6xa0H9n6P%2BQ%2F7Fd69WcYwuy%2Byao2lXRUMPDsM%2BPrT3jDOZNsQQhOJqEXvOvcQp2gmop9qJSG7wEmaOgCwLNLYPNnF8g%3D--gIvkpSB5bT8Wvoxy--ccg%2FTUaVdH7J6t75Iaj7Lg%3D%3D
.secretbenefits.com/ Name: __cf_bm
Value: l5zprCfe8jcssiZ.DhpAf8RguhHgqm2InO32yf4zUUE-1694150381-0-AZTONQqIsVotKlflhYNhO+NZkC+jp+JA2IKOcflfxsakdisjRs9zA/LgocOXC6iY7+Az+hIOIndFoFatSah2VGI=
www.secretbenefits.com/ Name: ahoy_visitor
Value: d8e009eb-e725-4f94-a2b5-92b654412f81
.secretbenefits.com/ Name: _ga_PNCMZBZDY8
Value: GS1.1.1694150383.1.0.1694150383.0.0.0
www.secretbenefits.com/ Name: ahoy_visit
Value: 5dG2Xc%2FT9ZZxLgdvf0nIT57RUja1cCyiyAS7pu93C%2BtvRcen1xKrg7YgSSVeXxL5j6ah%2F4VrgJ7wBZq%2FJ7JyLxlatKK3W4KqPSHV6VfY--keT88xVKpBhpSPFv--9egZ4q79aMgpAs6Z%2B7%2BCjA%3D%3D
.www.secretbenefits.com/ Name: _matchmaker_session
Value: JE0oz2mYChWz%2ByaWmhZQAOfeMLANOufS08DPzYsdKCZHpG8KhZeV9LufHAEyNc4MWIl9AnJY%2FzjRQrYu%2FF0LULaw%2FCu0TL3yAThhMHNRbVN9%2BnaHnUrRYyqwG4UncF7Dsrum6jWQQnKMEQNjT8IwUPPpcd7VKnW4HfvWIXe755DfkZkuwPII5ZmdcahjpCioYURFjrRCGNbnJgPqOnNttI%2B6G38%2FOYPzGMYGnZgyZ6t02kZ3V2sSi1OpX83VX5hoBhgxnbS1sK3Wk%2FTBBG0O7wbITtrtR50nCSn3qcNBUX1T6s3etkGsjLoDJJoK1zy%2Fzv9%2BvfXz4OLO3uS910guF2Lw%2FSXvkRjaCqY%2Bx1CoYmbT5R9wqkCa%2Ftwu1MQyJpl3QMjJhVKgowLi2ko%2FcrlRUsr8zv51H87%2BPnwnLDOD2K7FtPN8YPc9fYrhdMKg0KEW%2Fy5atSSo4RMuV%2FK%2BTdz25Ws4aE5SUoWD5OBcAd0%3D--v8Hekmzr8p7naPvp--KY0jQO5cXCkpLCrP1qSr0Q%3D%3D
.secretbenefits.com/ Name: _gid
Value: GA1.2.2074623618.1694150383
.secretbenefits.com/ Name: _gat_gtag_UA_489364_37
Value: 1
.secretbenefits.com/ Name: cf_clearance
Value: Ov1spx4n97sxH7JFVtEHU.pflx8N5JprUS2kHwjhcEY-1694150383-0-1-46c6d593.724ecb20.36619d77-0.2.1694150383
.secretbenefits.com/ Name: _ga_G28DQ6FYF9
Value: GS1.1.1694150383.1.0.1694150383.0.0.0
.secretbenefits.com/ Name: _ga
Value: GA1.1.952849824.1694150383

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.trackjs.com
exn98.voluumtrk.com
fonts.googleapis.com
fonts.gstatic.com
mainting-minues.xyz
static.cloudflareinsights.com
static.secretbenefits.com
stats.g.doubleclick.net
system.secretbenefits.com
usage.trackjs.com
www.google-analytics.com
www.googletagmanager.com
www.secretbenefits.com
104.16.56.101
104.17.207.19
142.251.111.139
142.251.163.97
142.251.167.95
151.139.128.10
158.69.52.117
172.253.63.154
172.253.63.94
18.213.16.6
23.22.112.25
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0fd0660e4b60c2b4892d7bfddfd6471f1f6d869d78df47d0e382b1a3ae55f292
107b2ce10a06f9f4dc41dfc13558927bc1f9480703ec5c532d614406a63ec511
24d53e90293ab7f61902ac7932e3ebbe1b25da00efb7109140f6e1a67c3badd5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
38d88460abbde9b5233bb92609fe2dcd8d10e94dad6cd8b41faf09de0471c0d9
3b024456eab8d63dd944967d80acc0316cf8618549d0001b7b968ff5e1aa4667
3f035c251e8966c5ec04b82065baaccb33a4c04f53560d6e37e6f276e03d32e5
53332adcfa31b48320b85b358003e317af419379dfe29ad56fe877704cfaedde
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5d73540becf9a7b6010ce6b4e42ed885a0866dd28025d2a43c1e8fe1c5389aef
635c0b19dbcd766e2acbd226f3f67df515fa0896e591a05952ba6102dbef7562
6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a
8740492b04fbe4372df3d995b5cc67b5583cc5fc3ba65120b6cc51a0831b7ab4
8b24620d1fa9d2f939e393886a98ccdef8d647a6ae104b71f41b0935b924db5c
acc1c04efd6a7e1dbc4ec2e5f41df4a14bc1edf413d88550431a6cebfb73780f
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c45838cc216064427d1ad4646aad60c5c769c84a897e2ca2805eeae8b6e06f92
cd7780831ffa9962c47c5a50b51e548eb06b24cc191a37ec261c82c359f62f5b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855