www.secretbenefits.com Open in urlscan Pro
104.16.117.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean
Effective URL:
https://www.secretbenefits.com/at/
Submission: On May 27 via manual (May 27th 2025, 10:03:54 pm UTC) from US — Scanned from AT

Summary HTTP 30 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 30 HTTP transactions. The main IP is 104.16.117.42, located in and belongs to CLOUDFLARENET, US. The main domain is www.secretbenefits.com. The Cisco Umbrella rank of the primary domain is 266872.
TLS certificate: Issued by WE1 on May 27th 2025. Valid for: 3 months.

This is the only time www.secretbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2600:9000:26d... 2600:9000:26db:5000:9:11e9:900:93a1	16509 (AMAZON-02) (AMAZON-02)
2 22	104.16.117.42 104.16.117.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20a... 2600:9000:20ae:ee00:7:ffc7:5a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	54.230.228.76 54.230.228.76	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	148.113.163.172 148.113.163.172	16276 (OVH OVH SAS) (OVH OVH SAS)
30	10

2 2600:9000:26db:5000:9:11e9:900:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

go.bushheel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.16.117.42 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.secretbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.secretbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

cdn.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ae:ee00:7:ffc7:5a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.secretbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-76.muc50.r.cloudfront.net

api.secretbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.113.163.172 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: prd-usage-5.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	secretbenefits.com 2 redirects www.secretbenefits.com — Cisco Umbrella Rank: 266872 api.secretbenefits.com — Cisco Umbrella Rank: 336938 static.secretbenefits.com — Cisco Umbrella Rank: 468350	233 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	2 KB
2	trackjs.com cdn.trackjs.com — Cisco Umbrella Rank: 37813 usage.trackjs.com — Cisco Umbrella Rank: 12196	11 KB
2	bushheel.com 2 redirects go.bushheel.com	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1949
1	gstatic.com fonts.gstatic.com	43 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 585	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 100	116 KB
30	8

	Domain	Requested by
12	www.secretbenefits.com	2 redirects www.secretbenefits.com cdn.trackjs.com
10	static.secretbenefits.com	www.secretbenefits.com cdn.trackjs.com
2	fonts.googleapis.com	www.secretbenefits.com
2	api.secretbenefits.com	www.secretbenefits.com cdn.trackjs.com
2	go.bushheel.com	2 redirects
1	usage.trackjs.com
1	region1.google-analytics.com	cdn.trackjs.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	www.secretbenefits.com
1	www.googletagmanager.com	www.secretbenefits.com
1	cdn.trackjs.com	www.secretbenefits.com
30	11

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
www.aboutads.info
www.google.com

Subject Issuer	Validity	Valid
secretbenefits.com WE1	`2025-05-27` - `2025-08-25`	3 months	crt.sh
cdn.trackjs.com R11	`2025-04-15` - `2025-07-14`	3 months	crt.sh
*.google-analytics.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
upload.video.google.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
cloudflareinsights.com WE1	`2025-04-27` - `2025-07-26`	3 months	crt.sh
*.gstatic.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.trackjs.com RapidSSL TLS RSA CA G1	`2024-08-05` - `2025-08-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.secretbenefits.com/at/
Frame ID: 9FC6612CA790E6B672CAC7135D9FB802
Requests: 28 HTTP requests in this frame

Frame: https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js
Frame ID: E308F126376BE818D1A473A9624113AC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secret Benefits - Where Experienced & Attractive People Meet

Page URL History Show full URLs

http://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Pop... HTTP 307
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Pop... HTTP 307
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97/2?utm_source=SecretHostess&utm_medium=P... HTTP 302
https://www.secretbenefits.com/ HTTP 301
https://www.secretbenefits.com/at/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

30
Requests

97 %
HTTPS

64 %
IPv6

8
Domains

11
Subdomains

10
IPs

4
Countries

411 kB
Transfer

1052 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/secretbenefitsofficial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SecretBenefitsOfficial

Search URL Search Domain Scan URL

URL: https://twitter.com/secretbenefits

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices/
Title: http://www.aboutads.info/choices/

Search URL Search Domain Scan URL

URL: https://www.google.com/ads/preferences/
Title: http://www.google.com/ads/preferences/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean HTTP 307
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean HTTP 307
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97/2?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean HTTP 302
https://www.secretbenefits.com/ HTTP 301
https://www.secretbenefits.com/at/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.secretbenefits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.secretbenefits.com/at/
Redirect Chain

http://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97/2?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean
https://www.secretbenefits.com/
https://www.secretbenefits.com/at/

58 KB
15 KB

132ms
132ms

Document
text/html

104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/at/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

f226cc511c6edd713b0e4ca8761d6f2a241f5dcd32f8acda677924b2022b272e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 9468ce162a876e15-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 27 May 2025 22:03:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
link: <https://www.secretbenefits.com/assets/landings/homepage-7432789b16ec35b16e6f50b84a70bcaa082f9433ba2d379f663056af7a797c9e.css>; rel=preload; as=style; nopush,<https://www.secretbenefits.com/assets/marketing.default-f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae.css>; rel=preload; as=style; nopush,<https://www.secretbenefits.com/assets/vanilla-675d887f0bc30a56ee5b7827772b1f9805115a97894d9345cbdd480144a53d91.js>; rel=preload; as=script; nopush
pragma: no-cache
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
sb-version: 2025_03_10_0001
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfExtPri
status: 200 OK
vary: accept-encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R)
x-request-id: 77e7d8e1-66cb-400d-a8be-498c45f01377
x-runtime: 0.066652
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 9468ce1548ec6e15-FRA
content-type: text/html; charset=utf-8
date: Tue, 27 May 2025 22:03:55 GMT
location: https://www.secretbenefits.com/at/
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
sb-version: 2025_03_10_0001
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfExtPri
status: 301 Moved Permanently
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R)
x-request-id: 967dce2f-d005-40d9-aff3-aee488e3bbed
x-runtime: 0.004455
x-xss-protection: 1; mode=block

GET
H3 200 homepage-7432789b16ec35b16e6f50b84a70bcaa082f9433ba2d379f663056af7a797c9e.css
www.secretbenefits.com/assets/landings/ 2 KB
891 B 44ms
43ms Stylesheet
text/css 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/assets/landings/homepage-7432789b16ec35b16e6f50b84a70bcaa082f9433ba2d379f663056af7a797c9e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7432789b16ec35b16e6f50b84a70bcaa082f9433ba2d379f663056af7a797c9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/at/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 1867936
cf-ray: 9468ce170beb6e15-FRA
expires: Wed, 27 May 2026 22:03:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 22:03:55 GMT
content-type: text/css
last-modified: Wed, 26 Jul 2023 08:34:09 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 marketing.default-f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae.css
www.secretbenefits.com/assets/ 223 KB
33 KB 50ms
50ms Stylesheet
text/css 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/assets/marketing.default-f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/at/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 1091742
cf-ray: 9468ce170bee6e15-FRA
expires: Wed, 27 May 2026 22:03:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 22:03:55 GMT
content-type: text/css
last-modified: Wed, 07 May 2025 10:10:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 vanilla-675d887f0bc30a56ee5b7827772b1f9805115a97894d9345cbdd480144a53d91.js Show response
www.secretbenefits.com/assets/ 102 KB
32 KB 46ms
45ms Script
application/javascript 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/assets/vanilla-675d887f0bc30a56ee5b7827772b1f9805115a97894d9345cbdd480144a53d91.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 675d887f0bc30a56ee5b7827772b1f9805115a97894d9345cbdd480144a53d91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/at/

Response headers

server: cloudflare
cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 1071188
cf-ray: 9468ce170bf06e15-FRA
expires: Wed, 27 May 2026 22:03:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 22:03:55 GMT
content-type: application/javascript
last-modified: Thu, 15 May 2025 12:28:17 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H2 200 t.js Show response
cdn.trackjs.com/agent/v3/latest/ 29 KB
11 KB 143ms
57ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.secretbenefits.com
Referer: https://www.secretbenefits.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: zstd
etag: "f62a120cfe36e652de667aaed72b7815"
date: Tue, 27 May 2025 22:03:55 GMT
last-modified: Wed, 06 Dec 2023 15:35:37 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
x-amz-id-2: VWboTztLhpmKLjKZrVNWJbfcFi33I3RTP9AK8yqbrNBB+Zbzk5ofCeJsVtpbLNiO9vVo1+OyNXQ=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
x-amz-meta-content-type: application/javascript
cache-control: public, max-age=604800, s-max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-requestpullcode: 200
cdn-uid: cd4e6a4c-6811-495a-bea9-94fbb4c46859
cdn-requestid: 310cf5d036891d5165cd9540340bf01f
cdn-pullzone: 1606702
cdn-proxyver: 1.28
x-amz-request-id: GR4EZ9XQ7F2HEZ0H
access-control-allow-origin: *
cdn-cachedat: 05/26/2025 19:55:30
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: AT
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 327 KB
116 KB 126ms
61ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PNCMZBZDY8

Requested by

Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5944fc42bbe3c16fee7eccdbf22b8a6625aed745cebbd7c24b75b00002aadcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Tue, 27 May 2025 22:03:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 22:03:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 117683
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.js Show response
api.secretbenefits.com/js/ 1 KB
1 KB 180ms
74ms Script
application/javascript 2600:9000:20ae:ee00:7:ffc7:5a40:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://api.secretbenefits.com/js/script.js

Requested by

Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20ae:ee00:7:ffc7:5a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 65bfa9839a30709dc259dc9134cf67b2.cloudfront.net (CloudFront)
apigw-requestid: LP1_4jB5DoEEJIg=
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 0BmXwheu0UuOxNHbkG82Mp-qzXh8ooN2QVsI3t4MEGWTn35fwwoj-Q==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
server: Cowboy
x-amz-cf-pop: MUC50-P5

GET
H3 204 fs Show response
www.secretbenefits.com/api/ 0
1 KB 77ms
76ms Script
text/plain 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/api/fs

Requested by

Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/at/

Response headers

x-request-id: badb5da7-a0ca-4fba-9b3c-5093b7fd5420
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
status: 204 No Content
sb-version: 2025_03_10_0001
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 22:03:55 GMT
x-runtime: 0.009657
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
cache-control: no-store
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 9468ce17fd166e15-FRA
x-xss-protection: 1; mode=block
x-powered-by: Phusion Passenger(R)
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
946 B 111ms
39ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Flex:wght,XTRA,YTAS,YTDE,YTFI@300,480,720,-210,740;400,480,720,-210,740;500,480,720,-210,740;700,480,720,-210,740&display=swap

Requested by

Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f686cb77587016533d7cddd47b54f9cfbd52344eac32b5e7f174d396a496621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 27 May 2025 22:03:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 22:03:55 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 22:03:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 icon
fonts.googleapis.com/ 569 B
920 B 109ms
38ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc0bc2cbaca383e1600d349e580513f188e4d745bf269b63ffaff46a091fd196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 27 May 2025 22:03:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 22:03:55 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 22:03:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 SB-IconFont.woff2
static.secretbenefits.com/fonts/ 14 KB
14 KB 94ms
47ms Font
font/woff2 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.secretbenefits.com/fonts/SB-IconFont.woff2
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 719ee5dc29c5f69a7a968729fcd7b3fdf1be00f54fd978d08865f1eff01c4aa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.secretbenefits.com
Referer: https://www.secretbenefits.com/

Response headers

access-control-expose-headers: *
cf-cache-status: HIT
etag: "514326055f8df0944c5f40c522e21919"
x-amz-version-id: null
age: 4695
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: xy8Sf7utUMF8E9Bh2pGsWYPYo1FpPskt_U0TVSJ2r1pyGuirkWeFVg==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: font/woff2
last-modified: Fri, 13 Dec 2024 09:53:26 GMT
vary: accept-encoding
priority: u=1,i=?0
server-timing: cfExtPri
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
cf-ray: 9468ce174b38bbbc-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13892
x-amz-cf-pop: FRA56-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 logo-full.svg
static.secretbenefits.com/themes/default/ 4 KB
2 KB 101ms
90ms Image
image/svg+xml 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/logo-full.svg
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f31eed17a534ab3deca93d382beab89ccb30aecc9d3f2f1c08453c2cb26300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"c51b51602a1a74e6b12df71eb51cb3da"
x-amz-version-id: null
age: 6757
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: W-EoVnZOogI51s-mevvKsnlYxbuhTWVDAacb-wQOjTwFkJSIIrQQYw==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Dec 2024 09:53:34 GMT
vary: accept-encoding, Origin
priority: u=3,i
server-timing: cfExtPri
via: 1.1 1ff9d0c32becda5c2e90d54c072dc2b2.cloudfront.net (CloudFront)
cf-ray: 9468ce171c0a6e15-FRA
x-amz-cf-pop: MXP53-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 phone@1x.webp
static.secretbenefits.com/themes/default/homepage-v2/hero/ 92 KB
92 KB 110ms
99ms Image
image/webp 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/homepage-v2/hero/phone@1x.webp
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e0a84444df6de562552e0f7a59520186c37aaf34d99b75f4e7a895ef872cbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

cf-cache-status: HIT
x-amz-version-id: null
etag: "1b0c3e4cbd7a53546a6f5114490d49d3"
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 6NDMbUXK9fWOx9Rv9W1LFipQV6L4NDazdpAYGiPn7DPKhlyKHXZ9Qg==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/webp
last-modified: Thu, 17 Apr 2025 08:23:44 GMT
vary: Origin, Accept-Encoding
priority: u=2,i
server-timing: cfExtPri
via: 1.1 367b18a5571985d055eac84196585d4e.cloudfront.net (CloudFront)
cf-ray: 9468ce171c076e15-FRA
accept-ranges: bytes
content-length: 93738
x-amz-cf-pop: WAW51-P5
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 logo-icon-black.svg
static.secretbenefits.com/themes/default/ 2 KB
1 KB 40ms
40ms Image
image/svg+xml 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/logo-icon-black.svg
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8247340122855369e502d93b27b87c12fb3280113d850a2b8b4a4e26bc2e7e9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"8a03403537d6b097d35a575e0ee390c7"
x-amz-version-id: null
age: 6390
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: iGAsPkqjTkIg2s_sqi8eXbZbjdMiTmmrMkoN-3ndFgk0AWTxaXJsPA==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Jan 2025 13:11:40 GMT
vary: accept-encoding, Origin
priority: u=2,i
server-timing: cfExtPri
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
cf-ray: 9468ce17accb6e15-FRA
x-amz-cf-pop: FRA56-P5
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 98ms
37ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/at/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.secretbenefits.com
Referer: https://www.secretbenefits.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 9468ce185cb6d395-FRA
access-control-allow-origin: *
date: Tue, 27 May 2025 22:03:55 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 NaOkcZLOBv5T3oB7Cb4i0xG2bABEwTZXc7yZsWIEzvBfH8JcoVt_c6X1HvwJZVPEHzgCEJvQGxsTftDdFHTjLI7UscR7Ia1XKeBFnA9CgYu4oYDZDnFJjU12xfOVjfcIDYdD5lf9dHnhvlKLUdD4AoCXMkIFXCRLVhgiWA.woff2
fonts.gstatic.com/s/robotoflex/v27/ 43 KB
43 KB 80ms
35ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/robotoflex/v27/NaOkcZLOBv5T3oB7Cb4i0xG2bABEwTZXc7yZsWIEzvBfH8JcoVt_c6X1HvwJZVPEHzgCEJvQGxsTftDdFHTjLI7UscR7Ia1XKeBFnA9CgYu4oYDZDnFJjU12xfOVjfcIDYdD5lf9dHnhvlKLUdD4AoCXMkIFXCRLVhgiWA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:wght,XTRA,YTAS,YTDE,YTFI@300,480,720,-210,740;400,480,720,-210,740;500,480,720,-210,740;700,480,720,-210,740&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

877ac7273d0973d1cbbe3c2b6f2fc382c423e4d5892dfc444a108a6cbe220732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.secretbenefits.com
Referer: https://fonts.googleapis.com/

Response headers

age: 45312
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:28:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:28:43 GMT
last-modified: Mon, 06 Jan 2025 17:45:57 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44260
x-xss-protection: 0
server: sffe

GET
H3 200 icons.svg Show response
static.secretbenefits.com/icons/ 95 KB
24 KB 46ms
46ms Fetch
image/svg+xml 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.secretbenefits.com/icons/icons.svg
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3856d85b251eca942352349093e54d2874880ec041f46a25029bf3e6f7e84ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Access-Control-Allow-Origin
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"0edf8443dbab72b00127697636f55a98"
age: 6392
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: VyuGaSybZMepewnvhIq2-YAkSFZ-HewZVYwR8GoBoehb2DXPYKor8A==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Apr 2025 08:23:40 GMT
vary: accept-encoding
priority: u=1,i
server-timing: cfExtPri
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cf-ray: 9468ce180ba6bbbc-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P5
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 Oval1.svg
static.secretbenefits.com/themes/default/ 868 B
950 B 43ms
42ms Image
image/svg+xml 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/Oval1.svg
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/marketing.default-f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e443939201fb3bfff07cb7511d854db4ff02caf6b0c610e7ea405ea059ec09bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"40c502a95e408b7ab2893cd3239d33d2"
age: 6391
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: wsOXA2bg1phFsbzZMz1vkGev11agcstaahHndPkqD7_3BRExjYpt3Q==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Apr 2025 08:23:43 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
server-timing: cfExtPri
via: 1.1 6428e95a922cddbf9a5f5c4688d20690.cloudfront.net (CloudFront)
cf-ray: 9468ce182d346e15-FRA
x-amz-cf-pop: WAW51-P5
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 Oval2.svg
static.secretbenefits.com/themes/default/ 783 B
902 B 43ms
42ms Image
image/svg+xml 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/Oval2.svg
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/marketing.default-f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a4b48727bbe024ff098877b392aa8a83da50e93fa413518cef713e25568ef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"aec2275419fd7d4cf9bb6a554bc75326"
age: 972
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: s2_j5tn-M_3t8scEKc4cWqTUyh5L7G8xKk4YYkUxR7aWuDKHDbyKyw==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Apr 2025 08:23:43 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
server-timing: cfExtPri
via: 1.1 4faccde4f27450cdd8c87db9004d8fe0.cloudfront.net (CloudFront)
cf-ray: 9468ce182d366e15-FRA
x-amz-cf-pop: OTP50-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 a-check.svg
static.secretbenefits.com/themes/default/homepage/ 1012 B
919 B 48ms
48ms Image
image/svg+xml 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/homepage/a-check.svg
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/marketing.default-f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7178a12b33fd382ebf32a4ef5fc5b2d222ebde4acda7aca3d6b3ae2fdccbdbf5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"61c00ed03a796dbb606350e1c62201e6"
x-amz-version-id: null
age: 1074
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: hF_klbVcfzmsZ29oOJhtJ2CLK8p3PY5aPaM2m3ivSYrYbFMZrvHaBA==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/svg+xml
last-modified: Fri, 10 Jan 2025 13:11:40 GMT
vary: accept-encoding, Origin
priority: u=3,i
server-timing: cfExtPri
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
cf-ray: 9468ce182d376e15-FRA
x-amz-cf-pop: FRA56-P5
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 talk-icon.svg
static.secretbenefits.com/themes/default/homepage/ 972 B
965 B 47ms
46ms Image
image/svg+xml 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/homepage/talk-icon.svg
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/marketing.default-f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237796f883b0d7e38213cee8cf1ea1d3f6f318e4c508226b111b44304c806d18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"d19cd1bca0e23f238323899b144d45c4"
age: 6389
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: DFdekjgrxfXX3sFneFQwTTB5fZkHvHJ6dewSRaukk_lrPNKfLdKzDQ==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Apr 2025 08:23:44 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
server-timing: cfExtPri
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
cf-ray: 9468ce182d386e15-FRA
x-amz-cf-pop: VIE50-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 meet-icon.svg
static.secretbenefits.com/themes/default/homepage/ 587 B
786 B 47ms
47ms Image
image/svg+xml 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/homepage/meet-icon.svg
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/marketing.default-f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61858b1e44a79e99b5856afdec7d2be81386bdf9106345e9f16ece7987829c5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Access-Control-Allow-Origin
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"b553f43fe03ec7ccb91f9138e2c07419"
age: 6389
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ZsoinADHUx52CeDsLpzqxPXEJWSSNVVPrEpVDpQG0Nmc6tbLbrkOgw==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/svg+xml
last-modified: Thu, 20 Mar 2025 13:47:52 GMT
vary: accept-encoding
priority: u=3,i
server-timing: cfExtPri
via: 1.1 fb60bb37778839b51bfea3a34907efd0.cloudfront.net (CloudFront)
cf-ray: 9468ce182d3a6e15-FRA
access-control-allow-origin: *
x-amz-cf-pop: ARN53-P2
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H3 202 event Show response
api.secretbenefits.com/api/ 2 B
357 B 170ms
133ms XHR
text/plain 54.230.228.76
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://api.secretbenefits.com/api/event
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 54.230.228.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-76.muc50.r.cloudfront.net
Software: Cowboy /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.secretbenefits.com/

Response headers

x-cache: Miss from cloudfront
x-request-id: GEOBeLbJEWOs8vBTOcmR
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
via: 1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront)
apigw-requestid: LP1_6hFvDoEEMTg=
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: https://www.secretbenefits.com
content-length: 2
x-amz-cf-id: Xl4xL8s5TcYKb8EXqDXDhN7gjFsWw1-J1-XNC6UsLFfzM3iDov1sXw==
date: Tue, 27 May 2025 22:03:55 GMT
content-type: text/plain; charset=utf-8
vary: origin
server: Cowboy
x-amz-cf-pop: MUC50-P5

GET
H3

200

main.js Show response
www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/ Frame E308
Redirect Chain

https://www.secretbenefits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?

8 KB
4 KB

35ms
35ms

Script
application/javascript

104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?

Protocol

Server

104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d740cddedb6471f31ff03fc18d20da7307b734252e756fec2aef45ffb50558e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 9468ce195ed96e15-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 22:03:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?
cf-ray: 9468ce191e7e6e15-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Tue, 27 May 2025 22:03:55 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 fe
www.secretbenefits.com/api/ 0
1 KB 85ms
84ms Ping
text/html 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/api/fe

Requested by

Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/vanilla-675d887f0bc30a56ee5b7827772b1f9805115a97894d9345cbdd480144a53d91.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary9T70BabF5uZjgI6t
Referer: https://www.secretbenefits.com/at/

Response headers

x-request-id: a1a4b14b-9b8e-44aa-8b7c-8dd102633f21
content-encoding: br
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
status: 200 OK
sb-version: 2025_03_10_0001
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 22:03:55 GMT
content-type: text/html
vary: accept-encoding
x-runtime: 0.013567
priority: u=4,i
x-frame-options: SAMEORIGIN
cache-control: no-store
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 9468ce192e8c6e15-FRA
x-xss-protection: 1; mode=block
x-powered-by: Phusion Passenger(R)
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 103ms
38ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PNCMZBZDY8&gtm=45je55q0h1v874716026za200&_p=1748383435497&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=804898411.1748383436&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1748383435&sct=1&seg=0&dl=https%3A%2F%2Fwww.secretbenefits.com%2Fat%2F&dt=Secret%20Benefits%20-%20Where%20Experienced%20%26%20Attractive%20People%20Meet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=910
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:100:0
report-to: {"group":"ascnsrsggc:100:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:100:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.secretbenefits.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:100:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 22:03:55 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
273 B 372ms
121ms Image
image/gif 148.113.163.172
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=c186aa1a0614494d9fe42ffe9ff4cb35&correlationId=c47d5249-60af-4a5a-a4ab-5eb4db3bee74&application=production&x=68d5f04e-f86c-43b7-9f33-0910d525e3c2&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.113.163.172 , Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: prd-usage-5.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Length: 43
Date: Tue, 27 May 2025 22:03:56 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

POST
H3 204 rum Show response
www.secretbenefits.com/cdn-cgi/ 0
146 B 37ms
36ms XHR
text/plain 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/cdn-cgi/rum?

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.secretbenefits.com/at/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 9468ce195ed56e15-FRA
access-control-allow-origin: https://www.secretbenefits.com
date: Tue, 27 May 2025 22:03:55 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
www.secretbenefits.com/ 15 KB
4 KB 43ms
43ms Other
image/x-icon 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

dbf0c7c6d757b31d5bbc22df2b81d30c0db9c732be54d1fdeefaf2671ef1e9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/at/

Response headers

x-request-id: b36adf3a-2535-44e2-a16a-6ab02246a718
content-encoding: br
cf-cache-status: HIT
age: 3580
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 27 Jun 2025 22:03:55 GMT
status: 200 OK
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 22:03:55 GMT
content-type: image/x-icon
content-disposition: inline; filename="favicon.ico"; filename*=UTF-8''favicon.ico
x-runtime: 0.004114
last-modified: Tue, 27 May 2025 21:04:15 GMT
x-frame-options: SAMEORIGIN
priority: u=1,i
vary: Accept-Encoding
cache-control: public, max-age=2678400
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 9468ce195edb6e15-FRA
x-xss-protection: 1; mode=block
x-powered-by: Phusion Passenger(R)
server: cloudflare

POST
H3 200 9468ce162a876e15 Show response
www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/jsd/r/0.6754864545554577:1748380293:9xctGDjh1zIlUWEM7AihHJ6ZirNiW_o9eUbnyaLYh8Q/ Frame E308 0
579 B 43ms
36ms XHR
text/plain 104.16.117.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/jsd/r/0.6754864545554577:1748380293:9xctGDjh1zIlUWEM7AihHJ6ZirNiW_o9eUbnyaLYh8Q/9468ce162a876e15
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

cf-ray: 9468ce19efa26e15-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Tue, 27 May 2025 22:03:55 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

10 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.bushheel.com/	1970-01-21 05:41:09	Name: 983ec302-608b-4d95-bc33-441cc0085c97-v4 Value: l6jxaKsTDXXP4iVm2QVzFKM4MRaYzbQm7LjT6RHXeYA
.go.bushheel.com/	1970-01-21 14:25:19	Name: cc-v4 Value: 9kv4G3KOHC8iFE80LEWa3ZrX1b%2Fkbmuz2P84P%2BQTFKrbar8lW4u2l1y%2FzQPHpz%2BnrMxsqAU78LsMmX9krpYLtAh2m1jvE%2FWi4JNJNn1V4HlxvOH5XLNWnhlixF24knTu2IHHXPlBkPOK9aUan2kkmQ%3D%3D
.secretbenefits.com/	1970-01-21 05:39:45	Name: __cf_bm Value: xxaoSbVf57tE2LS0yOUitub5wUHRpD_zm9ucw1oawcM-1748383435-1.0.1.1-gSghclKivJsz9K2M6uCsW0k04JexdqGv8gWBMo4HhdWN932k5GFK.Enu8gYtqbimZ_JjnYfWBJOgzeiMuRpGCm8q8dX6egSqUBW03BPCCJ0
.secretbenefits.com/	1970-01-21 15:15:43	Name: _ga_PNCMZBZDY8 Value: GS2.1.s1748383435$o1$g0$t1748383435$j60$l0$h0
.secretbenefits.com/	1970-01-21 15:15:43	Name: _ga Value: GA1.1.804898411.1748383436
.secretbenefits.com/	1970-01-21 05:39:47	Name: _visit Value: E%2Fy%2BNYO%2FPjksBdZdFk78yJBuEcO782hZFPgiolJtOCof83jFuXbV0uX7%2BjFoITa6x5s8pEiskUyuWs%2FjPStb9d64ld%2BKojc5zFYeAdKSi6Q9QciubKlw%2FS19oHo5EBR7lY0fQg%3D%3D--VpZc8uOKxixsFd02--WkmySjgO1nzvzy4aKcGPoQ%3D%3D
www.secretbenefits.com/	1970-01-21 15:15:43	Name: device Value: AkEUyEZM%2FHVNRHONuR0y4Pnoo2CG75q9z8CPzN8hAovhDUsZP8mx1NK6YIIqAXc65VSKY9PjXpmLaVS27k7WoE9MES0MoedQ0BmFZfb1K9JAKb1mefWOx%2FVZ50ixs83v5vWJHbBGESRdpbkkAd%2B9x0FV--82Di0CcF2NL54b7q--%2BTGMRC%2FaY5MGstK7ZiCGpA%3D%3D
.secretbenefits.com/	1970-01-21 05:39:47	Name: fe_visit Value: f7646604-c21c-42e8-8755-00ce468ac5fe.1748383435
.www.secretbenefits.com/	1970-01-21 05:49:48	Name: _matchmaker_session Value: VYZPJRIYlIbJ3ducCiwVEP4R3H49Hrsph4Mmn7T%2FGpMJIAyU11NWrP0qbnMyqUSOkF2MgFMalYFiv%2FMUgpkKl2f%2BSbyQHZn9a6rF30jDjSE9AQRWbqZh%2Fy6F%2B4eaG3LAQFNAigWtCpcl32AqN88L%2BgkOfQvSYcysA5xwPFKAyKWVxKHlftIsjf6Z1RhWPski6bqclEZKRPnr%2FnUSkOk7AVccTb4BMELpXaey1B1Ezy7QAEkyq2ebVIRN0AUYWp95WQ6TRIauyRHjuijCuI6bwlFocSMTHiMdCE1l0WWdqwPyNgBWXhUIRFh6D%2FPl3Bo1cw%3D%3D--k1NhipnoAdQ%2BGHjD--CP9we8Sf4KJCda%2BRMWpltw%3D%3D
.secretbenefits.com/	1970-01-21 14:25:19	Name: cf_clearance Value: 5Tdb5mpv_DBvnBbz5HhXF9_EoiBXIHc3WcFg8NXVEcM-1748383435-1.2.1.1-0XQmrQqWFwTJBCrUuf3YG1FWnpybgjerDeMpTR3SgcA826lWV4uSYMZ5.62gCQfnLV74IEwcqqzMISkL65mdVryzI_X.a62BAq0RgEEXMXMJqGyHjXEC1AaRPRxxUMrUe.VOeUWho266JK7a3FJjDzTEUuJHzuI7Aj4GqTeqavlooh8vUSF4GwrEHLLWcQ4u2ED.sgkglAXEe0tduYu26KNiOFMb6UbRIlgU4wkKHOIcKmXvwv0SkPPIShyq6sBahNBeVUPMbOGl29j7SnHqJEnWbvs0ch9rI3avmWfBZl7jZMqyUVMth3lgsj7AoCGOXdbEtdyghq5Ot6JlFUb7fTVBLxzYwAz_To4ObJW8oHU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.secretbenefits.com/at/ Message: Refused to execute script from 'https://www.secretbenefits.com/api/fs' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.secretbenefits.com
cdn.trackjs.com
fonts.googleapis.com
fonts.gstatic.com
go.bushheel.com
region1.google-analytics.com
static.cloudflareinsights.com
static.secretbenefits.com
usage.trackjs.com
www.googletagmanager.com
www.secretbenefits.com
104.16.117.42
148.113.163.172
172.217.18.3
2001:4860:4802:34::36
2400:52e0:1e00::1082:1
2600:9000:20ae:ee00:7:ffc7:5a40:93a1
2600:9000:26db:5000:9:11e9:900:93a1
2606:4700::6810:5049
2a00:1450:4001:81c::2008
2a00:1450:4001:829::200a
54.230.228.76
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
1f686cb77587016533d7cddd47b54f9cfbd52344eac32b5e7f174d396a496621
237796f883b0d7e38213cee8cf1ea1d3f6f318e4c508226b111b44304c806d18
24a4b48727bbe024ff098877b392aa8a83da50e93fa413518cef713e25568ef3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506
5944fc42bbe3c16fee7eccdbf22b8a6625aed745cebbd7c24b75b00002aadcd7
61858b1e44a79e99b5856afdec7d2be81386bdf9106345e9f16ece7987829c5e
675d887f0bc30a56ee5b7827772b1f9805115a97894d9345cbdd480144a53d91
7178a12b33fd382ebf32a4ef5fc5b2d222ebde4acda7aca3d6b3ae2fdccbdbf5
719ee5dc29c5f69a7a968729fcd7b3fdf1be00f54fd978d08865f1eff01c4aa7
7432789b16ec35b16e6f50b84a70bcaa082f9433ba2d379f663056af7a797c9e
8247340122855369e502d93b27b87c12fb3280113d850a2b8b4a4e26bc2e7e9a
877ac7273d0973d1cbbe3c2b6f2fc382c423e4d5892dfc444a108a6cbe220732
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
94f31eed17a534ab3deca93d382beab89ccb30aecc9d3f2f1c08453c2cb26300
b3856d85b251eca942352349093e54d2874880ec041f46a25029bf3e6f7e84ac
cc0bc2cbaca383e1600d349e580513f188e4d745bf269b63ffaff46a091fd196
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d740cddedb6471f31ff03fc18d20da7307b734252e756fec2aef45ffb50558e0
dbf0c7c6d757b31d5bbc22df2b81d30c0db9c732be54d1fdeefaf2671ef1e9d0
e0e0a84444df6de562552e0f7a59520186c37aaf34d99b75f4e7a895ef872cbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e443939201fb3bfff07cb7511d854db4ff02caf6b0c610e7ea405ea059ec09bb
f226cc511c6edd713b0e4ca8761d6f2a241f5dcd32f8acda677924b2022b272e
f3d6f2f1785ccc945a906056a7545457f59941f31763ddc6adcb8af3b611edae

www.secretbenefits.com Open in urlscan Pro 104.16.117.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

64 %IPv6

8 Domains

11 Subdomains

10 IPs

4 Countries

411 kBTransfer

1052 kBSize

10 Cookies

5 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.secretbenefits.com Open in urlscan Pro
104.16.117.42 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

64 %
IPv6

8
Domains

11
Subdomains

10
IPs

4
Countries

411 kB
Transfer

1052 kB
Size

10
Cookies

30 HTTP transactions
0 data transactions