www.secretbenefits.com Open in urlscan Pro
104.16.118.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean
Effective URL:
https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&ut...
Submission: On September 24 via api (September 24th 2024, 10:41:45 am UTC) from AU — Scanned from AU

Summary HTTP 33 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 33 HTTP transactions. The main IP is 104.16.118.42, located in and belongs to CLOUDFLARENET, US. The main domain is www.secretbenefits.com. The Cisco Umbrella rank of the primary domain is 309200.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2024. Valid for: 10 months.

This is the only time www.secretbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	23.21.212.132 23.21.212.132	14618 (AMAZON-AES) (AMAZON-AES)
1 18	104.16.118.42 104.16.118.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.180.114.1 103.180.114.1	200325 (BUNNYCDN) (BUNNYCDN)
3	142.250.66.200 142.250.66.200	15169 (GOOGLE) (GOOGLE)
2	52.51.4.103 52.51.4.103	16509 (AMAZON-02) (AMAZON-02)
2	142.251.221.74 142.251.221.74	15169 (GOOGLE) (GOOGLE)
1	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.76.99 142.250.76.99	15169 (GOOGLE) (GOOGLE)
5	142.251.221.78 142.251.221.78	15169 (GOOGLE) (GOOGLE)
1	148.113.163.217 148.113.163.217	16276 (OVH) (OVH)
33	9

2 23.21.212.132 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-212-132.compute-1.amazonaws.com

go.bushheel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.16.118.42 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.secretbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
system.secretbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.secretbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.180.114.1 (Australia)

ASN200325 (BUNNYCDN, SI)

cdn.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.66.200 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.4.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-4-103.eu-west-1.compute.amazonaws.com

api.secretbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.74 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.76.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.221.78 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.113.163.217 (Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-4.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	secretbenefits.com 1 redirects www.secretbenefits.com — Cisco Umbrella Rank: 309200 api.secretbenefits.com — Cisco Umbrella Rank: 387058 system.secretbenefits.com — Cisco Umbrella Rank: 952606 static.secretbenefits.com — Cisco Umbrella Rank: 569241	565 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	262 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	2 KB
2	trackjs.com cdn.trackjs.com — Cisco Umbrella Rank: 18428 usage.trackjs.com — Cisco Umbrella Rank: 2892	11 KB
2	bushheel.com 2 redirects go.bushheel.com	2 KB
1	gstatic.com fonts.gstatic.com	43 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 685	7 KB
33	8

	Domain	Requested by
13	www.secretbenefits.com	1 redirects www.secretbenefits.com cdn.trackjs.com
5	www.google-analytics.com	cdn.trackjs.com www.googletagmanager.com
4	static.secretbenefits.com	www.secretbenefits.com
3	www.googletagmanager.com	www.secretbenefits.com www.googletagmanager.com
2	fonts.googleapis.com	www.secretbenefits.com
2	api.secretbenefits.com	www.secretbenefits.com cdn.trackjs.com
2	go.bushheel.com	2 redirects
1	usage.trackjs.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	www.secretbenefits.com
1	system.secretbenefits.com	www.secretbenefits.com
1	cdn.trackjs.com	www.secretbenefits.com
33	12

This site contains links to these domains. Also see Links.

Domain
go.bushheel.com

Subject Issuer	Validity	Valid
secretbenefits.com Cloudflare Inc ECC CA-3	`2024-03-10` - `2024-12-31`	10 months	crt.sh
cdn.trackjs.com R11	`2024-09-07` - `2024-12-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.trackjs.com RapidSSL TLS RSA CA G1	`2024-08-05` - `2025-08-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648
Frame ID: 37AB96570590495820CF835C703EAB7E
Requests: 31 HTTP requests in this frame

Frame: https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 87388079752483A48966B0F11DDC604F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Leading Sugar Daddy Dating Site & App | Secret Benefits

Page URL History Show full URLs

http://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Pop... HTTP 307
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Pop... HTTP 307
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97/2?utm_source=SecretHostess&utm_medium=P... HTTP 302
https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m... Page URL

Detected technologies

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

33
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

9
IPs

5
Countries

910 kB
Transfer

2124 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://go.bushheel.com/click
Title: Free Signup

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean HTTP 307
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean HTTP 307
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97/2?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean HTTP 302
https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.secretbenefits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request not%20escorts Show response
www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/
Redirect Chain

http://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean
https://go.bushheel.com/983ec302-608b-4d95-bc33-441cc0085c97/2?utm_source=SecretHostess&utm_medium=Popunder&utm_campaign=Dean
https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8...

10 KB
6 KB

433ms
415ms

Document
text/html

104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

4d50aae2dfd50fe440c64edd416905cddd1ba9c2a2abf6e1ec089ab1511f015b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8c8229bd7d0f5726-SYD
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 10:41:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
link: <https://www.secretbenefits.com/assets/landings/montreal-6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354.css>; rel=preload; as=style; nopush,<https://www.secretbenefits.com/assets/marketing.default-844671dc0c260e91c81aa6b4cc96a900a95e9b6039a104064138ffcaf85cc475.css>; rel=preload; as=style; nopush,<https://www.secretbenefits.com/assets/bridge-1781ffcc5777d62f58c77837d20db3ed77a0e74def08b377d7e26c84e52a1abb.js>; rel=preload; as=script; nopush,<https://www.secretbenefits.com/assets/public-9a9d8f3e2c77897dcfc16a543a0853b9201ae79e886d306b551aac2007a344cf.js>; rel=preload; as=script; nopush,<https://www.secretbenefits.com/assets/validators-711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e.js>; rel=preload; as=script; nopush
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
sb-version: 2024_08_01_0001
server: cloudflare
status: 200 OK
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R)
x-request-id: d6cc51a3-b47f-4ba3-843f-fb89e25cf930
x-runtime: 0.030647
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Tue, 24 Sep 2024 10:41:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648
pragma: no-cache
server: nginx

GET
H3 200 montreal-6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354.css
www.secretbenefits.com/assets/landings/ 2 KB
697 B 29ms
29ms Stylesheet
text/css 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/assets/landings/montreal-6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 319749
cf-ray: 8c8229c028895726-SYD
expires: Wed, 24 Sep 2025 10:41:37 GMT
access-control-allow-origin: *
date: Tue, 24 Sep 2024 10:41:37 GMT
content-type: text/css
last-modified: Mon, 05 Dec 2022 14:51:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 marketing.default-844671dc0c260e91c81aa6b4cc96a900a95e9b6039a104064138ffcaf85cc475.css
www.secretbenefits.com/assets/ 183 KB
28 KB 37ms
36ms Stylesheet
text/css 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/assets/marketing.default-844671dc0c260e91c81aa6b4cc96a900a95e9b6039a104064138ffcaf85cc475.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 844671dc0c260e91c81aa6b4cc96a900a95e9b6039a104064138ffcaf85cc475

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 296756
cf-ray: 8c8229c0288e5726-SYD
expires: Wed, 24 Sep 2025 10:41:37 GMT
access-control-allow-origin: *
date: Tue, 24 Sep 2024 10:41:37 GMT
content-type: text/css
last-modified: Wed, 07 Aug 2024 10:13:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bridge-1781ffcc5777d62f58c77837d20db3ed77a0e74def08b377d7e26c84e52a1abb.js Show response
www.secretbenefits.com/assets/ 4 KB
2 KB 30ms
30ms Script
application/javascript 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/assets/bridge-1781ffcc5777d62f58c77837d20db3ed77a0e74def08b377d7e26c84e52a1abb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1781ffcc5777d62f58c77837d20db3ed77a0e74def08b377d7e26c84e52a1abb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 16300415
cf-ray: 8c8229c028925726-SYD
expires: Wed, 24 Sep 2025 10:41:37 GMT
access-control-allow-origin: *
date: Tue, 24 Sep 2024 10:41:37 GMT
content-type: application/javascript
last-modified: Thu, 18 Jan 2024 10:04:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 public-9a9d8f3e2c77897dcfc16a543a0853b9201ae79e886d306b551aac2007a344cf.js Show response
www.secretbenefits.com/assets/ 644 KB
209 KB 60ms
60ms Script
application/javascript 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/assets/public-9a9d8f3e2c77897dcfc16a543a0853b9201ae79e886d306b551aac2007a344cf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a9d8f3e2c77897dcfc16a543a0853b9201ae79e886d306b551aac2007a344cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 10803008
cf-ray: 8c8229c028965726-SYD
expires: Wed, 24 Sep 2025 10:41:37 GMT
access-control-allow-origin: *
date: Tue, 24 Sep 2024 10:41:37 GMT
content-type: application/javascript
last-modified: Wed, 22 May 2024 09:49:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 validators-711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e.js Show response
www.secretbenefits.com/assets/ 27 KB
6 KB 37ms
37ms Script
application/javascript 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/assets/validators-711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 16684373
cf-ray: 8c8229c028975726-SYD
expires: Wed, 24 Sep 2025 10:41:37 GMT
access-control-allow-origin: *
date: Tue, 24 Sep 2024 10:41:37 GMT
content-type: application/javascript
last-modified: Tue, 07 Mar 2023 09:19:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 t.js Show response
cdn.trackjs.com/agent/v3/latest/ 29 KB
10 KB 320ms
3ms Script
application/javascript 103.180.114.1
BUNNYCDN

General

Check archive.org

Download Go to

Full URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SYD1-1151 /
Resource Hash: 3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.secretbenefits.com
Referer: https://www.secretbenefits.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "f62a120cfe36e652de667aaed72b7815"
date: Tue, 24 Sep 2024 10:41:37 GMT
last-modified: Wed, 06 Dec 2023 15:35:37 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
x-amz-id-2: eMzPCbyuhMMS7nh4Few14wzM2JjURsCww72WwNnHK3auzT+UT93gVzRChk2EBSZcBHHytFHgVU4=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
x-amz-meta-content-type: application/javascript
cache-control: public, max-age=604800, s-max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-requestpullcode: 200
cdn-uid: cd4e6a4c-6811-495a-bea9-94fbb4c46859
cdn-requestid: 159213f5daf8aacbf852b47e0dd8fc70
cdn-pullzone: 1606702
cdn-proxyver: 1.04
x-amz-request-id: 30SBBJQK9YNX1RCP
access-control-allow-origin: *
cdn-cachedat: 09/24/2024 09:45:11
cdn-edgestorageid: 1151
server: BunnyCDN-SYD1-1151
cdn-requestcountrycode: AU
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
90 KB 523ms
114ms Script
application/javascript 142.250.66.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PNCMZBZDY8

Requested by

Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8036d8d612f7ece1a1f93e9081ca984d4a6ed4039cc0aabb75ce50386aa0ed98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 24 Sep 2024 10:41:38 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91380
date: Tue, 24 Sep 2024 10:41:38 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 script.js Show response
api.secretbenefits.com/js/ 1 KB
2 KB 858ms
267ms Script
application/javascript 52.51.4.103
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://api.secretbenefits.com/js/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.51.4.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-4-103.eu-west-1.compute.amazonaws.com

Software

nginx/1.23.3 /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
apigw-requestid: emyXch20joEEJEQ=
content-length: 1346
date: Tue, 24 Sep 2024 10:41:38 GMT
content-type: application/javascript
server: nginx/1.23.3

GET
H3 204 fs Show response
www.secretbenefits.com/api/ 0
1 KB 344ms
341ms Script
text/plain 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/api/fs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Response headers

x-request-id: a857adf0-50a2-4bc1-8f4a-04544563251c
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
status: 204 No Content
sb-version: 2024_08_01_0001
date: Tue, 24 Sep 2024 10:41:38 GMT
x-runtime: 0.007636
x-frame-options: SAMEORIGIN
cache-control: no-store
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8c8229c37c945726-SYD
x-xss-protection: 1; mode=block
x-powered-by: Phusion Passenger(R)
server: cloudflare

GET
H3 200 fe19504388b916cad7a6bf74a559b071.png
system.secretbenefits.com/7acfe789de942a04e30df67bac277aaf/ 210 KB
210 KB 147ms
115ms Image
binary/octet-stream 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://system.secretbenefits.com/7acfe789de942a04e30df67bac277aaf/fe19504388b916cad7a6bf74a559b071.png
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf48bf8cd0976c7dc5055a3d717fbbc3640bbc03c1c4628eb86fbfc3deafbba0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

cf-cache-status: REVALIDATED
etag: "b7c00884bf1e5da693cbf309f091a961"
expires: Fri, 25 Oct 2024 10:41:37 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: PI7QHAYDk61bHTVFLfAHED_msjgmTXBZWR8mpy3CTl-FiqiDldFuVw==
date: Tue, 24 Sep 2024 10:41:37 GMT
content-type: binary/octet-stream
last-modified: Thu, 15 Feb 2024 19:28:02 GMT
vary: Origin, Accept-Encoding
cache-control: public, max-age=2678400
via: 1.1 8ee0243620c5135e40ce855b7f554cea.cloudfront.net (CloudFront)
cf-ray: 8c8229c3acd95726-SYD
accept-ranges: bytes
content-length: 214565
x-amz-cf-pop: MEL52-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
935 B 518ms
111ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Flex:wght,XTRA,YTAS,YTDE,YTFI@300,480,720,-210,740;400,480,720,-210,740;500,480,720,-210,740;700,480,720,-210,740&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

781fe5e9586ac41762c5bb901c256b181d1000b65230972df7d356d3764a4ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 10:41:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 10:41:37 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 24 Sep 2024 10:39:49 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 509ms
103ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 10:41:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 10:41:37 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 24 Sep 2024 10:41:37 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 SB-IconFont.woff2
static.secretbenefits.com/fonts/ 14 KB
14 KB 362ms
27ms Font
font/woff2 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.secretbenefits.com/fonts/SB-IconFont.woff2
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 719ee5dc29c5f69a7a968729fcd7b3fdf1be00f54fd978d08865f1eff01c4aa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.secretbenefits.com
Referer: https://www.secretbenefits.com/

Response headers

access-control-expose-headers: *
cf-cache-status: HIT
x-amz-version-id: null
etag: "514326055f8df0944c5f40c522e21919"
age: 287
x-cache: Hit from cloudfront
x-amz-cf-id: Zy_NJr-MmZZQ3iXyZNqcbkr3kzefzmfAiq3j86B1pFpo5xd1MPEqJw==
date: Tue, 24 Sep 2024 10:41:37 GMT
content-type: font/woff2
last-modified: Tue, 23 Jul 2024 09:08:51 GMT
vary: Accept-Encoding
via: 1.1 f10eedb52fc0d82204e85d20112deafa.cloudfront.net (CloudFront)
cf-ray: 8c8229c23ecaa864-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13892
x-amz-cf-pop: SYD62-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 phone@2x.webp
static.secretbenefits.com/themes/default/homepage-v2/hero/ 71 KB
71 KB 352ms
40ms Image
binary/octet-stream 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/homepage-v2/hero/phone@2x.webp
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd19595c0ffa7f0e00c7710d6730458dfe77bee4968559dc8e619355f77a4f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

cf-cache-status: HIT
etag: "2c2994c132a3826db2907a7943993b0e"
x-amz-version-id: null
age: 287
x-cache: Hit from cloudfront
x-amz-cf-id: yiIa4T-CiRVBZStZlOzGyMWEul0zqeZpnntFksUtlqgwi3SkqqqfcA==
date: Tue, 24 Sep 2024 10:41:38 GMT
content-type: binary/octet-stream
last-modified: Tue, 20 Aug 2024 12:40:11 GMT
vary: Accept-Encoding, Origin
via: 1.1 9ce11977697b826548974c991c092622.cloudfront.net (CloudFront)
cf-ray: 8c8229c56ee3a814-SYD
accept-ranges: bytes
content-length: 72492
x-amz-cf-pop: SYD62-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 logo-full.svg
static.secretbenefits.com/themes/default/ 4 KB
2 KB 338ms
26ms Image
image/svg+xml 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/logo-full.svg
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f31eed17a534ab3deca93d382beab89ccb30aecc9d3f2f1c08453c2cb26300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"c51b51602a1a74e6b12df71eb51cb3da"
age: 5749
x-cache: Hit from cloudfront
x-amz-cf-id: WylPmf5cUe-0ePuAirjSvi3C2_V-Ie0S03PtCpUski-nGgEehpwFig==
date: Tue, 24 Sep 2024 10:41:38 GMT
content-type: image/svg+xml
last-modified: Wed, 08 May 2024 08:36:35 GMT
vary: Accept-Encoding, Origin
via: 1.1 3fb6aad2d0d4eb57ef667ceeeeca901a.cloudfront.net (CloudFront)
cf-ray: 8c8229c56ee6a814-SYD
x-amz-cf-pop: SYD62-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 384ms
35ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.secretbenefits.com
Referer: https://www.secretbenefits.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8c8229c5af3979ce-SYD
access-control-allow-origin: *
date: Tue, 24 Sep 2024 10:41:38 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 logo-white.svg
static.secretbenefits.com/themes/default/ 4 KB
2 KB 273ms
32ms Image
image/svg+xml 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.secretbenefits.com/themes/default/logo-white.svg
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/marketing.default-844671dc0c260e91c81aa6b4cc96a900a95e9b6039a104064138ffcaf85cc475.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7780831ffa9962c47c5a50b51e548eb06b24cc191a37ec261c82c359f62f5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"8626716976e9c6ab86f08273dc81e483"
age: 606
x-cache: Miss from cloudfront
x-amz-cf-id: XVGliJrmxdj1Ma1yKl7rrzltHjTKfe1JQYDNTSUAnRwyQr15S6moYw==
date: Tue, 24 Sep 2024 10:41:38 GMT
content-type: image/svg+xml
last-modified: Mon, 05 Aug 2024 10:00:34 GMT
vary: Accept-Encoding, Origin
via: 1.1 18107492af2e5997b40c548850ba50be.cloudfront.net (CloudFront)
cf-ray: 8c8229c56ee0a814-SYD
x-amz-cf-pop: MEL50-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 NaOkcZLOBv5T3oB7Cb4i0xG2bABEwTZXc7yZsWIEzvBfH8JcoVt_c6X1HvwJZVPEHzgCEJvQGxsTftDdFHTjLI7UscR7Ia1XKeBFnA9CgYu4oYDZDnFJjU12xfOVjfcIDYdD5lf9dHnhvlKLUdD4AoCXMkIFXCRLVhgiWA.woff2
fonts.gstatic.com/s/robotoflex/v26/ 43 KB
43 KB 119ms
17ms Font
font/woff2 142.250.76.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/robotoflex/v26/NaOkcZLOBv5T3oB7Cb4i0xG2bABEwTZXc7yZsWIEzvBfH8JcoVt_c6X1HvwJZVPEHzgCEJvQGxsTftDdFHTjLI7UscR7Ia1XKeBFnA9CgYu4oYDZDnFJjU12xfOVjfcIDYdD5lf9dHnhvlKLUdD4AoCXMkIFXCRLVhgiWA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:wght,XTRA,YTAS,YTDE,YTFI@300,480,720,-210,740;400,480,720,-210,740;500,480,720,-210,740;700,480,720,-210,740&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f3.1e100.net

Software

sffe /

Resource Hash

b9c77e53e5b280f2a74f64e94ffbc1e56c99f2aed727ad617781190836a144a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.secretbenefits.com
Referer: https://fonts.googleapis.com/

Response headers

age: 269843
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 07:44:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 07:44:15 GMT
last-modified: Wed, 28 Feb 2024 18:00:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44280
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 503ms
101ms Fetch
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PNCMZBZDY8&gtm=45je49j0v874716026za200&_p=1727174497630&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1303832337.1727174499&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727174498&sct=1&seg=0&dl=https%3A%2F%2Fwww.secretbenefits.com%2Fwelcome%2Fmon_d_148_c%2Fsh_m_i%2Fnot%20escorts%3Futm_campaign%3Dsh_m_i%26utm_source%3Dsh_m_i%26utm_medium%3Dpop%26utm_term%3Dnot%2520escorts%26utm_content%3Dpop%26domain%3Dgo.bushheel.com%26cep%3DwXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1%26lptoken%3D176e27a0174e622f9648&dt=The%20Leading%20Sugar%20Daddy%20Dating%20Site%20%26%20App%20%7C%20Secret%20Benefits&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2531
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.secretbenefits.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 10:41:38 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
76 KB 164ms
163ms Script
application/javascript 142.250.66.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-489364-37&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNCMZBZDY8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

21120121e66ee4dd58ec06d4b6f6ce451a37612561dc3abfc37b0301e176a01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

content-encoding: br
expires: Tue, 24 Sep 2024 10:41:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 10:41:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 77689
x-xss-protection: 0
server: Google Tag Manager

POST
H2 202 event Show response
api.secretbenefits.com/api/ 2 B
277 B 799ms
271ms XHR
text/plain 52.51.4.103
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://api.secretbenefits.com/api/event
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.4.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-4-103.eu-west-1.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.secretbenefits.com/

Response headers

x-request-id: F_goDmK8hGavLNPGg4FC
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
apigw-requestid: emyXkg0TDoEEJJg=
access-control-allow-origin: https://www.secretbenefits.com
content-length: 2
date: Tue, 24 Sep 2024 10:41:39 GMT
content-type: text/plain; charset=utf-8
vary: origin
server: nginx/1.23.3

POST
H3 200 fe
www.secretbenefits.com/api/ 0
1 KB 380ms
379ms Ping
text/html 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/api/fe

Requested by

Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/assets/public-9a9d8f3e2c77897dcfc16a543a0853b9201ae79e886d306b551aac2007a344cf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryxsqaqOZK1ICgQdEZ
Referer: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Response headers

x-request-id: b8cc091b-45d7-44e7-b182-650e66f1651d
content-encoding: br
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
status: 200 OK
sb-version: 2024_08_01_0001
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Sep 2024 10:41:39 GMT
content-type: text/html
x-runtime: 0.009821
x-frame-options: SAMEORIGIN
cache-control: no-store
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8c8229c8db4c5726-SYD
x-xss-protection: 1; mode=block
x-powered-by: Phusion Passenger(R)
server: cloudflare

GET
H3

200

main.js Show response
www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 8738
Redirect Chain

https://www.secretbenefits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

8 KB
4 KB

26ms
25ms

Script
application/javascript

104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

Requested by

Protocol

Server

104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e81ab5957065c1012e485d0dc6c21347997e8f4b9087473b90c3f9917bf991c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8c8229c90b8d5726-SYD
date: Tue, 24 Sep 2024 10:41:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
cf-ray: 8c8229c8db4d5726-SYD
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Sep 2024 10:41:38 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 8c8229bd7d0f5726 Show response
www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8738 0
633 B 26ms
22ms XHR
text/plain 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.secretbenefits.com/cdn-cgi/challenge-platform/h/g/jsd/r/8c8229bd7d0f5726
Requested by: Host: www.secretbenefits.com
URL: https://www.secretbenefits.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8c8229c99c4a5726-SYD
content-length: 0
date: Tue, 24 Sep 2024 10:41:38 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
97 KB 120ms
120ms Script
application/javascript 142.250.66.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G28DQ6FYF9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-489364-37&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a222904714365ad33ba38c6f5be98e2005cfca198825e4905e7535a4676197ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Tue, 24 Sep 2024 10:41:38 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98914
date: Tue, 24 Sep 2024 10:41:38 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 97ms
4ms Script
text/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-489364-37&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 4723
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 11:22:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
date: Tue, 24 Sep 2024 09:22:55 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 100ms
98ms XHR
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2041969564&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secretbenefits.com%2Fwelcome%2Fmon_d_148_c%2Fsh_m_i%2Fnot%2520escorts%3Futm_campaign%3Dsh_m_i%26utm_source%3Dsh_m_i%26utm_medium%3Dpop%26utm_term%3Dnot%2520escorts%26utm_content%3Dpop%26domain%3Dgo.bushheel.com%26cep%3DwXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1%26lptoken%3D176e27a0174e622f9648&ul=en-au&de=UTF-8&dt=The%20Leading%20Sugar%20Daddy%20Dating%20Site%20%26%20App%20%7C%20Secret%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2051792501&gjid=1713576907&cid=1303832337.1727174499&tid=UA-489364-37&_gid=896745935.1727174499&_r=1&gtm=457e49j0za200zb874716026&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=1710331622

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.secretbenefits.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.secretbenefits.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
date: Tue, 24 Sep 2024 10:41:39 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 101ms
100ms Fetch
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-G28DQ6FYF9&gtm=45je49j0v9137925926za200&_p=1727174497630&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1303832337.1727174499&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1727174499&sct=1&seg=0&dl=https%3A%2F%2Fwww.secretbenefits.com%2Fwelcome%2Fmon_d_148_c%2Fsh_m_i%2Fnot%20escorts%3Futm_campaign%3Dsh_m_i%26utm_source%3Dsh_m_i%26utm_medium%3Dpop%26utm_term%3Dnot%2520escorts%26utm_content%3Dpop%26domain%3Dgo.bushheel.com%26cep%3DwXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1%26lptoken%3D176e27a0174e622f9648&dt=The%20Leading%20Sugar%20Daddy%20Dating%20Site%20%26%20App%20%7C%20Secret%20Benefits&en=page_view&_fv=1&_ss=1&tfd=3222
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.secretbenefits.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 10:41:39 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
273 B 594ms
197ms Image
image/gif 148.113.163.217
OVH

General

Check archive.org

Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=c186aa1a0614494d9fe42ffe9ff4cb35&correlationId=2c8caf68-afab-441b-ba88-570a2a14dd2d&application=production&x=46abdf85-a978-4fd7-b70e-b8cd5410e7c3&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.113.163.217 , Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-usage-4.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Length: 43
Date: Tue, 24 Sep 2024 10:41:39 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

POST
H3 204 rum Show response
www.secretbenefits.com/cdn-cgi/ 0
146 B 17ms
17ms XHR
text/plain 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/cdn-cgi/rum?

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8c8229cc48645726-SYD
access-control-allow-origin: https://www.secretbenefits.com
date: Tue, 24 Sep 2024 10:41:39 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
www.secretbenefits.com/ 34 KB
5 KB 28ms
28ms Other
image/x-icon 104.16.118.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.secretbenefits.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

ce0e2e52f2bbef6eaa6cda2f29d82eb022cb4eab25c5798f11d37cde7743ed31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648

Response headers

x-request-id: a7223a83-6684-445e-8909-3d4343e1afa8
content-encoding: br
cf-cache-status: HIT
age: 1123
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 25 Oct 2024 10:41:39 GMT
status: 200 OK
date: Tue, 24 Sep 2024 10:41:39 GMT
content-type: image/x-icon
content-disposition: inline; filename="favicon.ico"; filename*=UTF-8''favicon.ico
x-runtime: 0.004261
last-modified: Tue, 24 Sep 2024 10:22:56 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: public, max-age=2678400
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8c8229cc48665726-SYD
x-xss-protection: 1; mode=block
x-powered-by: Phusion Passenger(R)
server: cloudflare

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 102ms
102ms Fetch
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PNCMZBZDY8&gtm=45je49j0v874716026za200&_p=1727174497630&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1303832337.1727174499&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1727174498&sct=1&seg=0&dl=https%3A%2F%2Fwww.secretbenefits.com%2Fwelcome%2Fmon_d_148_c%2Fsh_m_i%2Fnot%20escorts%3Futm_campaign%3Dsh_m_i%26utm_source%3Dsh_m_i%26utm_medium%3Dpop%26utm_term%3Dnot%2520escorts%26utm_content%3Dpop%26domain%3Dgo.bushheel.com%26cep%3DwXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1%26lptoken%3D176e27a0174e622f9648&dt=The%20Leading%20Sugar%20Daddy%20Dating%20Site%20%26%20App%20%7C%20Secret%20Benefits&en=scroll&epn.percent_scrolled=90&_et=7&tfd=7540
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.secretbenefits.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.secretbenefits.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 24 Sep 2024 10:41:43 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.bushheel.com/	1970-01-20 23:47:40	Name: 983ec302-608b-4d95-bc33-441cc0085c97-v4 Value: wWECLNR3ShLKBQJpOw7YBUo4lPQRRePykchtrg0OaqE
.go.bushheel.com/	1970-01-20 23:47:40	Name: cep-v4 Value: 0q-QONpOVbmxyOAwIqTqVmat2sx__4uUagNghp1CHx58vbaB2a4dEDTi7N5GM6s1D4EZQ_vKKsvObwdqin-lKb7YlloMeDlVHQ8OJqz0d8LZUoFYJFravrYFfyiMAE7Aea9rVCTra1NDS-olydhiSlns2HzIs6PWCIkS8ylTcA5GkwvQf1CqMu_dvJddslOuVF3n-KCCuxSRn-4MveAXNvDLPcq_LHQsLpGHrIivF6YLFHEO8uqaWy0UUQqB8xJnl10MR6TwXFH_DovzzYZwe35eU_VGxVn0CSR_IrtQVnZY0yVR5rXb49SVNGwj37LWa8qyGDz9onegNJ4snJGt68KX_Ylq4eLXl2Pn_1OAEMTdx0XwEC6EQq3WsxBAr_ug
.secretbenefits.com/	1970-01-20 23:46:16	Name: __cf_bm Value: h.cdx.ssPkiplcgbk0ZcjstnPwZg7PZteSVjP61Qczs-1727174497-1.0.1.1-FnTHb71LpgcO4P6tlPpudtHQYWJHFxBCOWryR7LGuETKU56EPrUQPV6IikdhI4BL_ZvHNb8XcQjfIiKwrJW1RQ
.secretbenefits.com/	1970-01-21 09:22:14	Name: _ga_PNCMZBZDY8 Value: GS1.1.1727174498.1.0.1727174498.0.0.0
.secretbenefits.com/	1970-01-21 08:31:50	Name: cf_clearance Value: Uj0OVeOA3zWEe.7irBbdqU9CUds8bDf1Bl8f1p6LHsk-1727174498-1.2.1.1-yevAWHshKfg3VhmEitBtQIln02j_9g2r3.vfPVyLblJVtkGHPxt07JCzRS3ffhSNyAx8mMjKtSF89vGcns.YvAV1MxFVhhOntL.CGvOvJRyuiJ7VRGZ1_NRZBYHPDd9ht2Zx.v5LYE390TgZvTw83vlreyJSSI8_mQrJ5qnwhhLQ2xQOA3OTzZMKbuSH0BKqrYrZwwyGgyxroEtpLrVs8f5rnqnNIhZQY5AKXhqqYJzI5l9hSYa.fiIkafai8eclPb5fr5KDMb5BSQJcuLkmny8JCbqNlguOHlgEX8liJJAI_CGydeUzdqQa3_F7bCUwawn70Vg0yv8F5V9hCH6s38vzsfLHJnkMxSjlg4mqYrLsvyqxYX1axKCBW58mujKP
.secretbenefits.com/	1970-01-20 23:47:40	Name: _gid Value: GA1.2.896745935.1727174499
.secretbenefits.com/	1970-01-20 23:46:14	Name: _gat_gtag_UA_489364_37 Value: 1
www.secretbenefits.com/	1969-12-31 23:59:59	Name: ahoy_visit Value: tI%2FnvRfulE45yFfhe7HXHf%2F8HL96982fq5Qxu2DDR1EB7yN5091cFttjuAnN6Uw1%2BJ%2ByYDxgO%2BcvjLwoFLCLUW8AYEas0Nn3okT6iTmR--PBXY0T%2FlS%2BuxkNTc--a4ymVJi2ShXF3Bfk4%2B36SA%3D%3D
www.secretbenefits.com/	1970-01-21 09:22:14	Name: device Value: u9L6IKkzATWE47CeZQv50Pl7Zm53rykq%2BgotT1LDAOKRXau5TJ9D787W2mGbcdzFJR00Uhs4MkI6tbf3PVaCOe9H431afTgeT2YIelZM4ohIyPUOr26uuwGYLUrcTyKYMzpluaK3lkWgXq1MHOd4u8a9--OheB9fRH5Kpcr1Le--%2BhrdY%2FAM2UAAdYhzQG5ijg%3D%3D
www.secretbenefits.com/	1970-01-20 23:46:18	Name: fe_visit Value: 41d69abc-04c6-42ff-92e6-fdf1b6fbf63a.1727174498
.www.secretbenefits.com/	1970-01-20 23:56:19	Name: _matchmaker_session Value: Yok8krstCAGp%2FeqOZZN%2FTheHEJX8vl%2FaYRPDSiHLF6UALTv7XFd9qHUo2oP6nj89KizCSGTx0GiVInfidLj3sjppDm7LySg8vdOTN9edcF4z4svjEoGDeKK5l4oFGSSrFCqNUnxbM7oeS%2F0ez1d9%2BELWXIu8hVVJH47k6CYrVrxpYSpZli0cn%2B5TvA8bj8n4OrbzleVsaMw2H4xNMzgVInB1rJDvXBi5gUWjkfLZ%2BoTRW%2BK8DnMemOqwpFm6pS5Gfi3C0j8JFKpfkn2s6f28KP3pLGMr2TwgKpgbkFck%2BOmbIG4cHRR5iL1bG%2BYoA6eHKHtWKOcxyjU5seiIdSce24NejAFtNcSHBcU%2FsZK%2FcJPdoU64TW2n%2B%2FBguzw4I9LBDaUvKr%2BVvCTjKOWee%2BLsBVUwTaC8Pweb3w%3D%3D--X%2FrqhaJ%2FY03Z43sN--N8EyDl96NmjSHbzp4LYCAA%3D%3D
.secretbenefits.com/	1970-01-21 09:22:14	Name: _ga_G28DQ6FYF9 Value: GS1.1.1727174499.1.0.1727174499.0.0.0
.secretbenefits.com/	1970-01-21 09:22:14	Name: _ga Value: GA1.1.1303832337.1727174499

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648 Message: Refused to execute script from 'https://www.secretbenefits.com/api/fs' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
javascript	warning	URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648 Message: The resource https://static.secretbenefits.com/themes/default/logo-full.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.secretbenefits.com/welcome/mon_d_148_c/sh_m_i/not%20escorts?utm_campaign=sh_m_i&utm_source=sh_m_i&utm_medium=pop&utm_term=not%20escorts&utm_content=pop&domain=go.bushheel.com&cep=wXhGD8wMqyDC3HMx3V1n4SNUmySZTpT3KBHGvTNoUhkYPfgqivj53e5OYi7WeZq2mkJlvpTFqZAY6lMdFQyNt1_0ti6kwdmUBfSTASfT_Pch6XPu6vXEP9tG8tbNfvI1kEEZa5fz4TEM9J--w5S4kH2KGEgngC_QSRDv2pWlIv3o90iZoQ9m_Y_hBVwTepz9EvjGvTCbj43ktf3OPEx3POjmULBotse3M3_yiIylRXWQ160AWmAr_Us55_yBI-J1rEO2HuUO3hFO6nwZihp9IW2O6UytVVbY7-KgAFgC0tszJ7T6inlNmC1Dwyuk9NECpTDYufBz4JxkhgQQQfGXhQ5LSsI0tHil7OXyMhsmwNBT5wUMJo6YeFq-335QOW-1&lptoken=176e27a0174e622f9648 Message: The resource https://static.secretbenefits.com/themes/default/homepage-v2/hero/phone@2x.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.secretbenefits.com
cdn.trackjs.com
fonts.googleapis.com
fonts.gstatic.com
go.bushheel.com
static.cloudflareinsights.com
static.secretbenefits.com
system.secretbenefits.com
usage.trackjs.com
www.google-analytics.com
www.googletagmanager.com
www.secretbenefits.com
103.180.114.1
104.16.118.42
104.16.80.73
142.250.66.200
142.250.76.99
142.251.221.74
142.251.221.78
148.113.163.217
23.21.212.132
52.51.4.103
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
1781ffcc5777d62f58c77837d20db3ed77a0e74def08b377d7e26c84e52a1abb
1dd19595c0ffa7f0e00c7710d6730458dfe77bee4968559dc8e619355f77a4f4
21120121e66ee4dd58ec06d4b6f6ce451a37612561dc3abfc37b0301e176a01f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e81ab5957065c1012e485d0dc6c21347997e8f4b9087473b90c3f9917bf991c
3169a71c8da47b07411a0edd846dde35975f54102b8b75c3b4563194e84ff506
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
4d50aae2dfd50fe440c64edd416905cddd1ba9c2a2abf6e1ec089ab1511f015b
6ab06b0afd3d79d8d9d94ae0cd470e62100a37ec3fc2f4dfdd2f59c397ac4354
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
711c9cdcf96b53e24af77e5250ea109e47802cf5f5b8cf350e1161767f3abf9e
719ee5dc29c5f69a7a968729fcd7b3fdf1be00f54fd978d08865f1eff01c4aa7
781fe5e9586ac41762c5bb901c256b181d1000b65230972df7d356d3764a4ea9
8036d8d612f7ece1a1f93e9081ca984d4a6ed4039cc0aabb75ce50386aa0ed98
844671dc0c260e91c81aa6b4cc96a900a95e9b6039a104064138ffcaf85cc475
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
94f31eed17a534ab3deca93d382beab89ccb30aecc9d3f2f1c08453c2cb26300
9a9d8f3e2c77897dcfc16a543a0853b9201ae79e886d306b551aac2007a344cf
a222904714365ad33ba38c6f5be98e2005cfca198825e4905e7535a4676197ab
b9c77e53e5b280f2a74f64e94ffbc1e56c99f2aed727ad617781190836a144a4
bf48bf8cd0976c7dc5055a3d717fbbc3640bbc03c1c4628eb86fbfc3deafbba0
cd7780831ffa9962c47c5a50b51e548eb06b24cc191a37ec261c82c359f62f5b
ce0e2e52f2bbef6eaa6cda2f29d82eb022cb4eab25c5798f11d37cde7743ed31
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.secretbenefits.com Open in urlscan Pro 104.16.118.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

97 %HTTPS

0 %IPv6

8 Domains

12 Subdomains

9 IPs

5 Countries

910 kBTransfer

2124 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.secretbenefits.com Open in urlscan Pro
104.16.118.42 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

9
IPs

5
Countries

910 kB
Transfer

2124 kB
Size

13
Cookies

33 HTTP transactions
0 data transactions