urlscan.io logo urlscan.io
SecurityTrails logo

www.benaughty.com Open in urlscan Pro
23.48.224.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xleak.click/
Effective URL: https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8...
Submission: On January 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 31 HTTP transactions. The main IP is 23.48.224.111, located in and belongs to . The main domain is www.benaughty.com.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.
This is the only time www.benaughty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 104.21.13.181 13335 (CLOUDFLAR...)
1 1 18.67.65.88 16509 (AMAZON-02)
13 23.48.224.111 ()
31 4
1    2606:4700:3033::ac43:88c6 (United States)

ASN13335 (CLOUDFLARENET, US)
xleak.click
6    2606:4700:3035::ac43:8ea3 (United States)

ASN13335 (CLOUDFLARENET, US)
matomo.x1eak.click
oezc.x1eak.click
1    2606:4700:3033::6815:2d21 (United States)

ASN13335 (CLOUDFLARENET, US)
j5.tbond.shop
2    2606:4700:3030::ac43:cc03 (United States)

ASN13335 (CLOUDFLARENET, US)
hprsncflw.life
1    104.21.13.181 (None, )

ASN13335 (CLOUDFLARENET, US)
geldpress.de
1    18.67.65.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-88.iad89.r.cloudfront.net
seekmymatch.com
13    23.48.224.111 (None, )

ASN- ()
www.benaughty.com
Apex Domain
Subdomains		 Transfer
13 benaughty.com
www.benaughty.com
203 KB
6 x1eak.click
matomo.x1eak.click
oezc.x1eak.click
25 KB
2 hprsncflw.life
hprsncflw.life — Cisco Umbrella Rank: 418375
1 KB
1 seekmymatch.com
seekmymatch.com — Cisco Umbrella Rank: 524046
1 KB
1 geldpress.de
geldpress.de — Cisco Umbrella Rank: 440394
832 B
1 tbond.shop
j5.tbond.shop
452 B
1 xleak.click
xleak.click
1 KB
31 7
Domain Requested by
13 www.benaughty.com www.benaughty.com
5 matomo.x1eak.click xleak.click
matomo.x1eak.click
2 hprsncflw.life 2 redirects
1 seekmymatch.com 1 redirects
1 geldpress.de 1 redirects
1 j5.tbond.shop 1 redirects
1 oezc.x1eak.click 1 redirects
1 xleak.click
31 8

This site contains no links.

Subject Issuer Validity Valid
benaughty.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Frame ID: 3AC78AC6DEE8C76A3B7B453254924BDE
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xleak.click/ Page URL
  2. https://oezc.x1eak.click/leak-id-Qm5XMXJiZW83TTNFZmF4dC9SczRndENNNms5MmdyU3AweEplU0lUWjZmdkR2Ly9zUjdm... HTTP 302
    https://j5.tbond.shop/kzvrx HTTP 302
    https://hprsncflw.life/?s=157&t1=895&t2= HTTP 302
    https://hprsncflw.life/?s=157&t1=895&t2=&bc_r=1704331077 HTTP 302
    https://geldpress.de/dating?extra_param_1=f93eebcc6864d43cbe28b6adff61ade4d603c167&sub_id_1=895 HTTP 302
    https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_sourc... HTTP 302
    https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee32482... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

31
Requests

42 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

229 kB
Transfer

523 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xleak.click/ Page URL
  2. https://oezc.x1eak.click/leak-id-Qm5XMXJiZW83TTNFZmF4dC9SczRndENNNms5MmdyU3AweEplU0lUWjZmdkR2Ly9zUjdmZE8zd1JiTW94aXQxUQ== HTTP 302
    https://j5.tbond.shop/kzvrx HTTP 302
    https://hprsncflw.life/?s=157&t1=895&t2= HTTP 302
    https://hprsncflw.life/?s=157&t1=895&t2=&bc_r=1704331077 HTTP 302
    https://geldpress.de/dating?extra_param_1=f93eebcc6864d43cbe28b6adff61ade4d603c167&sub_id_1=895 HTTP 302
    https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_source=int&affid=f0df3f0c&clickid=37-708-202401040417516ffc6caad&subid=895 HTTP 302
    https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xleak.click/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xleak.click/
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:88c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b4adfa5e22858acd35903d3f9b65f1bd0ca65bfaec6898c7c9f422b03fbbc13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
83ffa4fefa9e1815-EWR
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Jan 2024 01:17:54 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0SVdPiePvShlW8fkljTwCWpOkth%2FOdKDyIvxVKNSykg0BxNi7GKSQIL8zUhGykkBXi1eY9S0huELqzGzXjGh%2F%2F9RHJ3PaiZxEFrH1FYjcpD5lIBJhh7Ch3pKE5vBfhuGYNtdqtryNKD%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
piwik.js
matomo.x1eak.click/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://matomo.x1eak.click/piwik.js
Requested by
Host: xleak.click
URL: http://xleak.click/
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:8ea3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
en-US,en;q=0.9
Referer
http://xleak.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:55 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Sat, 08 Jul 2023 19:37:26 GMT
Server
cloudflare
ETag
W/"64a9baf6-10132"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCCMiU8tI6kB5ycWMSEMk5b9DQDVKu7fMdVSi7URKRF0sD3JijftLsIypOoGbyeX9QiLz17wYp1CMgvgrR6OFaZ8ZzA3lVqPMpYw9jqvfVvGyN1ckAdrj73Y8qzyYyUsDoH9S7nQeOQH0NgJENHj%2Byg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
83ffa500ad015e86-EWR
Expires
Thu, 31 Dec 2037 23:55:55 GMT
piwik.php
matomo.x1eak.click/ 		0
678 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://matomo.x1eak.click/piwik.php?action_name=&idsite=954&rec=1&r=202133&h=15&m=17&s=55&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=8fd51c8d82ad40be&_idn=1&send_image=0&_refts=1704331075&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=rDe7oh&pf_net=36&pf_srv=195&pf_tfr=1&pf_dm1=20&uadata=%7B%7D
Requested by
Host: matomo.x1eak.click
URL: http://matomo.x1eak.click/piwik.js
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:8ea3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xleak.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Thu, 04 Jan 2024 01:17:55 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWD8AeVA8H9sBJWpM%2FgYbnTY4f%2BLMtGA%2BAIyKs1xT1%2Fh7Hm08RWXP5Npa6DkHP33AzKIBZaceIXg%2F03RNbC%2FuTvuORpD%2BqxwHmwmdywhsCyvOg2kurY%2BAOuDSUVvR0Lk0adSZ9UjM5yvW3E9pveFMBo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://xleak.click
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
83ffa50338185e86-EWR
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.x1eak.click/ 		0
666 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://matomo.x1eak.click/piwik.php?action_name=&idsite=1&rec=1&r=895785&h=15&m=17&s=55&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=9fa42914d9f3a8e5&_idn=1&send_image=0&_refts=1704331075&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=4Qlxvb&pf_net=36&pf_srv=195&pf_tfr=1&pf_dm1=20&uadata=%7B%7D
Requested by
Host: matomo.x1eak.click
URL: http://matomo.x1eak.click/piwik.js
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:8ea3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xleak.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Thu, 04 Jan 2024 01:17:55 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FErfszanZdkoDeU5PPb4O%2B0fRk34RCt41%2BA4ZCaSSMAZJilBwLwDXNZJdXs0TW4fA7lSSYIifV9aGNX6WCgsu1EUmU8l9wFjijSgEfRYSPyt3F2cPdtOgwtPFggP7Y8S4rRbkZtFmx178g4w8lJGmY4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://xleak.click
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
83ffa5032d3241f3-EWR
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.x1eak.click/ 		0
670 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://matomo.x1eak.click/piwik.php?idgoal=1&idsite=954&rec=1&r=168606&h=15&m=17&s=55&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=8fd51c8d82ad40be&_idn=0&send_image=0&_refts=1704331075&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=rDe7oh&uadata=%7B%7D
Requested by
Host: matomo.x1eak.click
URL: http://matomo.x1eak.click/piwik.js
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:8ea3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xleak.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Thu, 04 Jan 2024 01:17:55 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXbPiZLZKFOfg5x6UGivmmdn4kEh7QcaSlaT8Z0TuyI89w2urKUoQsFD%2B8L8BGEBswqyREz0CT4gKnZk8VBPXgT9UJWVWsnLouyR1pA43iBOpFVRxx%2BnpiA2Da%2BR8c91f4QA8CaZ4GkXK%2F1BWeF5O5g%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://xleak.click
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
83ffa5082eba5e86-EWR
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.x1eak.click/ 		410 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
http://matomo.x1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=158303&h=15&m=17&s=55&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=9fa42914d9f3a8e5&_idn=0&send_image=0&_refts=1704331075&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=4Qlxvb&uadata=%7B%7D
Requested by
Host: matomo.x1eak.click
URL: http://matomo.x1eak.click/piwik.js
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:8ea3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

Referer
http://xleak.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Thu, 04 Jan 2024 01:17:55 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSwTG%2Fwijc6ttiaGzJvDbY2MCXd5mv2277sSRBFs6YzOzzmFJOU%2BcJJMV%2Bzg%2FGytTJ5B9EQPbil5qHEr6H4r9sZ%2BjCQ1n81rbPi9cRHd%2Fy0fcPxCVq35%2BVX38y91sA%2BOc9yXiY4o5M7z3gKW%2FyDtN3U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://xleak.click
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
83ffa5082c9241f3-EWR
alt-svc
h3=":443"; ma=86400
Primary Request aff.php
www.benaughty.com/
Redirect Chain
  • https://oezc.x1eak.click/leak-id-Qm5XMXJiZW83TTNFZmF4dC9SczRndENNNms5MmdyU3AweEplU0lUWjZmdkR2Ly9zUjdmZE8zd1JiTW94aXQxUQ==
  • https://j5.tbond.shop/kzvrx
  • https://hprsncflw.life/?s=157&t1=895&t2=
  • https://hprsncflw.life/?s=157&t1=895&t2=&bc_r=1704331077
  • https://geldpress.de/dating?extra_param_1=f93eebcc6864d43cbe28b6adff61ade4d603c167&sub_id_1=895
  • https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_source=int&affid=f0df3f0c&clickid=37-708-202401040417516ffc6caad&subid=895
  • https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds...
23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ab7861a3883603a6df63e21a869d3afdc904cd6371577ee3d10f6136f23c265
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xleak.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
5188
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 01:17:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mTOE,2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 04 Jan 2024 01:17:58 GMT
location
https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
timing-allow-origin
*
via
1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
x-amz-cf-id
_GcTkOhEQvl26K0pJXPhw1hbtCmt2J7x5KkdLWouyjg1DNBenP86gQ==
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
090d5ab330086d5d6e16eba39cd1dfa8.css
www.benaughty.com/landing/resource/id/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2007cdbfa42dc817c565d0ae7a5ab868a61dea37441d08240b22aeac5e20eb15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:58 GMT
content-encoding
br
last-modified
Sun, 24 Dec 2023 07:24:15 GMT
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1663619
alt-svc
h3=":443"; ma=93600
content-length
4854
expires
Tue, 23 Jan 2024 07:24:57 GMT
2e0f698e
www.benaughty.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/akam/13/2e0f698e
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
49784ae4eaf15337f5bfe63870f4fcc8677b057830e2c56fc419e357520fd212

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:58 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:07:24 GMT
etag
"c4eb4f3d08a326d97cbc7bb4bc17903c0a7f075b6ecc16c9875b92d2df781818"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
8796
expires
Thu, 04 Jan 2024 01:17:58 GMT
logoBeNaughtyWhite.svg
www.benaughty.com/assets/fef8e451/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benaughty.com/assets/fef8e451/logoBeNaughtyWhite.svg
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
11f58b9dc4cda3c6f8322a3d56b0dba50f646b6999fa7118787f6fde0b31fc8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Thu, 04 Jan 2024 01:17:58 GMT
last-modified
Wed, 22 Nov 2023 08:18:28 GMT
etag
W/"655db954-179e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1238799
alt-svc
h3=":443"; ma=93600
content-length
2629
expires
Thu, 18 Jan 2024 09:24:37 GMT
c_f113d4f7f7c11d088d6c4c115a4ca317.js
www.benaughty.com/assets/1b3d1ccf/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/assets/1b3d1ccf/c_f113d4f7f7c11d088d6c4c115a4ca317.js
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b403c509cd6dad8367c89915f2d896606d142650541042614bdf551958816a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Origin
https://www.benaughty.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
br
date
Thu, 04 Jan 2024 01:17:58 GMT
last-modified
Tue, 12 Dec 2023 18:15:59 GMT
etag
W/"655db94b-a5d0"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=665882
alt-svc
h3=":443"; ma=93600
content-length
9701
expires
Thu, 11 Jan 2024 18:16:00 GMT
da04512fa2cfc2e89bee1136981357a3.js
www.benaughty.com/landing/resource/id/ 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/landing/resource/id/da04512fa2cfc2e89bee1136981357a3.js
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2cf050c84fbd06cef7a67573c2088855042468adffba6549d3ffaa937da68e5

Request headers

Referer
https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Origin
https://www.benaughty.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 23 Jan 2024 07:00:25 GMT
date
Thu, 04 Jan 2024 01:17:58 GMT
content-encoding
br
last-modified
Tue, 28 Nov 2023 09:38:00 GMT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1662147
alt-svc
h3=":443"; ma=93600
content-length
6443
quic-version
0x00000001
intg.js
www.benaughty.com/t/tr/lp/ 		143 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/t/tr/lp/intg.js?v=1019880347
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bced53255cbbfa7e139223440a44a10923f5c50b141fd73eff8eed1616e46aba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
strict-transport-security
max-age=63072000
content-encoding
br
date
Thu, 04 Jan 2024 01:17:58 GMT
x-amz-cf-pop
YUL62-P1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
alt-svc
h3=":443"; ma=93600
content-length
94
last-modified
Thu, 04 Jan 2024 00:01:02 GMT
etag
W/"8f-18c1b22ca10"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=2040
timing-allow-origin
*
x-robots-tag
noindex
x-amz-cf-id
KSxJWTgyepyKPe9PeZL1n-IBhRyyuPtNNrfoHNoT3qsRkqEGwpQlhg==
expires
Thu, 04 Jan 2024 01:51:58 GMT
bts.js
www.benaughty.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/bts.js
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
43bc545b1b14c25de031784cabec599ea171ea711bf841bbd12d6fb1b0fb3e0c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/aff.php?tds_ps=b&s3=%7Bsubid2%7D&utm_campaign=f0df3f0c&s1=ps&tds_cid=ee324825f0dde41908c9d6febe8cf6859c5564b2&tds_ao=1&_disAL=true&data2=37-708-202401040417516ffc6caad&tds_oid=12243001&dci=948f82e6531084454e875432d1e8ea64112ab8f9&tds_host=seekmymatch.com&tds_reason=direct&tds_id=b3022bel_lp_b_1636993951804_bn&dynamicpage=bn_wlp_5st_halfphoto_v2_a&tds_campaign=b3022bel&tds_ac_id=s3167bel&p_tds_cid=&utm_source=int&utm_funnel=tds&utm_content=895&tdsId=b3022bel_lp_b_1636993951804_bn&utm_ex=b&tds_path=%2Ftds%2Fae&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvNGUwOTczZjExZTQyNmY2YjE5YTBhMTc0YzhmMTY1MDk%2FX190PTE3MDQzMzEwNzgzOTAmX19sPTM2MDA%3D&utm_sub=opnfnl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 01:20:27 GMT
date
Thu, 04 Jan 2024 01:17:58 GMT
content-encoding
br
last-modified
Mon, 05 Sep 2022 06:29:11 GMT
etag
"63159737-2185"
content-type
application/javascript
cache-control
public, max-age=149
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
2737
quic-version
0x00000001
c147fd45057a274392510ae5c636d64c.webp
www.benaughty.com/landing/resource/id/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benaughty.com/landing/resource/id/c147fd45057a274392510ae5c636d64c.webp
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d2eda26ae2de9f12b4b905d1b6e0a94eb5cd16250c764a79385598c8739de02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 15 Jan 2024 18:10:06 GMT
date
Thu, 04 Jan 2024 01:17:58 GMT
last-modified
Wed, 12 Jun 2019 15:26:38 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1011128
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
32326
quic-version
0x00000001
d826ddb863e4a1d00c9b797fa4c77c6c.webp
www.benaughty.com/landing/resource/id/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benaughty.com/landing/resource/id/d826ddb863e4a1d00c9b797fa4c77c6c.webp
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 07 Jan 2024 14:18:59 GMT
date
Thu, 04 Jan 2024 01:17:58 GMT
last-modified
Thu, 13 Jun 2019 11:17:12 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=306061
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
30278
quic-version
0x00000001
Inter-Regular.woff2
www.benaughty.com/landing/font/id/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/landing/font/id/Inter-Regular.woff2
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
Origin
https://www.benaughty.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 04:23:42 GMT
date
Thu, 04 Jan 2024 01:17:58 GMT
last-modified
Fri, 03 Jun 2022 06:07:31 GMT
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=529544
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
98756
quic-version
0x00000001
Material%20Icons%20Benaughty.woff2
www.benaughty.com/landing/font/id/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/landing/font/id/Material%20Icons%20Benaughty.woff2
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
Origin
https://www.benaughty.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 14 Jan 2024 17:03:23 GMT
date
Thu, 04 Jan 2024 01:17:58 GMT
last-modified
Fri, 03 Jun 2022 11:37:26 GMT
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=920725
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
31896
quic-version
0x00000001
Inter-Medium.woff2
www.benaughty.com/landing/font/id/ 		96 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/landing/font/id/Inter-Medium.woff2
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.48.224.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.benaughty.com/landing/resource/id/090d5ab330086d5d6e16eba39cd1dfa8.css
Origin
https://www.benaughty.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 05:23:42 GMT
date
Thu, 04 Jan 2024 01:17:58 GMT
last-modified
Sat, 26 Aug 2023 21:48:34 GMT
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=533144
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
105944
quic-version
0x00000001
copyrights
www.benaughty.com/api/v1/site/ 		0
0
index.js
www.benaughty.com/t/tr/lp/ 		0
0
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
webPushData
www.benaughty.com/landing/ 		0
0
mta
www.benaughty.com/landing/ 		0
0
tr
www.benaughty.com/ 		0
0
tr
www.benaughty.com/ 		0
0
tr
www.benaughty.com/ 		0
0
tr
www.benaughty.com/ 		0
0
tr
www.benaughty.com/ 		0
0
tr
www.benaughty.com/ 		0
0
tr
www.benaughty.com/ 		0
0
tr
www.benaughty.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.benaughty.com
URL
https://www.benaughty.com/api/v1/site/copyrights
Domain
www.benaughty.com
URL
https://www.benaughty.com/t/tr/lp/index.js
Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/webPushData
Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/mta
Domain
www.benaughty.com
URL
https://www.benaughty.com/tr
Domain
www.benaughty.com
URL
https://www.benaughty.com/tr
Domain
www.benaughty.com
URL
https://www.benaughty.com/tr
Domain
www.benaughty.com
URL
https://www.benaughty.com/tr
Domain
www.benaughty.com
URL
https://www.benaughty.com/tr
Domain
www.benaughty.com
URL
https://www.benaughty.com/tr
Domain
www.benaughty.com
URL
https://www.benaughty.com/tr
Domain
www.benaughty.com
URL
https://www.benaughty.com/tr

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

13 Cookies

Domain/Path Name / Value
xleak.click/ Name: _pk_ref.954.01d8
Value: %5B%22%22%2C%22%22%2C1704331075%2C%22https%3A%2F%2Fgroups.google.com%2F%22%5D
xleak.click/ Name: _pk_id.954.01d8
Value: 8fd51c8d82ad40be.1704331075.
xleak.click/ Name: _pk_ses.954.01d8
Value: 1
xleak.click/ Name: _pk_ref.1.01d8
Value: %5B%22%22%2C%22%22%2C1704331075%2C%22https%3A%2F%2Fgroups.google.com%2F%22%5D
xleak.click/ Name: _pk_id.1.01d8
Value: 9fa42914d9f3a8e5.1704331075.
xleak.click/ Name: _pk_ses.1.01d8
Value: 1
.hprsncflw.life/ Name: 4696ff61c1b0da7e26957484673b8177
Value: 1
.hprsncflw.life/ Name: da76aa624ae18a29ca405e7c673ff047
Value: 1
.hprsncflw.life/ Name: ae1f964c26c81c1c64f5560b164c0d12
Value: f93eebcc6864d43cbe28b6adff61ade4d603c167
.geldpress.de/ Name: fed5c602
Value: 708
.geldpress.de/ Name: f0ffe
Value: %7B%22streams%22%3A%7B%22708%22%3A1704331071%7D%2C%22campaigns%22%3A%7B%2237%22%3A1704331071%7D%2C%22time%22%3A1704331071%7D
.seekmymatch.com/ Name: dci
Value: 948f82e6531084454e875432d1e8ea64112ab8f9
seekmymatch.com/ Name: dm
Value: fe450dd0d1dadc615429144d33241f42

1 Console Messages

Source Level URL
Text
network error URL: http://matomo.x1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=158303&h=15&m=17&s=55&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=9fa42914d9f3a8e5&_idn=0&send_image=0&_refts=1704331075&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=4Qlxvb&uadata=%7B%7D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)