urlscan.io logo urlscan.io
SecurityTrails logo

www.benaughty.com Open in urlscan Pro
23.73.207.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jleak.click/kingadiontis-leaked
Effective URL: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NG...
Submission: On June 11 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 23.73.207.174, located in and belongs to . The main domain is www.benaughty.com.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.
This is the only time www.benaughty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.21.58.215 13335 (CLOUDFLAR...)
1 6 104.21.65.205 13335 (CLOUDFLAR...)
1 1 104.21.45.33 13335 (CLOUDFLAR...)
2 2 104.21.14.31 13335 (CLOUDFLAR...)
1 1 104.21.11.142 13335 (CLOUDFLAR...)
1 1 18.67.65.129 16509 (AMAZON-02)
8 23.73.207.174 ()
24 4
2    104.21.58.215 (None, )

ASN13335 (CLOUDFLARENET, US)
jleak.click
6    104.21.65.205 (None, )

ASN13335 (CLOUDFLARENET, US)
matomo.j1eak.click
nwhp.j1eak.click
1    104.21.45.33 (None, )

ASN13335 (CLOUDFLARENET, US)
da.tbond.shop
2    104.21.14.31 (None, )

ASN13335 (CLOUDFLARENET, US)
sotpprdjanssnow.life
1    104.21.11.142 (None, )

ASN13335 (CLOUDFLARENET, US)
pelikan-hauskrankenpflege.de
1    18.67.65.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-129.iad89.r.cloudfront.net
seekmymatch.com
8    23.73.207.174 (None, )

ASN- ()
www.benaughty.com
Apex Domain
Subdomains		 Transfer
8 benaughty.com
www.benaughty.com
40 KB
6 j1eak.click
matomo.j1eak.click
nwhp.j1eak.click
24 KB
2 sotpprdjanssnow.life
sotpprdjanssnow.life — Cisco Umbrella Rank: 917198
1 KB
2 jleak.click
jleak.click
2 KB
1 seekmymatch.com
seekmymatch.com
1 KB
1 pelikan-hauskrankenpflege.de
pelikan-hauskrankenpflege.de
698 B
1 tbond.shop
da.tbond.shop
473 B
24 7
Domain Requested by
8 www.benaughty.com www.benaughty.com
5 matomo.j1eak.click jleak.click
matomo.j1eak.click
2 sotpprdjanssnow.life 2 redirects
2 jleak.click
1 seekmymatch.com 1 redirects
1 pelikan-hauskrankenpflege.de 1 redirects
1 da.tbond.shop 1 redirects
1 nwhp.j1eak.click 1 redirects
24 8

This site contains no links.

Subject Issuer Validity Valid
jleak.click
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
j1eak.click
E1		 2024-05-31 -
2024-08-29		 3 months crt.sh
benaughty.com
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Frame ID: A0CDD3BA1C08FF37D6BDF07118809E4C
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://jleak.click/kingadiontis-leaked Page URL
  2. https://nwhp.j1eak.click/leak-id-Mzd3bWNZazM2TTdjSXNKMkVzZWJTWnJieFg3dlFiajNMYW92eUxDdlJua0NlM3lrKzRK... HTTP 302
    https://da.tbond.shop/3dklo HTTP 302
    https://sotpprdjanssnow.life/?s=157&t1=895&t2=&t4=gg HTTP 302
    https://sotpprdjanssnow.life/?s=157&t1=895&t2=&t4=gg&bc_r=1718068352 HTTP 302
    https://pelikan-hauskrankenpflege.de/dating?extra_param_1=103c1a7eb71ba8612d53506feff1814e4ea52162&sub_id_1=895 HTTP 302
    https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_sourc... HTTP 302
    https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

24
Requests

63 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

66 kB
Transfer

232 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jleak.click/kingadiontis-leaked Page URL
  2. https://nwhp.j1eak.click/leak-id-Mzd3bWNZazM2TTdjSXNKMkVzZWJTWnJieFg3dlFiajNMYW92eUxDdlJua0NlM3lrKzRKZWhlMjZuMFVyeFpTVU04c3p6a2xlTFNWbldkTjI5OEFNemc9PQ== HTTP 302
    https://da.tbond.shop/3dklo HTTP 302
    https://sotpprdjanssnow.life/?s=157&t1=895&t2=&t4=gg HTTP 302
    https://sotpprdjanssnow.life/?s=157&t1=895&t2=&t4=gg&bc_r=1718068352 HTTP 302
    https://pelikan-hauskrankenpflege.de/dating?extra_param_1=103c1a7eb71ba8612d53506feff1814e4ea52162&sub_id_1=895 HTTP 302
    https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_source=int&affid=f0df3f0c&clickid=37-708-20240611041226299904d3a&subid=895 HTTP 302
    https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
kingadiontis-leaked
jleak.click/ 		1 KB
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jleak.click/kingadiontis-leaked
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f1928d23da6862dacca0f8dd0bd0c292d9f76e9e45d527446ef5b16c1f34e7

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
891dbbb62ccd39cf-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 11 Jun 2024 01:12:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XyC3v%2FdHhaFaSw1995ITkXJkiENClQtl8ctxfMsa7IzB0G1AW4jZHIFycPomFLjZi2GWke%2FtPLdJf5153II2CUhkdzRtHbqlQSqMdMzsuFijHvWj2oCxBdJUNOrIaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
piwik.js
matomo.j1eak.click/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.j1eak.click/piwik.js
Requested by
Host: jleak.click
URL: https://jleak.click/kingadiontis-leaked
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jleak.click/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 01:12:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2023 19:37:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
737071
etag
W/"64a9baf6-10132"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ByvRwrJ7nuYGr%2BYyUgqC6uj3n4Gj777oRr2uJgFGtSjTHdjBnfS0Os0KJVIg5i%2BeiYQIh2OhQXS6LtHPj%2B763si9eISjjEC1ndihbA9KBRK9QwZFD3W7nfTTw%2BROUtGBe38INc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
891dbbb7d8cf39fb-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
piwik.php
matomo.j1eak.click/ 		0
420 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.j1eak.click/piwik.php?action_name=kingadiontis%20leaked&idsite=988&rec=1&r=475483&h=18&m=12&s=30&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=3d1bcd3962bbc620&_idn=1&send_image=0&_refts=1718068351&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Xp3Lse&pf_net=33&pf_srv=216&pf_tfr=1&pf_dm1=19&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: matomo.j1eak.click
URL: https://matomo.j1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://jleak.click/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Tue, 11 Jun 2024 01:12:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9M0MmpwPo%2B98me7UbKeaIJbNfTbveTwlUF6gRwQFueorKS5LTfX43dXdGgDfVym%2ByElGQ5yiIz9x3X1wVLK2t9GOVbjj0Es7vs2nX9rJqHqOMtoV1AdDf0RaUpRp953qc0DRwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://jleak.click
access-control-allow-credentials
true
cf-ray
891dbbb8494f39fb-YYZ
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.j1eak.click/ 		0
422 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.j1eak.click/piwik.php?action_name=kingadiontis%20leaked&idsite=1&rec=1&r=097848&h=18&m=12&s=30&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=b223aafcdd178f1a&_idn=1&send_image=0&_refts=1718068351&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=5CpArI&pf_net=33&pf_srv=216&pf_tfr=1&pf_dm1=19&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: matomo.j1eak.click
URL: https://matomo.j1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://jleak.click/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Tue, 11 Jun 2024 01:12:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkSbGXqLWhkqJO7O7kTbc1vTfNLquCS4ZNnrKWG2iCSMXnpDCTO402ZVVuIRn6UpTm12X2RoYj4rOP03n6oazveT%2Fi0qOWA6BQTUXDudI4bJoKzM2Q47wD78QtYAmIjxoWZY%2FOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://jleak.click
access-control-allow-credentials
true
cf-ray
891dbbb8495039fb-YYZ
alt-svc
h3=":443"; ma=86400
favicon.ico
jleak.click/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://jleak.click/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74fb7e0ec3db9c0b8e579107ba9e3fc7377492d7bfc8941de7ebbee073365b46

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jleak.click/kingadiontis-leaked
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 01:12:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jun 2024 00:45:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1594
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmSxNrq%2F8ZzAVwnwVKVegElUtvP0sjmhrRqxNyAhjwT0DirIl%2F%2FFkY2glKP767QYoTnVLLj3wOkYV98V7cMUZF2a0YS3DVZYkmJO43wkIXEwy%2Bc0ccJI846jU3wyXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
891dbbb8485339cf-YYZ
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.j1eak.click/ 		0
425 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.j1eak.click/piwik.php?idgoal=1&idsite=988&rec=1&r=023034&h=18&m=12&s=30&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=3d1bcd3962bbc620&_idn=0&send_image=0&_refts=1718068351&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Xp3Lse&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: matomo.j1eak.click
URL: https://matomo.j1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://jleak.click/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Tue, 11 Jun 2024 01:12:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0V8k%2FU%2BqQ3hdUvPub4efFCeLSfPl1NzZkEvqn%2B7khEy4exkbvYNqs18ZLc3x%2FYDoxo6gI0SkkEKD4NCQ8fEDlcUHjoYTNPijusbtWU5r1QVQg%2F6iqXe90BAJhLsjjvFQWta5IYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://jleak.click
access-control-allow-credentials
true
cf-ray
891dbbbd48b839fb-YYZ
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.j1eak.click/ 		410 B
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.j1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=625867&h=18&m=12&s=30&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=b223aafcdd178f1a&_idn=0&send_image=0&_refts=1718068351&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=5CpArI&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: matomo.j1eak.click
URL: https://matomo.j1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://jleak.click/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Tue, 11 Jun 2024 01:12:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P53O47gty1fZUsAVdDLZBX6miPo0w90PSY%2BP2SVyDmIwxQuFrM6enOfr5egiS3IleN6c%2BfWstgLjtx8iD0iiOG%2B7higQaUFOaf%2BTT7nNvnO46pcUY8LeqPsgoE5B45MJInRm4do%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://jleak.click
access-control-allow-credentials
true
cf-ray
891dbbbd48ba39fb-YYZ
alt-svc
h3=":443"; ma=86400
Primary Request aff.php
www.benaughty.com/
Redirect Chain
  • https://nwhp.j1eak.click/leak-id-Mzd3bWNZazM2TTdjSXNKMkVzZWJTWnJieFg3dlFiajNMYW92eUxDdlJua0NlM3lrKzRKZWhlMjZuMFVyeFpTVU04c3p6a2xlTFNWbldkTjI5OEFNemc9PQ==
  • https://da.tbond.shop/3dklo
  • https://sotpprdjanssnow.life/?s=157&t1=895&t2=&t4=gg
  • https://sotpprdjanssnow.life/?s=157&t1=895&t2=&t4=gg&bc_r=1718068352
  • https://pelikan-hauskrankenpflege.de/dating?extra_param_1=103c1a7eb71ba8612d53506feff1814e4ea52162&sub_id_1=895
  • https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_source=int&affid=f0df3f0c&clickid=37-708-20240611041226299904d3a&subid=895
  • https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI...
22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.174 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3774125062671db894b1ce043859300e734d4ceb31df7ddd244ee24505defa34
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://jleak.click/kingadiontis-leaked
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
5089
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Tue, 11 Jun 2024 01:12:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-akamai-transformed
9 4886 0 pmb=mTOE,2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 11 Jun 2024 01:12:34 GMT
location
https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
timing-allow-origin
*
via
1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
x-amz-cf-id
NXid3hR6dndpzzt4lpJ4ARHnamOERc9e_agVaIEuzY6H_7VdiD5kew==
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
0e10be6749d11bcef04380bd21b61e4d.css
www.benaughty.com/landing/resource/id/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/landing/resource/id/0e10be6749d11bcef04380bd21b61e4d.css
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.174 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd6e0f7d5f9f55d3047708866cd459a16e992dea8cc60d9a751c1e6e04b572a4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 01:12:34 GMT
content-encoding
br
last-modified
Tue, 14 May 2024 23:31:56 GMT
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2545267
alt-svc
h3=":443"; ma=93600
content-length
4832
expires
Wed, 10 Jul 2024 12:13:41 GMT
682edb50
www.benaughty.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/akam/13/682edb50
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.174 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd93649f3b397f3a63cbd45cea2fd9488ce4a8ff557eb1df6b42be6d22099124

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 01:12:34 GMT
content-encoding
gzip
last-modified
Thu, 22 Feb 2024 19:39:35 GMT
etag
"4f7cdc6811a83d625c027c8af71848648cbc34bf687e5074b99079440ec461f7"
stored-attribute-sha-checksum
fd93649f3b397f3a63cbd45cea2fd9488ce4a8ff557eb1df6b42be6d22099124
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
alt-svc
h3=":443"; ma=93600
content-length
8770
expires
Tue, 11 Jun 2024 01:12:34 GMT
logoBeNaughtyWhite.svg
www.benaughty.com/assets/fef8e451/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benaughty.com/assets/fef8e451/logoBeNaughtyWhite.svg
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.174 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
11f58b9dc4cda3c6f8322a3d56b0dba50f646b6999fa7118787f6fde0b31fc8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Tue, 11 Jun 2024 01:12:34 GMT
last-modified
Wed, 20 Mar 2024 10:44:03 GMT
etag
W/"65fabdf3-179e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1420660
alt-svc
h3=":443"; ma=93600
content-length
2660
expires
Thu, 27 Jun 2024 11:50:14 GMT
c_5c6df6cd00f481b6f982c9a1cba21fae.js
www.benaughty.com/assets/1b3d1ccf/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/assets/1b3d1ccf/c_5c6df6cd00f481b6f982c9a1cba21fae.js
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.174 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa1b58565c66cde533da6d723a57cfc440b3e6bb51cf2d80da085aada248632
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Origin
https://www.benaughty.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000
content-encoding
br
date
Tue, 11 Jun 2024 01:12:34 GMT
last-modified
Thu, 16 May 2024 09:09:40 GMT
etag
W/"6645bfcc-a897"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=374178
alt-svc
h3=":443"; ma=93600
content-length
9848
expires
Sat, 15 Jun 2024 09:08:52 GMT
47c7f7c5c74e20816bd1ff2894a21494.js
www.benaughty.com/landing/resource/id/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/landing/resource/id/47c7f7c5c74e20816bd1ff2894a21494.js
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.174 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee19372df282f9742705085cd16919456d34a98f2e81966db76d5a2453db4fab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Origin
https://www.benaughty.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 10 Jul 2024 11:52:51 GMT
date
Tue, 11 Jun 2024 01:12:34 GMT
content-encoding
br
last-modified
Wed, 15 May 2024 04:29:57 GMT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2544017
alt-svc
h3=":443"; ma=93600
content-length
5511
quic-version
0x00000001
intg.js
www.benaughty.com/t/tr/lp/ 		143 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/t/tr/lp/intg.js?v=1358229712
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.174 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bced53255cbbfa7e139223440a44a10923f5c50b141fd73eff8eed1616e46aba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

quic-version
0x00000001
strict-transport-security
max-age=63072000
content-encoding
br
date
Tue, 11 Jun 2024 01:12:34 GMT
x-amz-cf-pop
ORD56-P1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
alt-svc
h3=":443"; ma=93600
content-length
94
last-modified
Tue, 11 Jun 2024 00:00:53 GMT
etag
W/"8f-18ffcab16b0"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=2561
timing-allow-origin
*
x-robots-tag
noindex
x-amz-cf-id
HcAyX1U7O_w3-dEaLd9svSVikDVB_kL5Lr_7g4gEL2y0E45Dhh98bA==
expires
Tue, 11 Jun 2024 01:55:15 GMT
bts.js
www.benaughty.com/ 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/bts.js
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.73.207.174 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 11 Jun 2024 01:50:30 GMT
date
Tue, 11 Jun 2024 01:12:34 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 06:28:02 GMT
etag
"660a6f1a-22ae"
content-type
application/javascript
cache-control
public, max-age=2276
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
2782
quic-version
0x00000001
b2a84b29fb2924142d591db224c40f50.jpg
www.benaughty.com/landing/resource/id/ 		0
0
89823810b33d82612fe8cbe1819767f9.jpg
www.benaughty.com/landing/resource/id/ 		0
0
Inter-Regular.woff2
www.benaughty.com/landing/font/id/ 		0
0
Material%20Icons%20Benaughty.woff2
www.benaughty.com/landing/font/id/ 		0
0
Inter-Medium.woff2
www.benaughty.com/landing/font/id/ 		0
0
copyrights
www.benaughty.com/api/v1/site/ 		0
0
index.js
www.benaughty.com/t/tr/lp/ 		0
0
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
webPushData
www.benaughty.com/landing/ 		0
0
mta
www.benaughty.com/landing/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/resource/id/b2a84b29fb2924142d591db224c40f50.jpg
Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/resource/id/89823810b33d82612fe8cbe1819767f9.jpg
Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/font/id/Inter-Regular.woff2
Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/font/id/Material%20Icons%20Benaughty.woff2
Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/font/id/Inter-Medium.woff2
Domain
www.benaughty.com
URL
https://www.benaughty.com/api/v1/site/copyrights
Domain
www.benaughty.com
URL
https://www.benaughty.com/t/tr/lp/index.js
Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/webPushData
Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/mta

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Domain/Path Name / Value
jleak.click/ Name: _pk_ref.988.1099
Value: %5B%22%22%2C%22%22%2C1718068351%2C%22https%3A%2F%2Fgroups.google.com%2F%22%5D
jleak.click/ Name: _pk_id.988.1099
Value: 3d1bcd3962bbc620.1718068351.
jleak.click/ Name: _pk_ses.988.1099
Value: 1
jleak.click/ Name: _pk_ref.1.1099
Value: %5B%22%22%2C%22%22%2C1718068351%2C%22https%3A%2F%2Fgroups.google.com%2F%22%5D
jleak.click/ Name: _pk_id.1.1099
Value: b223aafcdd178f1a.1718068351.
jleak.click/ Name: _pk_ses.1.1099
Value: 1
.sotpprdjanssnow.life/ Name: aa7ac33b928d28ea01f946bad7593046
Value: 1
.sotpprdjanssnow.life/ Name: f9a08ea8a9c4663bd056e461d7d7148d
Value: 1
.sotpprdjanssnow.life/ Name: ae1f964c26c81c1c64f5560b164c0d12
Value: 103c1a7eb71ba8612d53506feff1814e4ea52162
.pelikan-hauskrankenpflege.de/ Name: fed5c602
Value: 708
.seekmymatch.com/ Name: dci
Value: 491f79d75bca52dc19250ee7666197d946382fc3
seekmymatch.com/ Name: dm
Value: fe450dd0d1dadc615429144d33241f42

2 Console Messages

Source Level URL
Text
network error URL: https://matomo.j1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=625867&h=18&m=12&s=30&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=b223aafcdd178f1a&_idn=0&send_image=0&_refts=1718068351&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=5CpArI&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Message:
Failed to load resource: the server responded with a status of 400 ()
recommendation verbose URL: https://www.benaughty.com/aff.php?btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvYjk3NWZmNTdhNmY5ZjI3ZGY3MjlmNmE1NGUwNDA3N2I%2FX190PTE3MTgwNjgzNTQxNTkmX19sPTM2MDAmX19jPTU2ZmZlYzk4YWQ0YjRlYjI0NGJjZDBlMTM3MmViZDIyYjg5MzNlMDM%3D&_disAL=true&utm_source=int&tds_ao=1&s1=ps&data2=37-708-20240611041226299904d3a&tds_cid=56ffec98ad4b4eb244bcd0e1372ebd22b8933e03&tdsId=b3022bel_lp_a_1567436753250_bn&tds_reason=direct&tds_host=seekmymatch.com&dci=491f79d75bca52dc19250ee7666197d946382fc3&tds_oid=12243001&utm_ex=a&tds_ac_id=s3167bel&tds_ps=a&tds_path=%2Ftds%2Fae&utm_funnel=tds&p_tds_cid=&s3=%7Bsubid2%7D&dynamicpage=bn_wlp_5st_halfphoto_v2_a&utm_content=895&utm_sub=opnfnl&utm_campaign=f0df3f0c&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567436753250_bn
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o