urlscan.io logo urlscan.io
SecurityTrails logo

www.benaughty.com Open in urlscan Pro
23.196.3.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gfaleak.click/
Effective URL: https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=i...
Submission: On February 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 6 domains to perform 14 HTTP transactions. The main IP is 23.196.3.188, located in and belongs to . The main domain is www.benaughty.com.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.
This is the only time www.benaughty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 104.21.39.214 ()
1 1 108.139.47.99 ()
5 23.196.3.188 ()
14 4
1    2606:4700:3031::ac43:869f (United States)

ASN13335 (CLOUDFLARENET, US)
gfaleak.click
6    2606:4700:3037::6815:4649 (United States)

ASN13335 (CLOUDFLARENET, US)
matomo.gfa1eak.click
um6x.gfa1eak.click
2    2606:4700:3033::ac43:a930 (United States)

ASN13335 (CLOUDFLARENET, US)
glxshnngstr.life
1    104.21.39.214 (None, )

ASN- ()
startelelogic.de
1    108.139.47.99 (None, )

ASN- ()
seekmymatch.com
5    23.196.3.188 (None, )

ASN- ()
www.benaughty.com
Domain Requested by
5 www.benaughty.com www.benaughty.com
5 matomo.gfa1eak.click gfaleak.click
matomo.gfa1eak.click
2 glxshnngstr.life 2 redirects
1 seekmymatch.com 1 redirects
1 startelelogic.de 1 redirects
1 um6x.gfa1eak.click 1 redirects
1 gfaleak.click
14 7

This site contains no links.

Subject Issuer Validity Valid
gfaleak.click
GTS CA 1P5		 2024-02-21 -
2024-05-21		 3 months crt.sh
gfa1eak.click
GTS CA 1P5		 2024-02-21 -
2024-05-21		 3 months crt.sh
benaughty.com
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
Frame ID: 8C15677EB86856B44BC056B4D83A2743
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gfaleak.click/ Page URL
  2. https://um6x.gfa1eak.click/leak-id-bXFVTTJxczRoUlltQmZRbjdiUjY4VWJMOFlsWXEwaXZKVVhyeXJnSXBBd21YeUU3bTF2... HTTP 302
    https://glxshnngstr.life/?s=157&t1=895&t2=&t4=974 HTTP 302
    https://glxshnngstr.life/?s=157&t1=895&t2=&t4=974&bc_r=1708803842 HTTP 302
    https://startelelogic.de/dating?extra_param_1=9e465e59a2fa897eb4bbd06180a4c73d242adf43&sub_id_1=895 HTTP 302
    https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_sourc... HTTP 302
    https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

14
Requests

79 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

4
IPs

1
Countries

48 kB
Transfer

172 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gfaleak.click/ Page URL
  2. https://um6x.gfa1eak.click/leak-id-bXFVTTJxczRoUlltQmZRbjdiUjY4VWJMOFlsWXEwaXZKVVhyeXJnSXBBd21YeUU3bTF2N0VxcTFXL0hkNFA5OQ== HTTP 302
    https://glxshnngstr.life/?s=157&t1=895&t2=&t4=974 HTTP 302
    https://glxshnngstr.life/?s=157&t1=895&t2=&t4=974&bc_r=1708803842 HTTP 302
    https://startelelogic.de/dating?extra_param_1=9e465e59a2fa897eb4bbd06180a4c73d242adf43&sub_id_1=895 HTTP 302
    https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_source=int&affid=f0df3f0c&clickid=37-708-20240224224356e85bbb500&subid=895 HTTP 302
    https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gfaleak.click/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gfaleak.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:869f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b3cac836f6b2ae0a371955c34a628dc2c414b8de2b036f562464c1f16f95f2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85aa3352b858da73-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 24 Feb 2024 19:43:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEGlJ%2BrPT8VE9jYpXsoRCkuDdIGa8%2F7Sk68%2BGbol88A9EqsBbuQWP6u5NbMPacTSfRwXJpQGArIM2I68x5gXOyNLxhw4YuC6gSQZUYzg4Iw36JXCyD%2BawEEK2SvmArXT%2Bn%2Bnz01jNos%2B%2BV4p"}],"group":"cf-nel","max_age":604800}
server
cloudflare
piwik.js
matomo.gfa1eak.click/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.gfa1eak.click/piwik.js
Requested by
Host: gfaleak.click
URL: https://gfaleak.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfaleak.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 19:43:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2023 19:37:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
42440
etag
W/"64a9baf6-10132"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe1F%2BlEtDu%2Ba4lGnPmRbVipt8waxZkAubfsOwu4KJwktaHFWLcIDKqCq%2FPfxB1fRXQa3DfQUhofTQhT4jnhS%2BSAk6Dd8kZ2HTMJSHxor678w2klio8%2Bmxhro8Ljd6l63WjH2CX3ZSPM5gCVTetB5Rw9VUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
85aa3358dde025a0-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
piwik.php
matomo.gfa1eak.click/ 		0
275 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.gfa1eak.click/piwik.php?action_name=&idsite=974&rec=1&r=428208&h=9&m=43&s=58&url=https%3A%2F%2Fdocs.google.com&urlref=https%3A%2F%2Fdocs.google.com&_id=c98f6e31474a36ec&_idn=1&send_image=0&_refts=1708803839&_ref=https%3A%2F%2Fdocs.google.com&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=coTym9&pf_net=115&pf_srv=270&pf_tfr=1&pf_dm1=42&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.gfa1eak.click
URL: https://matomo.gfa1eak.click/piwik.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gfaleak.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sat, 24 Feb 2024 19:43:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=go3cRM00z0%2FXZ2clS7uBfhPCLmaDM80%2Fqe7%2FRFDGj4OTKzYumhJ5Xl%2BKSRyC1bJn8kailAx12d3Y%2FcxmmAWY0QSRIWuJ%2FnuihHSX682wrOyfEVAvV%2FxPhKm8z2lalEDVfYmubrkjUlBDkywFx1THhNYs%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://gfaleak.click
access-control-allow-credentials
true
cf-ray
85aa3359cf8925a0-MIA
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.gfa1eak.click/ 		0
362 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.gfa1eak.click/piwik.php?action_name=&idsite=1&rec=1&r=463951&h=9&m=43&s=58&url=https%3A%2F%2Fdocs.google.com&urlref=https%3A%2F%2Fdocs.google.com&_id=d7e37d2eda305b84&_idn=1&send_image=0&_refts=1708803839&_ref=https%3A%2F%2Fdocs.google.com&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=YzHhmk&pf_net=115&pf_srv=270&pf_tfr=1&pf_dm1=42&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.gfa1eak.click
URL: https://matomo.gfa1eak.click/piwik.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gfaleak.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sat, 24 Feb 2024 19:43:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlWyh2F9WpjpD2P64lZ4OGsxsDCJJfw1Fk0LBX9dDtP1bjmoYpIJX2WAr3gU%2FnawG6rypmKwBfc69VFvN30kPWd4Yu4KjDqxT%2FdHg%2FiKkZ5ju7CNl6hIuZ22S%2FaEA5ATPoIX2ra6lztbcyLIKksA7CfLog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://gfaleak.click
access-control-allow-credentials
true
cf-ray
85aa3359cf8f25a0-MIA
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.gfa1eak.click/ 		0
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.gfa1eak.click/piwik.php?idgoal=1&idsite=974&rec=1&r=755801&h=9&m=43&s=58&url=https%3A%2F%2Fdocs.google.com&urlref=https%3A%2F%2Fdocs.google.com&_id=c98f6e31474a36ec&_idn=0&send_image=0&_refts=1708803839&_ref=https%3A%2F%2Fdocs.google.com&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=coTym9&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.gfa1eak.click
URL: https://matomo.gfa1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://gfaleak.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sat, 24 Feb 2024 19:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOqRom9u7pH%2Bc9Sgyj3muV0Gp8STR8kPDLkACGdk5ansnILvnaCVMb77USydZ3J%2Bx86%2Flgnb9X5fEE1w8fgAi9498gSPhQBw15NelD7ow7LNyUSs7D0DJHBJvECX9mnuJgSNWMpNr4Z27iW%2B%2BY5vrA9y%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://gfaleak.click
access-control-allow-credentials
true
cf-ray
85aa335eebee8d9a-MIA
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.gfa1eak.click/ 		410 B
895 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.gfa1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=341548&h=9&m=43&s=58&url=https%3A%2F%2Fdocs.google.com&urlref=https%3A%2F%2Fdocs.google.com&_id=d7e37d2eda305b84&_idn=0&send_image=0&_refts=1708803839&_ref=https%3A%2F%2Fdocs.google.com&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=YzHhmk&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.gfa1eak.click
URL: https://matomo.gfa1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://gfaleak.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sat, 24 Feb 2024 19:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn98niT6qzjjmGY0WNZOn2vbx6iPuxqs%2Bw8wx%2BzXPIJxO7zENmbI%2BYafXR88HxY9HoEzWd45Fny4c9NYDSyScXoEojaE3NJpthEhxVLMmqG88XYOvWSzIlqXKMY%2Bt%2B6tKQUb013jGazsKBEusR5Q9ygKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://gfaleak.click
access-control-allow-credentials
true
cf-ray
85aa335eebf08d9a-MIA
alt-svc
h3=":443"; ma=86400
Primary Request aff.php
www.benaughty.com/
Redirect Chain
  • https://um6x.gfa1eak.click/leak-id-bXFVTTJxczRoUlltQmZRbjdiUjY4VWJMOFlsWXEwaXZKVVhyeXJnSXBBd21YeUU3bTF2N0VxcTFXL0hkNFA5OQ==
  • https://glxshnngstr.life/?s=157&t1=895&t2=&t4=974
  • https://glxshnngstr.life/?s=157&t1=895&t2=&t4=974&bc_r=1708803842
  • https://startelelogic.de/dating?extra_param_1=9e465e59a2fa897eb4bbd06180a4c73d242adf43&sub_id_1=895
  • https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_source=int&affid=f0df3f0c&clickid=37-708-20240224224356e85bbb500&subid=895
  • https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds...
22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.188 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gfaleak.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
5185
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Sat, 24 Feb 2024 19:44:04 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-akamai-transformed
9 4986 0 pmb=mTOE,2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 24 Feb 2024 19:44:04 GMT
location
https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
timing-allow-origin
*
via
1.1 dedf8f82a63be28fe4cc799f6c4bfc08.cloudfront.net (CloudFront)
x-amz-cf-id
-_3c0TO1_8CEXUFuaU6RqirCFiJNJoGNGTVszIXamsxZED9BGO99kA==
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
a34be0b3d085abca8a38483d8c76ae6e.css
www.benaughty.com/landing/resource/id/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/landing/resource/id/a34be0b3d085abca8a38483d8c76ae6e.css
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.188 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 19:44:04 GMT
content-encoding
br
last-modified
Wed, 31 Jan 2024 09:58:30 GMT
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=483332
alt-svc
h3=":443"; ma=93600
content-length
5280
expires
Fri, 01 Mar 2024 09:59:36 GMT
2b8f6217
www.benaughty.com/akam/13/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/akam/13/2b8f6217
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.188 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Feb 2024 19:44:04 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:10:00 GMT
etag
"2c4db447d7b818d0fabdb4f1afa85bc8520e45434bc3e2f2b0bd9dffdb4adf16"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
8787
expires
Sat, 24 Feb 2024 19:44:04 GMT
logoBeNaughtyBlack.svg
www.benaughty.com/assets/6db2d286/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benaughty.com/assets/6db2d286/logoBeNaughtyBlack.svg
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.188 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
br
date
Sat, 24 Feb 2024 19:44:04 GMT
last-modified
Wed, 22 Nov 2023 08:18:24 GMT
etag
W/"655db950-1797"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=475423
alt-svc
h3=":443"; ma=93600
content-length
2510
expires
Fri, 01 Mar 2024 07:47:47 GMT
c_f113d4f7f7c11d088d6c4c115a4ca317.js
www.benaughty.com/assets/1b3d1ccf/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.benaughty.com/assets/1b3d1ccf/c_f113d4f7f7c11d088d6c4c115a4ca317.js
Requested by
Host: www.benaughty.com
URL: https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.188 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.benaughty.com/aff.php?dci=8cef16789fa71b12fecc6921a725b83d79df6c21&dynamicpage=bn_wlp_5st_mod_a_d&utm_source=int&utm_ex=a&tds_campaign=b3022bel&tds_id=b3022bel_lp_a_1567434648817_bn&tds_ac_id=s3167bel&btUrl=aHR0cHM6Ly9zZWVrbXltYXRjaC5jb20vdGRzL2FlL2NiL3MvZWNjYzQzMTEyMGYwYzU0MmMwMzVhNDdmZTkwM2UwOWQ%2FX190PTE3MDg4MDM4NDQyOTgmX19sPTM2MDA%3D&tds_reason=direct&tds_host=seekmymatch.com&utm_campaign=f0df3f0c&tds_ao=1&_disAL=true&utm_funnel=tds&tds_ps=a&tdsId=b3022bel_lp_a_1567434648817_bn&s3=%7Bsubid2%7D&tds_cid=128bef0794645612f5cbc0b07f6b05ce1a266a02&tds_oid=12243002&s1=ps&tds_path=%2Ftds%2Fae&utm_content=895&utm_sub=opnfnl&p_tds_cid=&data2=37-708-20240224224356e85bbb500
Origin
https://www.benaughty.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
br
date
Sat, 24 Feb 2024 19:44:04 GMT
last-modified
Sat, 03 Feb 2024 08:05:34 GMT
etag
W/"655e1925-a5d0"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=735673
alt-svc
h3=":443"; ma=93600
content-length
9701
expires
Mon, 04 Mar 2024 08:05:17 GMT
4e5f9162cfaba44a84e979399bb877bb.js
www.benaughty.com/landing/resource/id/ 		0
0
intg.js
www.benaughty.com/t/tr/lp/ 		0
0
bts.js
www.benaughty.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.benaughty.com
URL
https://www.benaughty.com/landing/resource/id/4e5f9162cfaba44a84e979399bb877bb.js
Domain
www.benaughty.com
URL
https://www.benaughty.com/t/tr/lp/intg.js?v=213581632
Domain
www.benaughty.com
URL
https://www.benaughty.com/bts.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
gfaleak.click/ Name: _pk_ref.974.03dc
Value: %5B%22%22%2C%22%22%2C1708803839%2C%22https%3A%2F%2Fdocs.google.com%22%5D
gfaleak.click/ Name: _pk_id.974.03dc
Value: c98f6e31474a36ec.1708803839.
gfaleak.click/ Name: _pk_ses.974.03dc
Value: 1
gfaleak.click/ Name: _pk_ref.1.03dc
Value: %5B%22%22%2C%22%22%2C1708803839%2C%22https%3A%2F%2Fdocs.google.com%22%5D
gfaleak.click/ Name: _pk_id.1.03dc
Value: d7e37d2eda305b84.1708803839.
gfaleak.click/ Name: _pk_ses.1.03dc
Value: 1
.glxshnngstr.life/ Name: 82c4bfa05e11c2e54ccb6ec1e635deb9
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://matomo.gfa1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=341548&h=9&m=43&s=58&url=https%3A%2F%2Fdocs.google.com&urlref=https%3A%2F%2Fdocs.google.com&_id=d7e37d2eda305b84&_idn=0&send_image=0&_refts=1708803839&_ref=https%3A%2F%2Fdocs.google.com&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=YzHhmk&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Message:
Failed to load resource: the server responded with a status of 400 ()