urlscan.io logo urlscan.io
SecurityTrails logo

hello.fuckbook.tv Open in urlscan Pro
2a02:6ea0:c700::19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ileak.click/
Effective URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsemp...
Submission: On December 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 13 domains to perform 42 HTTP transactions. The main IP is 2a02:6ea0:c700::19, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is hello.fuckbook.tv.
TLS certificate: Issued by R3 on November 25th 2023. Valid for: 3 months.
This is the only time hello.fuckbook.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 18.173.233.51 16509 (AMAZON-02)
2 18.66.248.31 16509 (AMAZON-02)
25 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
42 10
1    2606:4700:3033::6815:9a (United States)

ASN13335 (CLOUDFLARENET, US)
ileak.click
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
matomo.i1eak.click
13.tbond.shop
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
nwv1.i1eak.click
2    2606:4700:3030::ac43:cc03 (United States)

ASN13335 (CLOUDFLARENET, US)
hprsncflw.life
1    2606:4700:3034::ac43:84eb (United States)

ASN13335 (CLOUDFLARENET, US)
geldpress.de
2    18.173.233.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-51.dus51.r.cloudfront.net
seekmymatch.com
2    18.66.248.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-31.dus51.r.cloudfront.net
empirelayer.club
25    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
hello.fuckbook.tv
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
25 fuckbook.tv
hello.fuckbook.tv
163 KB
6 i1eak.click
matomo.i1eak.click
nwv1.i1eak.click
25 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4165
onesignal.com — Cisco Umbrella Rank: 1473
73 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 empirelayer.club
empirelayer.club
2 KB
2 seekmymatch.com
seekmymatch.com
2 KB
2 hprsncflw.life
hprsncflw.life — Cisco Umbrella Rank: 490613
1018 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
85 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 geldpress.de
geldpress.de
845 B
1 tbond.shop
13.tbond.shop
454 B
1 ileak.click
ileak.click
1 KB
42 13
Domain Requested by
25 hello.fuckbook.tv seekmymatch.com
hello.fuckbook.tv
5 matomo.i1eak.click ileak.click
matomo.i1eak.click
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.onesignal.com hello.fuckbook.tv
cdn.onesignal.com
2 empirelayer.club seekmymatch.com
2 seekmymatch.com 1 redirects empirelayer.club
2 hprsncflw.life 2 redirects
1 onesignal.com cdn.onesignal.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com hello.fuckbook.tv
1 fonts.googleapis.com hello.fuckbook.tv
1 geldpress.de 1 redirects
1 13.tbond.shop 1 redirects
1 nwv1.i1eak.click 1 redirects
1 ileak.click
42 15

This site contains links to these domains. Also see Links.

Domain
www.fuckbook.tv
Subject Issuer Validity Valid
empirelayer.club
Amazon RSA 2048 M03		 2023-11-02 -
2024-11-30		 a year crt.sh
seekmymatch.com
Amazon RSA 2048 M02		 2023-11-02 -
2024-11-30		 a year crt.sh
1443267757.rsc.cdn77.org
R3		 2023-11-25 -
2024-02-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Frame ID: 90EEB8CE4A7A6A8E9EE2ACBF5A239835
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fuckbook - Are you looking for pleasure?

Page URL History Show full URLs

  1. http://ileak.click/ Page URL
  2. https://nwv1.i1eak.click/leak-id-b094YVhSUlRXaFJLb1lVd3g1WkJZMDB3NDdjbG16Y3VIU0szQk5ob0RxT3FEY21iNUFH... HTTP 302
    https://13.tbond.shop/bhtvl HTTP 302
    https://hprsncflw.life/?s=157&t1=895&t2= HTTP 302
    https://hprsncflw.life/?s=157&t1=895&t2=&bc_r=1701639901 HTTP 302
    https://geldpress.de/dating?extra_param_1=85237b7fdaea3f90ecb41db151b0bd17105e4025&sub_id_1=895 HTTP 302
    https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_sourc... HTTP 302
    https://empirelayer.club/tds/interlayer/eb/s/28c05661e2e77b9c686c03941b9c9f9c?__t=1701639903052&__l=3600 Page URL
  3. https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

42
Requests

86 %
HTTPS

85 %
IPv6

13
Domains

15
Subdomains

10
IPs

2
Countries

383 kB
Transfer

1078 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ileak.click/ Page URL
  2. https://nwv1.i1eak.click/leak-id-b094YVhSUlRXaFJLb1lVd3g1WkJZMDB3NDdjbG16Y3VIU0szQk5ob0RxT3FEY21iNUFHZkZnYzJOd0FXNjN2OA== HTTP 302
    https://13.tbond.shop/bhtvl HTTP 302
    https://hprsncflw.life/?s=157&t1=895&t2= HTTP 302
    https://hprsncflw.life/?s=157&t1=895&t2=&bc_r=1701639901 HTTP 302
    https://geldpress.de/dating?extra_param_1=85237b7fdaea3f90ecb41db151b0bd17105e4025&sub_id_1=895 HTTP 302
    https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_source=int&affid=f0df3f0c&clickid=37-708-2023120400445588209cf1b&subid=895 HTTP 302
    https://empirelayer.club/tds/interlayer/eb/s/28c05661e2e77b9c686c03941b9c9f9c?__t=1701639903052&__l=3600 Page URL
  3. https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://nwv1.i1eak.click/leak-id-b094YVhSUlRXaFJLb1lVd3g1WkJZMDB3NDdjbG16Y3VIU0szQk5ob0RxT3FEY21iNUFHZkZnYzJOd0FXNjN2OA== HTTP 302
  • https://13.tbond.shop/bhtvl HTTP 302
  • https://hprsncflw.life/?s=157&t1=895&t2= HTTP 302
  • https://hprsncflw.life/?s=157&t1=895&t2=&bc_r=1701639901 HTTP 302
  • https://geldpress.de/dating?extra_param_1=85237b7fdaea3f90ecb41db151b0bd17105e4025&sub_id_1=895 HTTP 302
  • https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_source=int&affid=f0df3f0c&clickid=37-708-2023120400445588209cf1b&subid=895 HTTP 302
  • https://empirelayer.club/tds/interlayer/eb/s/28c05661e2e77b9c686c03941b9c9f9c?__t=1701639903052&__l=3600

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ileak.click/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ileak.click/
Protocol
HTTP/1.1
Server
2606:4700:3033::6815:9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8947c496429a972b5a5c81bb46c41af719a007b7bae2a4b5c3398737f3c5d2dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
82fefe7cbf5703d0-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 03 Dec 2023 21:44:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEIzOy6VcJIm1MBU6czP%2FrHlsh%2F9IHtKDc9a%2FkzWYe5tywOCViunv1i7N72Qd0tx0cVrd8GyPAqxMRhWED9TcPaZWALGirRYFln6Mm5HU4rRUEw8xlARq9WqwDMkEKis35WalUuqKiUHew%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
piwik.js
matomo.i1eak.click/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://matomo.i1eak.click/piwik.js
Requested by
Host: ileak.click
URL: http://ileak.click/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ileak.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 21:44:59 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
352645
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Sat, 08 Jul 2023 19:37:26 GMT
Server
cloudflare
ETag
W/"64a9baf6-10132"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8FZ%2FNHLRdrlITIG6YF3CvGcd2q0DIebuBLR6LHVB1tVLiQ3CtsInchI%2FX%2FbyRAgdDpMX102OgKByYJYiHtpi2UiMrA%2FBxfjLu7oWrHTLZhV3vMEVmi5yRvIToXYrVt2EGd2toMD%2BE%2FX2LEG1%2BsBNKg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=315360000
CF-RAY
82fefe7d4834f0ec-CDG
Expires
Thu, 31 Dec 2037 23:55:55 GMT
piwik.php
matomo.i1eak.click/ 		0
670 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://matomo.i1eak.click/piwik.php?action_name=&idsite=952&rec=1&r=282620&h=22&m=44&s=59&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=2ecd820616fe7d8b&_idn=1&send_image=0&_refts=1701639900&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=JxnWhi&pf_net=256&pf_srv=33&pf_tfr=1&pf_dm1=16&uadata=%7B%7D
Requested by
Host: matomo.i1eak.click
URL: http://matomo.i1eak.click/piwik.js
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ileak.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Sun, 03 Dec 2023 21:44:59 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfGDzEh4vVOHRLk3ouznBDX54SmUTcRpdW2o2PvWSSLdC1wgaZh5sR1e36zxESuyyGhTdssZ5LKoJw%2FTr6vap9vtC9yD%2FRWvNpcPdElenCe48w%2BMsGgQh8yWOE0Z84x8CHl1w%2BUifus51aTwRQkWUv8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://ileak.click
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
82fefe7d9894f0ec-CDG
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.i1eak.click/ 		0
674 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://matomo.i1eak.click/piwik.php?action_name=&idsite=1&rec=1&r=246924&h=22&m=44&s=59&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=d062e51bf6163d21&_idn=1&send_image=0&_refts=1701639900&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=95HdLp&pf_net=256&pf_srv=33&pf_tfr=1&pf_dm1=16&uadata=%7B%7D
Requested by
Host: matomo.i1eak.click
URL: http://matomo.i1eak.click/piwik.js
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ileak.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Sun, 03 Dec 2023 21:44:59 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3D6p1mhX4HCLGRGY8xDFYg61hADkrxzPwplDNyT3vEd9cvYs4Hylvxpqw5%2BPGtS3R%2Bf1ILlWXRZs8BrNFF%2F7gy0Dtn7v%2B9VcMTNbA%2F6eF5JEdReIsEslvLw81yC%2FehxEmPEQLYn4Ht4qqGzZsZiXDE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://ileak.click
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
82fefe7d9bdd30c3-FRA
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.i1eak.click/ 		0
670 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://matomo.i1eak.click/piwik.php?idgoal=1&idsite=952&rec=1&r=762593&h=22&m=44&s=59&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=2ecd820616fe7d8b&_idn=0&send_image=0&_refts=1701639900&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=JxnWhi&uadata=%7B%7D
Requested by
Host: matomo.i1eak.click
URL: http://matomo.i1eak.click/piwik.js
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ileak.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Sun, 03 Dec 2023 21:45:00 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7n%2B%2BYdRTNrXLUN6QnC8BXd0bs%2FV8rK2kBLS8Hd1K9gsUbkHxWvvR8ndvHUzEh17a9Sv0Y082CvldvPRwec3AoGpq2xVza62kLnxo4mYbx6GSiYQO2LTJTZtlQ24rTNs%2FlSNDkBFND1dPkXLAIWDx68%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://ileak.click
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
82fefe829e76f0ec-CDG
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.i1eak.click/ 		410 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
http://matomo.i1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=431656&h=22&m=44&s=59&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=d062e51bf6163d21&_idn=0&send_image=0&_refts=1701639900&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=95HdLp&uadata=%7B%7D
Requested by
Host: matomo.i1eak.click
URL: http://matomo.i1eak.click/piwik.js
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

Referer
http://ileak.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Sun, 03 Dec 2023 21:45:00 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8v%2BXCWEEVA67zEfGR3rW5yagr%2FMvwVgKxJj6b%2Bc0wikjNN1Q0xhaJ8F%2BD8YtCmHaQBnghNXHzMyFYYzcf%2FJQ3fQVb4wY2vPNqmw69HC0ksyWnYLCaC7p3%2B6e7z8Lim2X5BYZ7Gtj2be2teEu6Pz5qbM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://ileak.click
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
82fefe8288de30c3-FRA
alt-svc
h3=":443"; ma=86400
28c05661e2e77b9c686c03941b9c9f9c
empirelayer.club/tds/interlayer/eb/s/
Redirect Chain
  • https://nwv1.i1eak.click/leak-id-b094YVhSUlRXaFJLb1lVd3g1WkJZMDB3NDdjbG16Y3VIU0szQk5ob0RxT3FEY21iNUFHZkZnYzJOd0FXNjN2OA==
  • https://13.tbond.shop/bhtvl
  • https://hprsncflw.life/?s=157&t1=895&t2=
  • https://hprsncflw.life/?s=157&t1=895&t2=&bc_r=1701639901
  • https://geldpress.de/dating?extra_param_1=85237b7fdaea3f90ecb41db151b0bd17105e4025&sub_id_1=895
  • https://seekmymatch.com/tds/ae?tdsId=s3167bel_r&tds_campaign=s3167bel&utm_sub=opnfnl&s1=ps&utm_source=int&affid=f0df3f0c&clickid=37-708-2023120400445588209cf1b&subid=895
  • https://empirelayer.club/tds/interlayer/eb/s/28c05661e2e77b9c686c03941b9c9f9c?__t=1701639903052&__l=3600
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://empirelayer.club/tds/interlayer/eb/s/28c05661e2e77b9c686c03941b9c9f9c?__t=1701639903052&__l=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-31.dus51.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Referer
http://ileak.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Sun, 03 Dec 2023 21:45:03 GMT
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
x-amz-cf-id
vgLEKRN-g8M1wW9k9sFZR1dlmg-OEW6trkc2AA8lg123ixikPWqN2A==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Dec 2023 21:45:03 GMT
location
https://empirelayer.club/tds/interlayer/eb/s/28c05661e2e77b9c686c03941b9c9f9c?__t=1701639903052&__l=3600
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
timing-allow-origin
*
via
1.1 2e24611fddbdff423496835dad3bf4bc.cloudfront.net (CloudFront)
x-amz-cf-id
8xV2hHWQFFUqc0rvIPip7dveF88N9Idx5CfJAgdqnMdkJIEWeUodvA==
x-amz-cf-pop
DUS51-P3
x-cache
Miss from cloudfront
index.js
seekmymatch.com/lp-external/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seekmymatch.com/lp-external/index.js
Requested by
Host: empirelayer.club
URL: https://empirelayer.club/tds/interlayer/eb/s/28c05661e2e77b9c686c03941b9c9f9c?__t=1701639903052&__l=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-51.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
73e2c7224792905f76c1de153d5b8f09657e8edcdfd7832470cbca45446360a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://empirelayer.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
via
1.1 2e24611fddbdff423496835dad3bf4bc.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 29 Nov 2023 12:51:54 GMT
server
nginx
etag
W/"8b7-18c1b22ca10"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex
x-amz-cf-id
xGPqYeJ50buTVjdg8DhFtTTkIhBV8f-hnbNGlYqQwYvTH-hmGau8UA==
interlayer
empirelayer.club/tds/ 		0
499 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://empirelayer.club/tds/interlayer?handler=ExternalBackofferEvent&urlIn=https%3A%2F%2Fempirelayer.club%2Ftds%2Finterlayer%2Feb%2Fs%2F28c05661e2e77b9c686c03941b9c9f9c%3F__t%3D1701639903052%26__l%3D3600&urlOut=https%3A%2F%2Fhello.fuckbook.tv%2Flander%2Fsk_version9%2F%3Fsubaff2%3D895%26offerit_conversion_variables.subaff%3Df0df3f0c%26offerit_code%3DadsempireS.2.2.391.0.0.0.0.0.0.0.0%26offerit_conversion_variables._ocid%3Dbc0f962369c35aef64d38176668a58b293f964c2%26tds_cid%3Dbc0f962369c35aef64d38176668a58b293f964c2&altQs=utm_campaign%3Df0df3f0c%26utm_source%3Dint%26utm_content%3D895%26data2%3D37-708-2023120400445588209cf1b%26s1%3Dps%26s3%3D%257Bsubid2%257D%26tds_campaign%3Db9685mar%26tds_id%3Db9685mar_lp_a_1623746578967_fuckbook%26tds_oid%3D00e493f6%26tds_cid%3Dbc0f962369c35aef64d38176668a58b293f964c2%26tds_ac_id%3Ds3167bel%26p_tds_cid%3D19ac8a7a3f469e8984c26311834401e47a176cfe%26tds_host%3Dseekmymatch.com%26tds_path%3D%252Ftds%252Fae%26dci%3Dfef9253f29e4228787c2caeab471efe4eeffe093%26tds_ps%3Da&tdsCid=bc0f962369c35aef64d38176668a58b293f964c2&reason=beacon&visitsCount=1&ts=1701639903179
Requested by
Host: seekmymatch.com
URL: https://seekmymatch.com/lp-external/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-31.dus51.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://empirelayer.club/tds/interlayer/eb/s/28c05661e2e77b9c686c03941b9c9f9c?__t=1701639903052&__l=3600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:45:03 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
SvvrOiAk6Px8oy7Qj8b17_pDCChZMjR_2y1MtwCT3n38enn8o6SRNw==
Primary Request /
hello.fuckbook.tv/lander/sk_version9/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Requested by
Host: seekmymatch.com
URL: https://seekmymatch.com/lp-external/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7351b540843579925e727bc51bb64216e186d00d6539256bd270f4c0812f7732

Request headers

Referer
https://empirelayer.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sun, 03 Dec 2023 21:45:03 GMT
etag
W/"64f8416f-32eb"
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
902127
x-77-cache
HIT
x-77-nzt
AsO1qhE3Nzf/ip8NANRmOBE3Nzf/ZSQAAA
x-77-nzt-ray
4c156224ffaa0827dff66c65597c5c0d
x-77-pop
frankfurtDE
x-accel-date
1700747093
x-accel-expires
@1701774576
x-age-lb
892810
x-cache-lb
HIT
main.css
hello.fuckbook.tv/lander/sk_version9/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/lander/sk_version9/assets/css/main.css
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
48ed023c883fc98a14daa0e7887a32694651229a87634262b9483eff11fb6dd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
892311
x-77-cache
HIT
x-accel-date
1700747592
x-77-nzt
AsO1qhE3Nzf/l50NANRmOBE3Nzf/ACUAAA
x-accel-expires
@1701774920
x-77-age
901783
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
W/"64f8416f-1504"
x-77-nzt-ray
4c156224ffaa0827dff66c651af1a00e
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito|Roboto
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f4179ea798e988a62b7461129aab5b88ddb7a93cb805b33bebbfd866ae28780
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 21:45:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 21:45:03 GMT
bootstrap.min.css
hello.fuckbook.tv/lander/sk_version9/assets/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/lander/sk_version9/assets/css/bootstrap.min.css
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
892311
x-77-cache
HIT
x-accel-date
1700747592
x-77-nzt
EgwBw7WqEQH3l50NAAwB1GY4nAH3ACUAAA
x-accel-expires
@1701774920
x-77-age
901783
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
W/"64f8416f-22682"
x-77-nzt-ray
4c156224ffaa0827dff66c65440a470f
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
loader.css
hello.fuckbook.tv/_fuckbook/ 		698 B
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_fuckbook/loader.css
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e7b8ac018c02d7f6e1d765a5dfe8d8a231339c8c2afc59d47b6355823195507a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900445
x-77-cache
HIT
x-accel-date
1700739458
x-77-nzt
AsO1qhE3Nzf/Xb0NANRmOAk3Nzf/lwYAAA
x-accel-expires
@1701774571
x-77-age
902132
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-2ba"
x-77-nzt-ray
4c156224ffaa0827dff66c651f2b570f
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
jquery-2.2.4.min.js
hello.fuckbook.tv/_vendor/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_vendor/jquery-2.2.4.min.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900445
x-77-cache
HIT
x-accel-date
1700739458
x-77-nzt
AsO1qhE3Nzf/Xb0NANRmOBE3Nzf/lwYAAA
x-accel-expires
@1701774571
x-77-age
902132
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-14e49"
x-77-nzt-ray
4c156224ffaa0827dff66c65f607b20f
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
popwin.js
hello.fuckbook.tv/lander/sk_version9/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/lander/sk_version9/assets/js/popwin.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a616191739c34a7e06849d477f62511c9e5fba6cee3619b9974f1022b1a6b7a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
892311
x-77-cache
HIT
x-accel-date
1700747592
x-77-nzt
EgwBw7WqEQH3l50NAAwB1GY4nAH3/yQAAA
x-accel-expires
@1701774921
x-77-age
901782
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
W/"64f8416f-7f1"
x-77-nzt-ray
4c156224ffaa0827dff66c656a3a8011
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
script.js
hello.fuckbook.tv/lander/sk_version9/assets/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/lander/sk_version9/assets/js/script.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1f813fa905ff1b9726cdedab6bceaa19dbddcaa9d974f25d468c06fc186c6a10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
892311
x-77-cache
HIT
x-accel-date
1700747592
x-77-nzt
AsO1qhE3Nzf/l50NANRmOAk3Nzf/ACUAAA
x-accel-expires
@1701774920
x-77-age
901783
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
W/"64f8416f-cad8"
x-77-nzt-ray
4c156224ffaa0827dff66c65005dbd11
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
jquery-ui.effects_min.js
hello.fuckbook.tv/lander/sk_version9/assets/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/lander/sk_version9/assets/js/jquery-ui.effects_min.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ee8f6966cc5af322e27eb42fb1eb0fb7e6660a9b09925a5d27abb3de7da8f4f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
892311
x-77-cache
HIT
x-accel-date
1700747592
x-77-nzt
AsO1qhE3Nzf/l50NANRmOAk3Nzf/ACUAAA
x-accel-expires
@1701774920
x-77-age
901783
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
W/"64f8416f-614f"
x-77-nzt-ray
4c156224ffaa0827dff66c65141b7f12
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
universalPS.js
hello.fuckbook.tv/lander/sk_version9/assets/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/lander/sk_version9/assets/js/universalPS.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9cb6284baf8d5785254eeffc17cf53bc32d63e7ae881dd2fef8da67c32397d8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
892311
x-77-cache
HIT
x-accel-date
1700747592
x-77-nzt
EgwBw7WqEQH3l50NAAwBJRPCKAH3ACUAAA
x-accel-expires
@1701774920
x-77-age
901783
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
W/"64f8416f-3f26"
x-77-nzt-ray
4c156224ffaa0827dff66c652a828f12
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
ff_actions.js
hello.fuckbook.tv/lander/sk_version9/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/lander/sk_version9/assets/js/ff_actions.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7c71d6ed5df5d69bf38e97ec679045a9c90264585b22b604f3c26c13e60b5cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
892311
x-77-cache
HIT
x-accel-date
1700747592
x-77-nzt
EgwBw7WqEQH3l50NAAwB1GY4EQHXACUAAA
x-accel-expires
@1701774920
x-77-age
901783
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
W/"64f8416f-183d"
x-77-nzt-ray
4c156224ffaa0827dff66c65b7389c12
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
api-form-mapper.js
hello.fuckbook.tv/lander/sk_version9/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/lander/sk_version9/assets/js/api-form-mapper.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
df13b88b18295cf23f7afbc5b89f4c8b30378afee1ba0dc584cb07e90b5fd8c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
892311
x-77-cache
HIT
x-accel-date
1700747592
x-77-nzt
AsO1qhE3Nzf/l50NANRmOAk3Nzf/ACUAAA
x-accel-expires
@1701774920
x-77-age
901783
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
W/"64f8416f-886"
x-77-nzt-ray
4c156224ffaa0827dff66c65be5a6313
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
Config-fuckbook_pps.js
hello.fuckbook.tv/_fuckbook/ 		108 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_fuckbook/Config-fuckbook_pps.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fab0ce7f6462ecb77026b7ebe9c07f478a784c00eb03160bf2ac7e9abab84e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
899196
x-77-cache
HIT
x-accel-date
1700740707
x-77-nzt
EgwBw7WqEQH3fLgNAAwBJRPCKAH3dwsAAA
x-accel-expires
@1701774572
x-77-age
902131
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-6c"
x-77-nzt-ray
4c156224ffaa0827dff66c650aba7013
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
bundle.js
hello.fuckbook.tv/_webpack/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_webpack/bundle.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c107c46bb1294b24f52aefad38ca86f6debc075d096b99cc10984f2c2335dfa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900460
x-77-cache
HIT
x-accel-date
1700739443
x-77-nzt
EgwBw7WqEQH3bL0NAAwBJRPCKAH3iAYAAA
x-accel-expires
@1701774571
x-77-age
902132
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-25bd"
x-77-nzt-ray
4c156224ffaa0827dff66c65adde3a14
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
CommonMapper.js
hello.fuckbook.tv/_fuckbook/ 		390 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_fuckbook/CommonMapper.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d99f8f8498505a16d8dd93e233007c3937e2d4c9dd3eaaa4f647c378761f9791

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900445
x-77-cache
HIT
x-accel-date
1700739458
x-77-nzt
AsO1qhE3Nzf/Xb0NANRmOBE3Nzf/lwYAAA
x-accel-expires
@1701774571
x-77-age
902132
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-186"
x-77-nzt-ray
4c156224ffaa0827dff66c65b0924514
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
Api.js
hello.fuckbook.tv/_fuckbook/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_fuckbook/Api.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b5c84c45fbdb5bf43aadb8a801125e86fc98662426da6069704078bab9b13ecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900460
x-77-cache
HIT
x-accel-date
1700739443
x-77-nzt
AsO1qhE3Nzf/bL0NANRmOAk3Nzf/hwYAAA
x-accel-expires
@1701774572
x-77-age
902131
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-606"
x-77-nzt-ray
4c156224ffaa0827dff66c658a099314
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
promise.js
hello.fuckbook.tv/_vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_vendor/promise.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9fbbf200dbf021f29455b9d6d7f30684651c947c2a4efb2d25c899ba8aa0305b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900445
x-77-cache
HIT
x-accel-date
1700739458
x-77-nzt
AsO1qhE3Nzf/Xb0NANRmOBE3Nzf/lwYAAA
x-accel-expires
@1701774571
x-77-age
902132
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-185b"
x-77-nzt-ray
4c156224ffaa0827dff66c65e8d09d14
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
fetch.js
hello.fuckbook.tv/_vendor/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_vendor/fetch.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
569412044c38c2bea3e7fe86b0adf72eb004e84abafbf4eadc951b7026a4e976

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900445
x-77-cache
HIT
x-accel-date
1700739458
x-77-nzt
AsO1qhE3Nzf/Xb0NANRmOBE3Nzf/lwYAAA
x-accel-expires
@1701774571
x-77-age
902132
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-32d4"
x-77-nzt-ray
4c156224ffaa0827dff66c65f5d9fc14
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VSC39DNY4C
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14445e1904e02e82d60ca9fa8d23ef1a6cdf869fabaa6893d2705a1cd19b674e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86199
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Dec 2023 21:45:03 GMT
ga4.js
hello.fuckbook.tv/_vendor/ 		144 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_vendor/ga4.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0cb0096d4905ecc3cc8b7e120fdfa072eb01b572e3329f90110acc92b3f1eae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900460
x-77-cache
HIT
x-accel-date
1700739443
x-77-nzt
EgwBw7WqEQH3bL0NAAwB1GY4nAH3hwYAAA
x-accel-expires
@1701774572
x-77-age
902131
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-90"
x-77-nzt-ray
4c156224ffaa0827dff66c6530246415
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:45:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
363
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82fefe9439a23a7a-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Dec 2023 21:45:03 GMT
logo.svg
hello.fuckbook.tv/lander/sk_version9/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hello.fuckbook.tv/lander/sk_version9/img/logo.svg
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ff53100e422f92848191eaa91ab97de29366d954494ca855eb90f64129477356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
892308
x-77-cache
HIT
x-accel-date
1700747595
x-77-nzt
EgwBw7WqEQH3lJ0NAAwB1GY4nAH3AyUAAA
x-accel-expires
@1701774920
x-77-age
901783
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
W/"64f8416f-1142"
x-77-nzt-ray
4c156224ffaa0827dff66c6558f7e015
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
general.js
hello.fuckbook.tv/_scripts/ 		776 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_scripts/general.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
83d620321e127757d6d2b7517c85cb8eea2c28b6eecb2330198bf16fd83419a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900445
x-77-cache
HIT
x-accel-date
1700739458
x-77-nzt
EgwBw7WqEQH3Xb0NAAwBJRPCKAH3lgYAAA
x-accel-expires
@1701774572
x-77-age
902131
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-308"
x-77-nzt-ray
4c156224ffaa0827dff66c65d59d2016
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
second-offer.js
hello.fuckbook.tv/_scripts/ 		607 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_scripts/second-offer.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a0a8b96aecc27221d9bb86b0b2387c1fd1bf23c016ee21f11b53e186f0aa2498

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900445
x-77-cache
HIT
x-accel-date
1700739458
x-77-nzt
EgwBw7WqEQH3Xb0NAAwB1GY4nAH3lQYAAA
x-accel-expires
@1701774573
x-77-age
902130
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-25f"
x-77-nzt-ray
4c156224ffaa0827dff66c65b5e38019
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
back-button-redirect_dating.js
hello.fuckbook.tv/_scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_scripts/back-button-redirect_dating.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f0f916fe422b5082216b1ef8cf715d2c78752a703f75ede6c068e734f6ef924b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
898916
x-77-cache
HIT
x-accel-date
1700740987
x-77-nzt
AsO1qhE3Nzf/ZLcNANRmOBE3Nzf/jgwAAA
x-accel-expires
@1701774573
x-77-age
902130
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-80d"
x-77-nzt-ray
4c156224ffaa0827dff66c65ae75df19
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
close-button-redirect.js
hello.fuckbook.tv/_scripts/ 		617 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hello.fuckbook.tv/_scripts/close-button-redirect.js
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ec9eff91231fb2886c12a055d47ed9dd765b962cb58fe730021fbe98aa694ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/?subaff2=895&offerit_conversion_variables.subaff=f0df3f0c&offerit_code=adsempireS.2.2.391.0.0.0.0.0.0.0.0&offerit_conversion_variables._ocid=bc0f962369c35aef64d38176668a58b293f964c2&tds_cid=bc0f962369c35aef64d38176668a58b293f964c2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
content-encoding
gzip
x-age-lb
900444
x-77-cache
HIT
x-accel-date
1700739459
x-77-nzt
AsO1qhE3Nzf/XL0NANRmOAk3Nzf/lgYAAA
x-accel-expires
@1701774573
x-77-age
902130
x-cache-lb
HIT
last-modified
Fri, 20 Oct 2023 07:31:42 GMT
server
CDN77-Turbo
etag
W/"65322cde-269"
x-77-nzt-ray
4c156224ffaa0827dff66c65c143ea19
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
wallpaper.jpg
hello.fuckbook.tv/lander/sk_version9/img/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hello.fuckbook.tv/lander/sk_version9/img/wallpaper.jpg
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
213cbec58f7af275e492d60c8e470473a13316b0c9de7d9d77c625c562391373

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
x-age-lb
892308
x-77-cache
HIT
x-accel-date
1700747595
content-length
54312
x-77-nzt
AsO1qhE3Nzf/lJ0NANRmOAk3Nzf/AiUAAA
x-accel-expires
@1701774921
x-77-age
901782
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
"64f8416f-d428"
x-77-nzt-ray
4c156224ffaa0827dff66c6570f8311a
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
select_arrow.png
hello.fuckbook.tv/lander/sk_version9/img/ 		333 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hello.fuckbook.tv/lander/sk_version9/img/select_arrow.png
Requested by
Host: hello.fuckbook.tv
URL: https://hello.fuckbook.tv/lander/sk_version9/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
54ac019d976973c998eb1d8a2af8619badc07e2ad8f5ffce668446fa1c49b65a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/lander/sk_version9/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 03 Dec 2023 21:45:03 GMT
x-age-lb
892308
x-77-cache
HIT
x-accel-date
1700747595
content-length
333
x-77-nzt
EgwBw7WqEQH3lJ0NAAwBJRPCKAH3AiUAAA
x-accel-expires
@1701774921
x-77-age
901782
x-cache-lb
HIT
last-modified
Wed, 06 Sep 2023 09:07:59 GMT
server
CDN77-Turbo
etag
"64f8416f-14d"
x-77-nzt-ray
4c156224ffaa0827dff66c652230c01a
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hello.fuckbook.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:42:03 GMT
x-content-type-options
nosniff
age
295380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16292
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:41:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 11:42:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hello.fuckbook.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options
nosniff
age
115674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 13:37:09 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:45:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2830
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82fefe9459bf3a7a-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Dec 2023 21:45:03 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VSC39DNY4C&gtm=45je3bt0v894807806&_p=1701639903371&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=112026881.1701639903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701639903&sct=1&seg=0&dl=https%3A%2F%2Fhello.fuckbook.tv%2Flander%2Fsk_version9%2F%3Fsubaff2%3D895%26offerit_conversion_variables.subaff%3Df0df3f0c%26offerit_code%3DadsempireS.2.2.391.0.0.0.0.0.0.0.0%26offerit_conversion_variables._ocid%3Dbc0f962369c35aef64d38176668a58b293f964c2%26tds_cid%3Dbc0f962369c35aef64d38176668a58b293f964c2&dr=https%3A%2F%2Fempirelayer.club%2F&dt=Fuckbook%20-%20Are%20you%20looking%20for%20pleasure%3F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=272
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSC39DNY4C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 21:45:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hello.fuckbook.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/ac1bc1fa-8439-4eee-9674-0cd2a7f70d1a/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/ac1bc1fa-8439-4eee-9674-0cd2a7f70d1a/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ac5208a35ec5122df913858b874d6d7f2838319a34826f7d7bbdd5858f5b73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hello.fuckbook.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:45:03 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
746
cf-polished
origSize=3410
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
65f72f31-bbd5-43c2-ae35-dabda9e434f2
x-runtime
0.031010
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"40ee6175b36fe26b03f5db3e620aed8f"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
82fefe94aa1c3a7a-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 03 Dec 2023 22:45:03 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| popWinHandler object| translation function| replace_text function| translation_available function| detect_language function| translate number| stepsNo number| currentStep string| st string| pr string| covering number| disabledElements undefined| stepsWidth string| animationType number| animationSpeed boolean| activeTab object| universalPS object| ResizeWindow function| canIanimate function| canIanimateWithErrors function| canIanimateWithEmptyInputs function| gotoStepNo function| fadeToStepNo function| transitionFadeToStepNo function| coveringFadeToStepNo function| slideToStepNo function| repositionSlides function| generateStepIcons function| getStepNumberFromClass function| makeSlider function| updateWidth function| updateActive number| regLocation number| maxNum number| minNum number| stepNr function| printFriends function| printBullets function| printPosts function| promoSidebar function| getRandomInt function| fastForwardStart function| pageTweaks function| SgmproMapper object| FuckbookConfig object| qs function| FuckbookCommonMapper function| FuckbookApi function| gtag object| dataLayer object| api string| jsvw number| adblT function| OneSignal object| Url object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| secondOffer number| __oneSignalSdkLoadCount function| __jp0 object| _boSettings object| searchParams object| oid string| y object| x

15 Cookies

Domain/Path Name / Value
ileak.click/ Name: _pk_ref.952.3ef5
Value: %5B%22%22%2C%22%22%2C1701639900%2C%22https%3A%2F%2Fgroups.google.com%2F%22%5D
ileak.click/ Name: _pk_id.952.3ef5
Value: 2ecd820616fe7d8b.1701639900.
ileak.click/ Name: _pk_ses.952.3ef5
Value: 1
ileak.click/ Name: _pk_ref.1.3ef5
Value: %5B%22%22%2C%22%22%2C1701639900%2C%22https%3A%2F%2Fgroups.google.com%2F%22%5D
ileak.click/ Name: _pk_id.1.3ef5
Value: d062e51bf6163d21.1701639900.
ileak.click/ Name: _pk_ses.1.3ef5
Value: 1
.hprsncflw.life/ Name: f3784ece3ea7c372100165a1cabb8f0d
Value: 1
.hprsncflw.life/ Name: 4fe4802442ae4d9e4c4f36dc57d3cd07
Value: 1
.geldpress.de/ Name: fed5c602
Value: 708
.geldpress.de/ Name: f0ffe
Value: %7B%22streams%22%3A%7B%22708%22%3A1701639895%7D%2C%22campaigns%22%3A%7B%2237%22%3A1701639895%7D%2C%22time%22%3A1701639895%7D
.seekmymatch.com/ Name: dci
Value: fef9253f29e4228787c2caeab471efe4eeffe093
seekmymatch.com/ Name: dm
Value: fe450dd0d1dadc615429144d33241f42
.onesignal.com/ Name: __cf_bm
Value: 9jRHcb6WWUyPsOaSxHWwdnCCDqo3yqzwe_4W7.QVWeQ-1701639903-0-AUV+oFzoFjWBcT13xZ2lG7ZwHTwmQNWb87aZW0VGpkbbmnqZph1ayVGeGXO2Nva2nX+4M03nsWACsuGuy+kcl7g=
.fuckbook.tv/ Name: _ga
Value: GA1.1.112026881.1701639903
.fuckbook.tv/ Name: _ga_VSC39DNY4C
Value: GS1.1.1701639903.1.0.1701639903.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: http://matomo.i1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=431656&h=22&m=44&s=59&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=d062e51bf6163d21&_idn=0&send_image=0&_refts=1701639900&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=95HdLp&uadata=%7B%7D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13.tbond.shop
cdn.onesignal.com
empirelayer.club
fonts.googleapis.com
fonts.gstatic.com
geldpress.de
hello.fuckbook.tv
hprsncflw.life
ileak.click
matomo.i1eak.click
nwv1.i1eak.click
onesignal.com
region1.google-analytics.com
seekmymatch.com
www.googletagmanager.com
18.173.233.51
18.66.248.31
2001:4860:4802:32::36
2606:4700:3030::ac43:cc03
2606:4700:3033::6815:9a
2606:4700:3034::ac43:84eb
2606:4700::6812:d73b
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a02:6ea0:c700::19
2a06:98c1:3120::3
2a06:98c1:3121::3
0cb0096d4905ecc3cc8b7e120fdfa072eb01b572e3329f90110acc92b3f1eae2
14445e1904e02e82d60ca9fa8d23ef1a6cdf869fabaa6893d2705a1cd19b674e
1f813fa905ff1b9726cdedab6bceaa19dbddcaa9d974f25d468c06fc186c6a10
213cbec58f7af275e492d60c8e470473a13316b0c9de7d9d77c625c562391373
2f4179ea798e988a62b7461129aab5b88ddb7a93cb805b33bebbfd866ae28780
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
48ed023c883fc98a14daa0e7887a32694651229a87634262b9483eff11fb6dd7
52ac5208a35ec5122df913858b874d6d7f2838319a34826f7d7bbdd5858f5b73
54ac019d976973c998eb1d8a2af8619badc07e2ad8f5ffce668446fa1c49b65a
569412044c38c2bea3e7fe86b0adf72eb004e84abafbf4eadc951b7026a4e976
7351b540843579925e727bc51bb64216e186d00d6539256bd270f4c0812f7732
73e2c7224792905f76c1de153d5b8f09657e8edcdfd7832470cbca45446360a4
7c71d6ed5df5d69bf38e97ec679045a9c90264585b22b604f3c26c13e60b5cd5
83d620321e127757d6d2b7517c85cb8eea2c28b6eecb2330198bf16fd83419a5
8947c496429a972b5a5c81bb46c41af719a007b7bae2a4b5c3398737f3c5d2dc
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
9cb6284baf8d5785254eeffc17cf53bc32d63e7ae881dd2fef8da67c32397d8a
9fbbf200dbf021f29455b9d6d7f30684651c947c2a4efb2d25c899ba8aa0305b
a0a8b96aecc27221d9bb86b0b2387c1fd1bf23c016ee21f11b53e186f0aa2498
a616191739c34a7e06849d477f62511c9e5fba6cee3619b9974f1022b1a6b7a1
b5c84c45fbdb5bf43aadb8a801125e86fc98662426da6069704078bab9b13ecb
c107c46bb1294b24f52aefad38ca86f6debc075d096b99cc10984f2c2335dfa3
cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d99f8f8498505a16d8dd93e233007c3937e2d4c9dd3eaaa4f647c378761f9791
df13b88b18295cf23f7afbc5b89f4c8b30378afee1ba0dc584cb07e90b5fd8c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b8ac018c02d7f6e1d765a5dfe8d8a231339c8c2afc59d47b6355823195507a
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec9eff91231fb2886c12a055d47ed9dd765b962cb58fe730021fbe98aa694ac5
ee8f6966cc5af322e27eb42fb1eb0fb7e6660a9b09925a5d27abb3de7da8f4f2
f0f916fe422b5082216b1ef8cf715d2c78752a703f75ede6c068e734f6ef924b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fab0ce7f6462ecb77026b7ebe9c07f478a784c00eb03160bf2ac7e9abab84e51
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
ff53100e422f92848191eaa91ab97de29366d954494ca855eb90f64129477356