urlscan.io logo urlscan.io
SecurityTrails logo

narrationfile.info Open in urlscan Pro
2606:4700:3033::ac43:bee0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://reurl.cc/NqmQXx
Effective URL: https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
Submission: On April 22 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3033::ac43:bee0, located in United States and belongs to CLOUDFLARENET, US. The main domain is narrationfile.info.
TLS certificate: Issued by GTS CA 1P5 on April 20th 2023. Valid for: 3 months.
This is the only time narrationfile.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.239.169.132 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
easdxfgiklgvgyicuy.blob.core.windows.net
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    195.133.83.195 (Czech Republic)

ASN398343 (BAXET-GROUP, US)
youthsgrame.com
6    2606:4700:3033::ac43:bee0 (United States)

ASN13335 (CLOUDFLARENET, US)
narrationfile.info
Apex Domain
Subdomains		 Transfer
6 narrationfile.info
narrationfile.info
6 KB
4 reurl.cc
reurl.cc — Cisco Umbrella Rank: 273936
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
91 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
20 KB
1 youthsgrame.com
youthsgrame.com
434 B
1 google.de
www.google.de — Cisco Umbrella Rank: 3425
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 16
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
344 B
1 windows.net
easdxfgiklgvgyicuy.blob.core.windows.net
576 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
19 10
Domain Requested by
6 narrationfile.info 2 redirects youthsgrame.com
narrationfile.info
4 reurl.cc reurl.cc
3 connect.facebook.net reurl.cc
connect.facebook.net
2 www.google-analytics.com reurl.cc
www.google-analytics.com
1 youthsgrame.com easdxfgiklgvgyicuy.blob.core.windows.net
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 easdxfgiklgvgyicuy.blob.core.windows.net reurl.cc
1 www.facebook.com reurl.cc
19 10

This site contains no links.

Subject Issuer Validity Valid
reurl.cc
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-30 -
2023-04-30		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2023-03-22 -
2024-03-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
youthsgrame.com
R3		 2023-03-09 -
2023-06-07		 3 months crt.sh
narrationfile.info
GTS CA 1P5		 2023-04-20 -
2023-07-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
Frame ID: 42ED0FFD2223BE8B0CAF6E65CB4A0BA2
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

One moment, please...

Page URL History Show full URLs

  1. https://reurl.cc/NqmQXx Page URL
  2. https://easdxfgiklgvgyicuy.blob.core.windows.net/aerzydfuxd/rasdzb.html Page URL
  3. https://youthsgrame.com/0/0/0/399babe8878f4d252fce3fad807b095f/21 Page URL
  4. https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739 Page URL
  5. https://narrationfile.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7716743 HTTP 302
    https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739 Page URL
  6. https://narrationfile.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=16297114 HTTP 302
    https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

19
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

10
IPs

5
Countries

120 kB
Transfer

386 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reurl.cc/NqmQXx Page URL
  2. https://easdxfgiklgvgyicuy.blob.core.windows.net/aerzydfuxd/rasdzb.html Page URL
  3. https://youthsgrame.com/0/0/0/399babe8878f4d252fce3fad807b095f/21 Page URL
  4. https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739 Page URL
  5. https://narrationfile.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7716743 HTTP 302
    https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739 Page URL
  6. https://narrationfile.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=16297114 HTTP 302
    https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://narrationfile.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7716743 HTTP 302
  • https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
NqmQXx
reurl.cc/ 		558 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/NqmQXx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2cbbec2ec42dab10a6cdd8a830473cfff9095fb3be28a3372cc17b3f319bb3c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 22 Apr 2023 15:59:26 GMT
server
nginx/1.18.0 (Ubuntu)
target
https://easdxfgiklgvgyicuy.blob.core.windows.net/aerzydfuxd/rasdzb.html
vary
Accept-Encoding
ga.js
reurl.cc/javascripts/ 		368 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/NqmQXx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fe7f57fde36dcc853aa6efe2b520aedf611b6f1fe3617d2f184d1b2470255185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/NqmQXx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:59:26 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-170"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 21 Apr 2024 15:59:26 GMT
pixel.js
reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/NqmQXx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/NqmQXx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:59:26 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 21 Apr 2024 15:59:26 GMT
redirect.js
reurl.cc/javascripts/ 		112 B
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/redirect.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/NqmQXx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/NqmQXx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:59:26 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-70"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 21 Apr 2024 15:59:26 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 22 Apr 2023 14:27:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5501
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 22 Apr 2023 16:27:45 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Apr 2023 15:59:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
p0pV0px3loTHYboupX4g3VxCUIyck4KI9U4caa1QxFUYtpCHxfgl3s35G1IySMtcMwWb7w5cp8ZUCDUaRR/5HQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		150 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Apr 2023 15:59:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42315
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
izuHJeZMXphfTwDvTbKE3sRBqrd3ad1FVnZ9TSAPmHA/j4aqsPAUb/9JBfHNt5mrM3memTr0fAulPGDjXRbljw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
inferredevents.js
connect.facebook.net/signals/plugins/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Apr 2023 15:59:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
KkNL0YJmbYmgPvR9Tk57LloHcx42i+Wj9/naLtBHTeuZF40f5fIjuB3CiSUkNdn8s7pp8BLXS1938tMGaLJ2Ng==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FNqmQXx&rl=&if=false&ts=1682179166552&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1682179166551.1969620808&it=1682179166514&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/NqmQXx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 22 Apr 2023 15:59:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		4 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=301831762&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FNqmQXx&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1318998451&gjid=357433492&cid=988718683.1682179167&tid=UA-102456694-1&_gid=37109426.1682179167&_r=1&_slc=1&z=1461858503
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Apr 2023 15:59:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rasdzb.html
easdxfgiklgvgyicuy.blob.core.windows.net/aerzydfuxd/ 		173 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://easdxfgiklgvgyicuy.blob.core.windows.net/aerzydfuxd/rasdzb.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/redirect.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.169.132 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
173
Content-MD5
AZBlK5QIfokXHMuhdDzRJQ==
Content-Type
text/html
Date
Sat, 22 Apr 2023 15:59:26 GMT
ETag
0x8DB4332EF6FFA4C
Last-Modified
Sat, 22 Apr 2023 13:10:24 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
38eea4d1-001e-0033-1d33-750a56000000
x-ms-version
2009-09-19
collect
stats.g.doubleclick.net/j/ 		4 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102456694-1&cid=988718683.1682179167&jid=1318998451&gjid=357433492&_gid=37109426.1682179167&_u=IEBAAEAAAAAAACAAI~&z=1644865139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 22 Apr 2023 15:59:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=988718683.1682179167&jid=1318998451&_u=IEBAAEAAAAAAACAAI~&z=767716533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Apr 2023 15:59:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=988718683.1682179167&jid=1318998451&_u=IEBAAEAAAAAAACAAI~&z=767716533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Apr 2023 15:59:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
21
youthsgrame.com/0/0/0/399babe8878f4d252fce3fad807b095f/ 		141 B
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://youthsgrame.com/0/0/0/399babe8878f4d252fce3fad807b095f/21
Requested by
Host: easdxfgiklgvgyicuy.blob.core.windows.net
URL: https://easdxfgiklgvgyicuy.blob.core.windows.net/aerzydfuxd/rasdzb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.133.83.195 , Czech Republic, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://easdxfgiklgvgyicuy.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
141
content-type
text/html; charset=UTF-8
date
Sat, 22 Apr 2023 15:59:27 GMT
server
Apache
/
narrationfile.info/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
Requested by
Host: youthsgrame.com
URL: https://youthsgrame.com/0/0/0/399babe8878f4d252fce3fad807b095f/21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:bee0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://youthsgrame.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-cache-status
DYNAMIC
cf-edge-cache
no-cache
cf-ray
7bbf12f8fa7bbb43-FRA
content-encoding
br
content-type
text/html
date
Sat, 22 Apr 2023 15:59:28 GMT
last-modified
Saturday, 22-Apr-2023 15:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLUMRdTIbevG5HPSZtv6T5vkaW78o9%2BFdaf6%2F27%2F9BhROZCqttZz8B%2F%2BGGZXADiwh4UF6lSMW47FKrs6PWn%2FCqDqvp%2Bnd5zlNZOGr%2B%2BBHJy3FKM798yfE0CcylelVtyIYWHCJpETxiaUvsmR52Gh7ME%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
narrationfile.info/
Redirect Chain
  • https://narrationfile.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7716743
  • https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bee0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f16aedef655f53b697cc8bee4dda38b6b40246fb945309545492ea3fa892f86

Request headers

Referer
https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-cache-status
DYNAMIC
cf-edge-cache
no-cache
cf-ray
7bbf12fdc97e3623-FRA
content-encoding
br
content-type
text/html
date
Sat, 22 Apr 2023 15:59:29 GMT
last-modified
Saturday, 22-Apr-2023 15:59:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcpKSv5uooRad0L23Pe37f9nQfwDhcSA90EHhoTE7zPLCIx0QU8v1hxyhtoP66Cxr8vkIpNnw%2BUi%2FI%2BWCzInFf9b2yGjUX4fgEta%2FtcuNdC6S%2F4QeEjhn%2Fv1Shl17MAplC4HuPmPTWaBrwM4C26QG4E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bbf12fb6e8abb43-FRA
content-type
text/html
date
Sat, 22 Apr 2023 15:59:28 GMT
location
https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBDkZn17mHvgim07a6KtSAuOXcaFQyfjBBrfKeyr9SC5WqNBZtFlYTXNG%2FSiln9AIV%2BJ117BHOTsfJwpeYsv1%2FxGZVpsnHnGJLfQd5svAS%2BjWf5Q4%2BGq46YKBgtBdFKvZ0FhYPQEfjJDus%2FD1maXmKk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request /
narrationfile.info/
Redirect Chain
  • https://narrationfile.info/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=16297114
  • https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bee0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b30da96625d7d21edec12c81f5e00a6f088ad45685dfecee997568e09ab6469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bbf13029f873623-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 22 Apr 2023 15:59:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Syx3m0DvWxRh0m50%2BIfMrGsaoKMDmk%2F3xmj7%2FtD8GrhuvC%2BmPEjwZ1Qprn%2BJidjzxdq0gIZ45PnIUt3kKf9OZzYigpnEJ4t6shVzl%2BQ%2FZOxsFUFIeeQL%2FXwwjRzfstqLcRPi0rUtbWdx%2B%2F%2BYxSL2U18%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bbf13002c7e3623-FRA
content-type
text/html
date
Sat, 22 Apr 2023 15:59:29 GMT
location
https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ir1NIC2bO4euOIDjnSJJ6lWBQgQNTUT8H0O5lm1dK9Ot6HQzspighfZxnEmlKlc1CB4wBvwItJABIfEIigoUrOY79R7k5LkfIyaXtMVFFu6egs13vKZnilMhCUu2CyI%2FTa1a6IL%2FRQySzCqcrql27U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
0e7606232c9f06942c1d6e09effb3b69
narrationfile.info/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://narrationfile.info/0e7606232c9f06942c1d6e09effb3b69?_ax=w
Requested by
Host: narrationfile.info
URL: https://narrationfile.info/?s1=351585&s2=970419052&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:bee0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2e97803f3bdfbe18460e4c6c1bc60c4346fe9b6ca15791c88143715366822a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrationfile.info/0e7606232c9f06942c1d6e09effb3b69
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cf-edge-cache
no-cache
date
Sat, 22 Apr 2023 15:59:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Saturday, 22-Apr-2023 15:59:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTTNe%2B1BeGTFK7OrsE7RHrv8eLBMl%2F%2FM2nXp4nFpnCU816RolJP633PM0LvsqmFWjc%2BQhovy47cs0JW063u1mXXtTsRrU3Gs1i9CQXNjOomZeCcwpFDqnSBJlkSC7H8bxg0QNfYmUxz%2FM%2FRLhVRCMPM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-ray
7bbf1305fbc93623-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| _0x4eba function| _0x3ccf

7 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1682179166551.1969620808
.reurl.cc/ Name: _ga
Value: GA1.2.988718683.1682179167
.reurl.cc/ Name: _gid
Value: GA1.2.37109426.1682179167
.reurl.cc/ Name: _gat
Value: 1
youthsgrame.com/ Name: uid1782
Value: 970419052-20230422115927-e50a949fed4ebf36146214dff3293425-0
.narrationfile.info/ Name: wschkid
Value: e445c64401f0d73781ffd1ef94c1b31c2111b096.1682265569.1
narrationfile.info/ Name: PHPSESSID
Value: 94469d6924c1faf4ddff13b9a89b9f1a