urlscan.io logo urlscan.io
SecurityTrails logo

returnofthelegend.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://returnofthelegend.com/
Effective URL: https://returnofthelegend.com/
Submission: On October 25 via api from KR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 8 countries across 28 domains to perform 107 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is returnofthelegend.com.
TLS certificate: Issued by WE1 on October 7th 2024. Valid for: 3 months.
This is the only time returnofthelegend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 188.114.96.3 13335 (CLOUDFLAR...)
1 151.101.130.137 54113 (FASTLY)
2 172.217.18.10 15169 (GOOGLE)
2 13.32.99.31 16509 (AMAZON-02)
1 199.232.192.193 54113 (FASTLY)
14 34.192.136.208 14618 (AMAZON-AES)
2 142.250.186.110 15169 (GOOGLE)
2 88.85.69.212 35415 (WEBZILLA)
2 192.243.59.12 39572 (ADVANCEDH...)
5 142.250.185.227 15169 (GOOGLE)
1 172.217.16.200 15169 (GOOGLE)
2 45.133.44.2 39572 (ADVANCEDH...)
1 216.239.32.36 15169 (GOOGLE)
4 104.26.3.51 13335 (CLOUDFLAR...)
3 151.101.1.229 54113 (FASTLY)
6 104.26.8.169 13335 (CLOUDFLAR...)
1 34.36.214.49 396982 (GOOGLE-CL...)
2 51.89.9.254 16276 (OVH)
1 3.161.82.64 16509 (AMAZON-02)
3 23.213.164.238 16625 (AKAMAI-AS)
3 163.5.194.30 60558 (SECUREDSE...)
3 185.255.84.150 200271 (IGUANE-)
3 52.213.147.110 16509 (AMAZON-02)
3 52.30.35.77 16509 (AMAZON-02)
2 119.63.193.220 38627 (BAIDUJP B...)
2 151.101.129.44 54113 (FASTLY)
1 104.18.23.145 13335 (CLOUDFLAR...)
4 54.158.242.97 14618 (AMAZON-AES)
1 169.150.255.184 60068 (CDN77 _)
2 163.5.194.37 60558 (SECUREDSE...)
2 18.245.31.106 16509 (AMAZON-02)
2 185.255.84.152 200271 (IGUANE-)
107 33
23    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
returnofthelegend.com
1    151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net
fonts.googleapis.com
2    13.32.99.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-31.fra60.r.cloudfront.net
cdn.purpleads.io
1    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
14    34.192.136.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-136-208.compute-1.amazonaws.com
api.purpleads.io
2    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
www.google-analytics.com
2    88.85.69.212 (Netherlands)

ASN35415 (WEBZILLA, NL)
vengeful-egg.com
2    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
warlockstallioniso.com
5    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
1    172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net
www.googletagmanager.com
2    45.133.44.2 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.disfigured-survey.pro
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    104.26.3.51 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.prplads.com
3    151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
2    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    3.161.82.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-64.fra56.r.cloudfront.net
hb.360yield.com
3    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    163.5.194.30 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)
prebid.a-mo.net
3    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
3    52.213.147.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-147-110.eu-west-1.compute.amazonaws.com
hb.minutemedia-prebid.com
3    52.30.35.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-35-77.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
2    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    104.18.23.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
4    54.158.242.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-242-97.compute-1.amazonaws.com
carbon-nv.servenobids.com
1    169.150.255.184 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 298300181.fra.cdn77.com
topics.authorizedvault.com
2    163.5.194.37 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)
prebid.a-mo.net
2    18.245.31.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-106.fra56.r.cloudfront.net
public.servenobid.com
2    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
Apex Domain
Subdomains		 Transfer
23 returnofthelegend.com
returnofthelegend.com
402 KB
16 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 289892
api.purpleads.io — Cisco Umbrella Rank: 82515
39 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 3596
23 KB
5 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2764
public.servenobid.com — Cisco Umbrella Rank: 5182
2 KB
5 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4000
visitor.omnitagjs.com — Cisco Umbrella Rank: 806
992 B
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 777
238 B
5 gstatic.com
fonts.gstatic.com
74 KB
4 servenobids.com
carbon-nv.servenobids.com — Cisco Umbrella Rank: 35130
738 B
4 prplads.com
cdn.prplads.com — Cisco Umbrella Rank: 137486
138 KB
3 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3523
1 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 557
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 862
2 popin.cc
api.popin.cc — Cisco Umbrella Rank: 8842
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
2 disfigured-survey.pro
www.disfigured-survey.pro
31 KB
2 warlockstallioniso.com
warlockstallioniso.com — Cisco Umbrella Rank: 784525
2 vengeful-egg.com
vengeful-egg.com
14 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 authorizedvault.com
topics.authorizedvault.com — Cisco Umbrella Rank: 6514
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1583
239 B
1 360yield.com
hb.360yield.com — Cisco Umbrella Rank: 7228
1 openx.net
pa.openx.net — Cisco Umbrella Rank: 3256
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
97 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8556
125 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
33 KB
0 onesignal.com Failed
cdn.onesignal.com Failed
107 28
Domain Requested by
23 returnofthelegend.com returnofthelegend.com
14 api.purpleads.io cdn.purpleads.io
6 script.4dex.io cdn.prplads.com
script.4dex.io
5 prebid.a-mo.net cdn.prplads.com
5 fonts.gstatic.com fonts.googleapis.com
4 carbon-nv.servenobids.com cdn.prplads.com
4 cdn.prplads.com cdn.purpleads.io
3 ads.servenobid.com cdn.prplads.com
3 hb.minutemedia-prebid.com cdn.prplads.com
3 hb-api.omnitagjs.com cdn.prplads.com
3 ads.pubmatic.com cdn.prplads.com
3 cdn.jsdelivr.net cdn.prplads.com
2 visitor.omnitagjs.com cdn.prplads.com
2 public.servenobid.com cdn.prplads.com
2 cdn.taboola.com cdn.prplads.com
2 api.popin.cc cdn.prplads.com
2 onetag-sys.com cdn.prplads.com
2 www.disfigured-survey.pro vengeful-egg.com
2 warlockstallioniso.com returnofthelegend.com
2 vengeful-egg.com returnofthelegend.com
vengeful-egg.com
2 www.google-analytics.com returnofthelegend.com
www.google-analytics.com
2 cdn.purpleads.io returnofthelegend.com
2 fonts.googleapis.com returnofthelegend.com
cdn.purpleads.io
1 topics.authorizedvault.com cdn.prplads.com
1 cadmus.script.ac script.4dex.io
1 hb.360yield.com cdn.prplads.com
1 pa.openx.net cdn.prplads.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 i.imgur.com returnofthelegend.com
1 code.jquery.com returnofthelegend.com
0 cdn.onesignal.com Failed returnofthelegend.com
107 32

This site contains no links.

Subject Issuer Validity Valid
returnofthelegend.com
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.purpleads.io
Amazon RSA 2048 M02		 2024-08-30 -
2025-09-27		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
vengeful-egg.com
E6		 2024-10-06 -
2025-01-04		 3 months crt.sh
warlockstallioniso.com
R10		 2024-08-30 -
2024-11-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.disfigured-survey.pro
R10		 2024-10-23 -
2025-01-21		 3 months crt.sh
prplads.com
WE1		 2024-10-01 -
2024-12-30		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
script.4dex.io
WE1		 2024-09-21 -
2024-12-21		 3 months crt.sh
pa.openx.net
WR3		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
improvedigital.com
Amazon RSA 2048 M02		 2024-02-04 -
2025-03-04		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.a-mo.net
R11		 2024-09-02 -
2024-12-01		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2024-07-02 -
2025-08-01		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M03		 2024-03-18 -
2025-04-17		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M02		 2024-03-29 -
2025-04-27		 a year crt.sh
*.popin.cc
Secure Site Pro CA G2		 2024-09-23 -
2025-10-24		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
script.ac
E5		 2024-10-19 -
2025-01-17		 3 months crt.sh
carbon.servenobid.com
Amazon RSA 2048 M02		 2024-05-13 -
2025-06-11		 a year crt.sh
1657490710.rsc.cdn77.org
E5		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-12-08 -
2025-01-05		 a year crt.sh

This page contains 22 frames:

Primary Page: https://returnofthelegend.com/
Frame ID: 76F5FC0C7928ABA8BDC7A46C53668B7E
Requests: 52 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2024-08-21.js
Frame ID: D6112789BB81D4AC4BAF5A29CC2F172B
Requests: 9 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2024-08-21.js
Frame ID: AA9E1B08697918ECCF5D15533F93C854
Requests: 9 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 421C3DE047DED9E091EE9A451AA450BC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Frame ID: 908449F478DBBDE6D7F243491AF7FDEC
Requests: 1 HTTP requests in this frame

Frame: https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Frame ID: EAABA5A4D39EF2A5BC146CC6C741C089
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: E042D8BFA563AE56B469356FB67D859D
Requests: 1 HTTP requests in this frame

Frame: https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery
Frame ID: 24EE94F56006A429D6BC4366F7496AB7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Frame ID: A93D3B5B46B0BB830790A3C80B859006
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: F10B4A9DDF9AF9BF4F88FC1CA25EC029
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Frame ID: 597BD0203938D38317DE968E76C594E2
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: 804C89656FCB821AD14E3CB356F18F4F
Requests: 10 HTTP requests in this frame

Frame: https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery
Frame ID: 3455FE2D0407C58400D18B8EDBE51CB5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 82B7D5FA8BF64DD791625BDD3D7A7DAD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Frame ID: 1DD5C42828EACE9CF11629A6B1FFC8BB
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: 98620A7BA5896A689822E7D17D63DD28
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: C1B1C9A396962E36457E2F4CDD4E5AB2
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 45A60EA408CAB822471DCE0409D55BFB
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Frame ID: 6B35AA9F5CC35090E5DFD60430C58BF8
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 5A45FEEDA74FF26FFFB43A5E6347E0F3
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: FDE342D99A18E2DD8FA656B185554DA8
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Frame ID: A85EBBDD62391759AA62DF79094B3A05
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Read Return of the Legend - [English Version]

Page URL History Show full URLs

  1. http://returnofthelegend.com/ HTTP 307
    https://returnofthelegend.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

107
Requests

99 %
HTTPS

0 %
IPv6

28
Domains

32
Subdomains

33
IPs

8
Countries

1006 kB
Transfer

3398 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://returnofthelegend.com/ HTTP 307
    https://returnofthelegend.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

107 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
returnofthelegend.com/
Redirect Chain
  • http://returnofthelegend.com/
  • https://returnofthelegend.com/
167 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c0a22ec93885be5db5a5364c034cbeb0b7e81d9ee94a1d8f350bad2706b215

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d8034b869a86722-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 25 Oct 2024 06:38:50 GMT
link
<https://returnofthelegend.com/wp-json/>; rel="https://api.w.org/", <https://returnofthelegend.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://returnofthelegend.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0bCnB2jhUqW4vQDa0NzPYMLPv4c2k%2FeM83Af3YohMS91KNDZFTUjCLBKk7h%2BZNf1xNQ5BD06YWzXEvpp6%2F2dO3wbnmpr0EXxEfDXdhoq4QTzntsAPvCbuY00LLPAeW7aFBxQwogxm0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=12901&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4181&recv_bytes=4492&delivery_rate=730&cwnd=12000&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=679&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

Location
https://returnofthelegend.com/
Non-Authoritative-Reason
HttpsUpgrades
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
etag
"28feccc0-176d5"
age
852801
x-cache
HIT, HIT
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
60094, 3177
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21975-LGA, cache-ams21049-AMS
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729838330.414905,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
33318
server
nginx
style.min.css
returnofthelegend.com/wp-includes/css/dist/block-library/ 		108 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uh5ESsMcz0pTsup32v8F1ao6zrCKcbRm3iswcoh96mzL2qQBDTDk8mX4a4cwRxijNcYEy4UDmiRfg7kEJPCVNIpNZ86S2Gq%2FGkNPz2osqBMBsu3GQfMTMI8e%2Fn%2F8P48MQEgpqFV8DwU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034bceda26722-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13855&sent=84&recv=43&lost=0&retrans=0&sent_bytes=79692&recv_bytes=8595&delivery_rate=1780327&cwnd=28800&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=812&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 29 Mar 2024 13:22:36 GMT
vary
Accept-Encoding
priority
u=0,i=?0
frontend.css
returnofthelegend.com/wp-content/plugins/wp-dark-mode//assets/css/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/plugins/wp-dark-mode//assets/css/frontend.css
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6146e850afd9ba2175c55d58300dd7412223a95c7987cdbad5eee5060a6b3adf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYVEOiwm%2FgzWYl86CreCe9ts8jJNbaEwp1FvAmdtoov%2Bd0FLbJYeYN6wasXWEjjjCezOLQ%2BxPX1pujjgStGllKKzY8JIHaWX%2FdKZAeAFsKMLj1g6gD2rdFvmAQxyvr%2FO4wY0%2FWckHJk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034bceda36722-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13855&sent=90&recv=43&lost=0&retrans=0&sent_bytes=86782&recv_bytes=8595&delivery_rate=1780327&cwnd=28800&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=819&x=1", cfExtPri, cfHdrFlush;dur=5
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:45 GMT
vary
Accept-Encoding
priority
u=0,i=?0
bootstrap.css
returnofthelegend.com/wp-content/themes/Ifenzi/css/ 		119 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/themes/Ifenzi/css/bootstrap.css
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6HZUa9lCAB3%2FNhusgZINJtD8mzIIC2zyGrTrbxgyL4v0rFEWWvlVdZaftyfsFytBklRLYHJFksxNq8Kek7B2gdssYw25ZUAlvPrsAAZwk%2FCcIxaeEfDrnefhbKC5LMHUI8uvZHMA5g%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=124948
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13855&sent=65&recv=43&lost=0&retrans=0&sent_bytes=57982&recv_bytes=8595&delivery_rate=1780327&cwnd=28800&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=811&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:44 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bceda56722-AMS
server
cloudflare
style.css
returnofthelegend.com/wp-content/themes/Ifenzi/ 		23 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/themes/Ifenzi/style.css
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=woVMUBb12u3nHfV0VbS8a9Nkt3uH%2FRV3e5bF%2F%2B42KuuvDbooZAVUd%2FbB%2BVspvaL5NCWDAOEatjIzQUKYP0WGGrA04AlcRNhFFd4ed2pxxVtNzcsjh8vU2qa%2B6kJwPCWie1KPvpD%2BJls%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=24746
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13855&sent=90&recv=43&lost=0&retrans=0&sent_bytes=86782&recv_bytes=8595&delivery_rate=1780327&cwnd=28800&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=822&x=1", cfExtPri, cfHdrFlush;dur=2
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:44 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bceda96722-AMS
server
cloudflare
font-awesome.min.css
returnofthelegend.com/wp-content/themes/Ifenzi/font-awesome/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2BQpgoVCTfaajopcXqISMqz2dAoAYu9ZLyMM6TDOHFI83H1y41pCqEJuQh%2BP2aY62jy5VoxFkOxwcuNGuJlquLq28GoLUk%2F2Mq5iE2X1jI59kGdYvl%2FpuM6mYfiMTGVTtWsoNx2W3eI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034bcedaa6722-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13855&sent=90&recv=43&lost=0&retrans=0&sent_bytes=86782&recv_bytes=8595&delivery_rate=1780327&cwnd=28800&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=818&x=1", cfExtPri, cfHdrFlush;dur=6
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:44 GMT
vary
Accept-Encoding
priority
u=0,i=?0
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
f14eb4e20a27b4ae0b12f50026c3245a80eea835f8a30c7dedc44e76f9b4b178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 06:38:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 25 Oct 2024 06:38:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
easy-social-share-buttons.min.css
returnofthelegend.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ 		71 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d4d0d92564201ceb0ec3465188a37497bd7b635be731b78700c3b04461f1f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIlFwu5%2FLcWefnyoR5SDHdRwUmA%2BwlSRMlSZRlcb6A3QKCZjE2mWfREUECJZRkNiOfTsrT%2Fxtt%2B87Vi3YoETQMscQz0tJ9qVVbXIkPHVP%2FdQI8JQULscR3Mwo0MJVjCA9OlPjl%2BN4zk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034bcedab6722-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13855&sent=90&recv=43&lost=0&retrans=0&sent_bytes=86782&recv_bytes=8595&delivery_rate=1780327&cwnd=28800&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=822&x=1", cfExtPri, cfHdrFlush;dur=2
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 18 Sep 2023 19:30:17 GMT
vary
Accept-Encoding
priority
u=0,i=?0
jquery.min.js
returnofthelegend.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yip2bP6tcuEsY%2BPJ7uApNnwWYEUimhR212DUqHwyW1u1bKRR8vH7ZCh0XmvonmJJSI%2BLudRfERX5RU9%2Fo%2BzWisgVrcbGTUGq55A%2F9JUosP%2FWOwl175BHrh%2BlQT3nkYiygRjpk7CZm5o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034bcedad6722-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13855&sent=90&recv=43&lost=0&retrans=0&sent_bytes=86782&recv_bytes=8595&delivery_rate=1780327&cwnd=28800&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=815&x=1", cfExtPri, cfHdrFlush;dur=9
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 29 Mar 2024 13:22:36 GMT
vary
Accept-Encoding
priority
u=1,i=?0
dark-mode.js
returnofthelegend.com/wp-content/plugins/wp-dark-mode//assets/js/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/plugins/wp-dark-mode//assets/js/dark-mode.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8277612008fbd4b33ad1ad2f5d357517be701fee46e184bb283c5f42c5a02cb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQzjhkNG2OXXj6ObSC9d81I0PH2Vj6cEdglqISQQdTP6ZBaX1%2B52PVW15LFR%2BALSZwpv5FJf78yGj9Ev0cqKAOLryK4bjZx065hVTJPZeDQzGlKB%2B3jfxbi1v6hf06KuPpYw%2F%2Bw0tGc%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=183317
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13855&sent=90&recv=43&lost=0&retrans=0&sent_bytes=86782&recv_bytes=8595&delivery_rate=1780327&cwnd=28800&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=817&x=1", cfExtPri, cfHdrFlush;dur=7
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:45 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bcedaf6722-AMS
server
cloudflare
agent.js
cdn.purpleads.io/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
149254751538153a2d4fb2afab52d948f6edab789f64adf2a91d7cf25a985250

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
etag
"40d73066d67ab868d57b46d4c334cfcd"
age
15838
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
21970
x-amz-cf-id
fvET7t61cs5nJQlR45NbDPSlDiBZcq0DeyiBGq5RhXMF0K9cxeWqYw==
date
Fri, 25 Oct 2024 02:14:52 GMT
content-type
application/javascript
last-modified
Sun, 15 Sep 2024 08:21:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
load.js
cdn.purpleads.io/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/load.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a9cc6357bbbc09f9d146b88b366955ea66d2b7544d29c95130c49fe88fc3b7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
etag
"92cc94c70d131767c87668c5efff89d3"
age
22300
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
12145
x-amz-cf-id
QbvzLvzOlY2XN-EJ_uyMoUGAFixkrIDGUQKvliPLQ8nyHQ6W4c29ow==
date
Fri, 25 Oct 2024 00:27:14 GMT
content-type
application/javascript
last-modified
Wed, 26 Jun 2024 08:53:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
CjVcvxT.png
i.imgur.com/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/CjVcvxT.png
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d84d0b11a13eb74fd1b784a6eefa221091eb2d7ebf2c3b3aa09c236290c9010a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

etag
"10bb27a4ce28ae2338039af3dc1c3a47"
age
314425
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
EhgzgtJtUXmEr15w6A0hRMSXzUYzPevEWUPnRGFP6iL7MimJb9wlBA==
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
image/png
last-modified
Sat, 29 Jan 2022 22:33:37 GMT
x-cache-hits
13, 0
x-served-by
cache-iad-kiad7000088-IAD, cache-ams2100105-AMS
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1729838330.442343,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
content-length
127283
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
icons.css
returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae14daa4ab308754319a11408e6ecd99ea0aa94bac94d06433c58b11c8c657

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kGIcM7mfoyaX7E4zjB60YXGn31nGYWzX72FHSAodDqm7vTcoCb0V%2BnmRe3rZsZ6JdMbcXT2LD2TvhbfJqoUv53%2FLFyEgbiPgxJ9JdDc52mvO5VJGKlWkrvwFZNMuLKAXgcm9rvfYRfw%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=37015
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13485&sent=141&recv=55&lost=0&retrans=0&sent_bytes=142092&recv_bytes=9121&delivery_rate=334363&cwnd=56400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=835&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 10 Aug 2024 15:16:42 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bd0dcb6722-AMS
server
cloudflare
shortcodes.css
returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		44 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bfc362d61a36174f9e4ef410adee1288b2a9afc839586ed871949c96f7fa0dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCyUZ1TrF8XUjv612hZpLuw3nKXs6qmexN6HgLO3hHoQqvxEepoP8Yyveb0y2CdeyX01sR8KozKBOCmOV%2FZPdgg84aWzEYtr9hFTXXJm3hxLp7BPFpLQAD9RYEDLS6je9Xjh4NHnHh4%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=45247
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14146&sent=195&recv=82&lost=0&retrans=0&sent_bytes=199076&recv_bytes=13135&delivery_rate=4273284&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=916&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 10 Aug 2024 15:16:42 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bd9e496722-AMS
server
cloudflare
underscore.min.js
returnofthelegend.com/wp-includes/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-includes/js/underscore.min.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=maFFUoqHg0hAiFflfmCLnZdgqOCznpemKwnuCnTxO6T554QSoslvY%2BBWi2UIJ94oihEAMFAYux6mo7crlW2c6OH0Q%2FicWXffEuvWuAuknQwCB%2FCOpxGC3Gy05JYQMrWrUSh9qsseDv4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034bd9e546722-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14146&sent=203&recv=82&lost=0&retrans=0&sent_bytes=208181&recv_bytes=13135&delivery_rate=4273284&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=926&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 29 Mar 2024 13:22:36 GMT
vary
Accept-Encoding
priority
u=2,i=?0
wp-util.min.js
returnofthelegend.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-includes/js/wp-util.min.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TWwsUZllIdX21snDnZU%2FLZtHKFvnpWbah5PLLWho1KYXfIUJ39K6GkYqD1sx%2B75tNtigrI66aWknQD72ocUMHLELRSc7JH%2BEkFatTQg8uHqcaMJcihyIV48YtXwPM%2BvxhfVxuHFr%2BD4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034bdbe736722-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13988&sent=211&recv=83&lost=0&retrans=0&sent_bytes=216678&recv_bytes=13180&delivery_rate=119666&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=938&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 29 Mar 2024 13:22:36 GMT
vary
Accept-Encoding
priority
u=2,i=?0
frontend.min.js
returnofthelegend.com/wp-content/plugins/wp-dark-mode//assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/plugins/wp-dark-mode//assets/js/frontend.min.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dd3a1326f714eee263d0cf46a7d3e04da82774573de40c6a2ff9094654e7dbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXWqT7oJZr9vHh5cHGAe%2B3jW5wylVCFwm2JZxBfNrK1Unm3sglljiKULdkLYb7v7xurQCH6sdicBL9ENQHNsu6dantq4QJMvq0f6a09VU8esV2bIE%2FtWMoPRifl1oeXLIpR0gmHiSe4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034bdbe776722-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13861&sent=215&recv=84&lost=0&retrans=0&sent_bytes=220229&recv_bytes=13225&delivery_rate=231341&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=943&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:45 GMT
vary
Accept-Encoding
priority
u=2,i=?0
bootstrap.js
returnofthelegend.com/wp-content/themes/Ifenzi/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/themes/Ifenzi/js/bootstrap.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fw6theigof68eFw10vLNe7tNPmnTzm04ANwJwxtsTKu8vWu%2FFj9EckDUEAoO7ZX66Np3td0j7ofhRAc53q0gFBFcpdsPFVxwAkTRlMwSb3tmSeP3Z3VFis1GUuk6iDH0TmoEgHXbbK8%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=36790
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13861&sent=231&recv=84&lost=0&retrans=0&sent_bytes=237489&recv_bytes=13225&delivery_rate=231341&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=948&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:44 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bdbe786722-AMS
server
cloudflare
skip-link-focus-fix.js
returnofthelegend.com/wp-content/themes/Ifenzi/js/ 		588 B
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/themes/Ifenzi/js/skip-link-focus-fix.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNdvaATdKY6jMDlC4pYPIBjvk3upw3b%2B%2BFm%2BkENE4pUaToSm39msCIcLVXOOuRfOz3PuJrBFP9dqibS%2B9s4j5qs%2FQTjjMs4z8A833u7wYEMoG2o9%2B6r4GtfovzhbRFRK8w93D%2B4R0bI%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=751
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13988&sent=214&recv=83&lost=0&retrans=0&sent_bytes=219216&recv_bytes=13180&delivery_rate=119666&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=942&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:44 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bdbe7a6722-AMS
server
cloudflare
lighthouse.js
returnofthelegend.com/wp-content/themes/Ifenzi/js/ 		1010 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/themes/Ifenzi/js/lighthouse.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNTk30KMXMSvRwuFzMIk%2FhPeVk9K4vb4ayiEw%2FadVqhg%2BkXlX2KbGAi61pV%2BRGA8wRBlFu8I6IC29ZwJP%2FIHdIF2unwlH8Qd%2Fn3%2F1qLULb53GNDGYfqk3XsFXqewFCPC6az7Avp%2B0UI%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=1100
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13988&sent=213&recv=83&lost=0&retrans=0&sent_bytes=218131&recv_bytes=13180&delivery_rate=119666&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=939&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:44 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bdbe7b6722-AMS
server
cloudflare
OneSignalSDK.js'%20async='async
cdn.onesignal.com/sdks/ 		0
0
index.js
returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57ab89d7c7ceb5096dd538890be2edc1b23ec6ed387db466f5badb727d7a401

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjylQfhZAw%2F%2FY54pD8YWel9WM0taPpjSeVHnbKYvj246Ekx35VsOJDG1i7%2FGSLwWxvm6QFT8XR2WDF009mIYTWEd894mPltViEMWV52QxZJHvJz%2BYEbc8jkA8l0UmvO8yK7CP6SX3U0%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=15247
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13861&sent=217&recv=84&lost=0&retrans=0&sent_bytes=222565&recv_bytes=13225&delivery_rate=231341&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=945&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 10 Aug 2024 15:16:42 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bdbe7c6722-AMS
server
cloudflare
2566c291e59e185c12a331fef1e235f3.js
returnofthelegend.com/wp-content/easysocialsharebuttons-assets/compiled/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/easysocialsharebuttons-assets/compiled/2566c291e59e185c12a331fef1e235f3.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45f28cd857cd097e2af1133e7564e7893f0357a1699320f620b1eed60ea156b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxuDBlqM2uNSMVRMldRPyQFqbnROmiF2VybGdGf48XckHPfOR3sHc%2FrlKnpg5Y2eu15yi51HBliKIgdn9JEaLBtBibwbUyXO03n4ssXArQXRw1VU58ZKCi9uX1sEwgC8IOu82U3iMpo%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=35712
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13861&sent=222&recv=84&lost=0&retrans=0&sent_bytes=227658&recv_bytes=13225&delivery_rate=231341&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=945&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sun, 29 Jan 2023 17:28:57 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8034bdbe806722-AMS
server
cloudflare
lazyload.min.js
returnofthelegend.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RGWFW7H7U93PT2BqEC%2FiRo1o9WwgPmEuuUIeFimd7RdYVHgsLZ4rwr1nOp5XqK7U2xZ2%2BApA5eKPc%2FMUOEIFHbeTOKPIAodtYMmkd2Qd7utiLPne9BE9NdRA72taRjDEkDc%2ByrfwvbE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034bdbe826722-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13708&sent=241&recv=85&lost=0&retrans=0&sent_bytes=248524&recv_bytes=13269&delivery_rate=146923&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=955&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 29 Jan 2022 17:17:45 GMT
vary
Accept-Encoding
priority
u=3,i=?0
f
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=de3014226e2246e986d4731dd854e34b&ts=1729838330509
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://returnofthelegend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://returnofthelegend.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 25 Oct 2024 06:38:50 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
age
4355
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 07:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
f
api.purpleads.io/x/v2/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=de3014226e2246e986d4731dd854e34b&ts=1729838330509
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash
34038745144c898a7e2a4e65a224e2c67a0427f572ca5d2aaf7380f7a976d4e0

Request headers

Authorization
Bearer 0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Referer
https://returnofthelegend.com/
x-request-url
aHR0cHM6Ly9yZXR1cm5vZnRoZWxlZ2VuZC5jb20v
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
pa-user-id
8c894495-be02-483c-9a20-9b5232a2d623
x-purpleads-version
3.0.0

Response headers

access-control-expose-headers
pa-user-id
content-encoding
br
etag
W/"b18-lHwLCW1m2py4y8LK44Vyvudhnpk"
access-control-allow-credentials
true
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
TxMSyw
vengeful-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vengeful-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/TxMSyw
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
88.85.69.212 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
1278255503a65a6fbbb34582a1d0fa44abd1ac7c3956c674628ce133d4b50831
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-credentials
true
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Mon, 26 Jul 2011 05:00:00 GMT
access-control-allow-origin
*
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 25 Oct 2024 06:38:50 GMT
access-control-allow-headers
Content-Type
invoke.js
warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://returnofthelegend.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 25 Oct 2024 06:38:50 GMT
Content-Type
application/javascript
Host
warlockstallioniso.com
Server
nginx/1.19.5
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1729838330567
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://returnofthelegend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://returnofthelegend.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 25 Oct 2024 06:38:50 GMT
init
api.purpleads.io/x/ 		103 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1729838330567
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash
0af17552baaa71e1bc34e64cb3dfe4c4ea1b09d2d04ec9204d7484942f6d64ae

Request headers

Authorization
Bearer 0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Referer
https://returnofthelegend.com/
x-request-url
aHR0cHM6Ly9yZXR1cm5vZnRoZWxlZ2VuZC5jb20v
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
pa-user-id
8c894495-be02-483c-9a20-9b5232a2d623
x-purpleads-version
4.0.3

Response headers

access-control-expose-headers
pa-user-id
etag
W/"67-CcJt0qMHWKyL2C/UEiCU1N+2ZoY"
access-control-allow-credentials
true
access-control-allow-origin
https://returnofthelegend.com
content-length
103
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://returnofthelegend.com
Referer
https://fonts.googleapis.com/

Response headers

age
223570
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:32:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:32:40 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://returnofthelegend.com
Referer
https://fonts.googleapis.com/

Response headers

age
223838
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:28:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:28:12 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://returnofthelegend.com
Referer
https://fonts.googleapis.com/

Response headers

age
224330
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:20:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:20:00 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/ 		15 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=79310485&t=pageview&_s=1&dl=https%3A%2F%2Freturnofthelegend.com%2F&ul=nl-nl&de=UTF-8&dt=Read%20Return%20of%20the%20Legend%20-%20%5BEnglish%20Version%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1918520574&gjid=1522735448&cid=1238284381.1729838331&tid=UA-206363258-25&_gid=119850237.1729838331&_r=1&_slc=1&z=1957123728
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
71013898faa1cb06ea344067de4048cf646772d96da72a4644af4348a2ac0a7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://returnofthelegend.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 06:38:50 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://returnofthelegend.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		275 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1PSYPS0MQ6&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e63fb9c096ffb920c1620f83b49f1c55264ccd2fab90a72fe2418b98927d3f02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 06:38:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99002
x-xss-protection
0
server
Google Tag Manager
9da5edbfea90.js
www.disfigured-survey.pro/ecc874/ 		69 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.disfigured-survey.pro/ecc874/9da5edbfea90.js
Requested by
Host: vengeful-egg.com
URL: https://vengeful-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/TxMSyw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.2 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
4318f6b0f340d709e097317ab9d4d3887be5ff1aff959fa2d324ce90486c2bc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

cache-control
max-age=172800
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET
expires
Sun, 27 Oct 2024 06:38:50 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
application/javascript; charset=utf-8
server
nginx
x-cdn-host-id
ah1004
access-control-allow-headers
Content-Type
9da5edbfea90.js
www.disfigured-survey.pro/ecc874/ 		69 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.disfigured-survey.pro/ecc874/9da5edbfea90.js
Requested by
Host: vengeful-egg.com
URL: https://vengeful-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/TxMSyw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.2 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
4318f6b0f340d709e097317ab9d4d3887be5ff1aff959fa2d324ce90486c2bc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

cache-control
max-age=172800
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET
expires
Sun, 27 Oct 2024 06:38:50 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
application/javascript; charset=utf-8
server
nginx
x-cdn-host-id
ah1004
access-control-allow-headers
Content-Type
YG2Hx-p.ZJWK5L0MZ_GOFP0QYRT-9TyUcVmWl_kYPZTaEb2-MdTeFfkgY_miMj0kYlm-JnjoYpTqk_1sMtWuRvl-MxjyRzjAN_WCID2EOFT-dHkIYJTKg_wMNNGOMP5-
vengeful-egg.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vengeful-egg.com/YG2Hx-p.ZJWK5L0MZ_GOFP0QYRT-9TyUcVmWl_kYPZTaEb2-MdTeFfkgY_miMj0kYlm-JnjoYpTqk_1sMtWuRvl-MxjyRzjAN_WCID2EOFT-dHkIYJTKg_wMNNGOMP5-
Requested by
Host: vengeful-egg.com
URL: https://vengeful-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/TxMSyw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
88.85.69.212 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://returnofthelegend.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options
nosniff
expires
Mon, 26 Jul 2011 05:00:00 GMT
content-length
0
date
Fri, 25 Oct 2024 06:38:50 GMT
server
nginx
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1PSYPS0MQ6&gtm=45je4al0v9111183728za200&_p=1729838330630&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101823848&ul=nl-nl&sr=1600x1200&cid=1238284381.1729838331&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Freturnofthelegend.com%2F&dt=Read%20Return%20of%20the%20Legend%20-%20%5BEnglish%20Version%5D&sid=1729838330&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1172
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1PSYPS0MQ6&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://returnofthelegend.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 06:38:50 GMT
content-type
text/plain
server
Golfe2
invoke.js
warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://returnofthelegend.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 25 Oct 2024 06:38:50 GMT
Content-Type
application/javascript
Host
warlockstallioniso.com
Server
nginx/1.19.5
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://returnofthelegend.com
Referer
https://fonts.googleapis.com/

Response headers

age
284115
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 23:43:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 23:43:35 GMT
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14160
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
returnofthelegend.com/wp-content/themes/Ifenzi/font-awesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/themes/Ifenzi/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://returnofthelegend.com
Referer
https://returnofthelegend.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MykFgyKDTU5zAFl4Mv1nQaLuE3qkx1cVYnX%2F%2BjgeXD9DAMOyn4v0YiS6HFfW17CPyWB%2Fv9cngjjO9RcnkLwQic4q432Y%2BiJqVnXMUPT4eoNmYpMfG7gJ5vWYarZMxWs5ENflZPTpBmg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034c0e9b56722-AMS
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13400&sent=307&recv=91&lost=0&retrans=0&sent_bytes=326417&recv_bytes=14478&delivery_rate=1848808&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=1459&x=1", cfExtPri, cfHdrFlush;dur=10
content-length
56780
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
font/woff2
last-modified
Sat, 29 Jan 2022 17:17:44 GMT
vary
Accept-Encoding
priority
u=0,i=?0
forkawesome-webfont.woff2
returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
Requested by
Host: returnofthelegend.com
URL: https://returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://returnofthelegend.com
Referer
https://returnofthelegend.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNmNioO8lPKSuKiBbDPCEgDVv6kwGTt1tiNFRlVIPiT8VTtIwh1wWCfUWv8QMMVf4WXv%2FS2v09nuiLKCWLTJ5bRaaRdKyavzOVt3yLska9Cxtd6JOew8lUQ2pRpffY0MsrMw9sBPHKo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034c0e9b66722-AMS
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13400&sent=245&recv=91&lost=0&retrans=0&sent_bytes=252017&recv_bytes=14478&delivery_rate=1848808&cwnd=74400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=1456&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
109916
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
font/woff2
last-modified
Sat, 10 Aug 2024 15:16:43 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cropped-IfenziMangaFavicon-32x32.jpg
returnofthelegend.com/wp-content/uploads/2020/05/ 		907 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://returnofthelegend.com/wp-content/uploads/2020/05/cropped-IfenziMangaFavicon-32x32.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e79f2a244a0425c9b4629be09b808e4e7f61c5b292dcf84b91ab73f34a997d62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2nOjPJq3AEbg9CAQ93zTq7BkJJGcO3NMZehT2lD8zc9LRYMgL4MdgRB1Ji0dhLd39tk5fWqYvCs3jCQaWQEyfYwWLsj3VvTkQD4Ll3IyNRJ0yYuu93H61%2BxW7ah5LbFLq%2BM60hBW2w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8034c1ca786722-AMS
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13467&sent=390&recv=108&lost=0&retrans=0&sent_bytes=423932&recv_bytes=15684&delivery_rate=1339958&cwnd=134400&unsent_bytes=0&cid=d805c5769f1ff3b5&ts=1596&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
907
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
image/jpeg
last-modified
Sat, 29 Jan 2022 17:17:44 GMT
vary
Accept-Encoding
priority
u=1,i
agent.js
cdn.prplads.com/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
149254751538153a2d4fb2afab52d948f6edab789f64adf2a91d7cf25a985250

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"40d73066d67ab868d57b46d4c334cfcd"
age
5445
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9qng62rjFjfa8TBtvYhBXYSU1cYfqGpifPda0%2BaAp7%2B9WN5BXJ2ZoYrX4j1obDQIQEhAqe6U8hlBMw0yFtF0ixmkIG9xtc%2FIZmNSl6TqTvCrusRgIOgEwAizSDvOqMFtg%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/javascript
last-modified
Sun, 15 Sep 2024 08:21:14 GMT
vary
Accept-Encoding
x-amz-id-2
Yaz5MvUfvFghvoA/zu9RvbON+JXSYGi50SutuKGY/TpucgdVPN+AfW0rE/qj9X4d0jSHnJjpBQY=
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T98WSBQFCRSYPKHE
cf-ray
8d8034c20864b900-AMS
accept-ranges
bytes
content-length
21970
server
cloudflare
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=0&pid=de3014226e2246e986d4731dd854e34b&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=c962004e-20e6-4923-9538-7c77a8423952&ts=1729838331173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://returnofthelegend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://returnofthelegend.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 25 Oct 2024 06:38:51 GMT
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=1&pid=de3014226e2246e986d4731dd854e34b&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100],[300,50]]&slotid=c8c63959-8cec-4c38-8a6a-5b43304583ab&ts=1729838331173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://returnofthelegend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://returnofthelegend.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 25 Oct 2024 06:38:51 GMT
/
api.purpleads.io/x/v2/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=0&pid=de3014226e2246e986d4731dd854e34b&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=c962004e-20e6-4923-9538-7c77a8423952&ts=1729838331173
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash
bc9eed0574c3cc04f28cf225b1c8f7a86a62408b72e6b91600c854c855a46e24

Request headers

Authorization
Bearer 0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Referer
https://returnofthelegend.com/
x-request-url
aHR0cHM6Ly9yZXR1cm5vZnRoZWxlZ2VuZC5jb20v
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
pa-user-id
8c894495-be02-483c-9a20-9b5232a2d623
x-purpleads-version
4.0.3

Response headers

access-control-expose-headers
pa-user-id
content-encoding
br
etag
W/"c36-Hz8ZalpuEyk8vQSUliJm/BUdOIQ"
access-control-allow-credentials
true
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
/
api.purpleads.io/x/v2/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=1&pid=de3014226e2246e986d4731dd854e34b&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100],[300,50]]&slotid=c8c63959-8cec-4c38-8a6a-5b43304583ab&ts=1729838331173
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash
731fd8f7e869cac00985744e2daf26abed729e27c9ae57515a7137f81dd682d7

Request headers

Authorization
Bearer 0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Referer
https://returnofthelegend.com/
x-request-url
aHR0cHM6Ly9yZXR1cm5vZnRoZWxlZ2VuZC5jb20v
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
pa-user-id
8c894495-be02-483c-9a20-9b5232a2d623
x-purpleads-version
4.0.3

Response headers

access-control-expose-headers
pa-user-id
content-encoding
br
etag
W/"c4f-FJ9pyH7BCLwRqBBdTJsrSBTcCDg"
access-control-allow-credentials
true
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
prebid-2024-08-21.js
cdn.prplads.com/ Frame D611 		356 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2024-08-21.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e404d56ce7106943e8a770a7f996bc5c71e9fcc74c45c4d326ec4f5582b8527c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d5648f1f2569f1aeebd08c555505249b"
age
286364
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y14mvix4wE%2FI7n%2Bil3LEqDRtqWC36AB2nsmbynPFXxldezqdrQed2rvBjTwS675i7PMMgaA9RqGRsCthQp8i9vT338dJnWTmD%2F6nhVObEDOTeqyzMvd%2BF7HB2HiggE37oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 08:17:43 GMT
vary
Accept-Encoding
x-amz-id-2
dvNKTqgRGW73VcP6I1ePDa59y9ld6v4FK5h2PAYc33Vd0vnKZApzLO5zFKv9AO4SbTXBqD0lmuA=
cache-control
max-age=1209600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
892JSMB8HWWGC5HF
cf-ray
8d8034c369ddb900-AMS
accept-ranges
bytes
content-length
117692
server
cloudflare
prebid-2024-08-21.js
cdn.prplads.com/ Frame AA9E 		356 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2024-08-21.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e404d56ce7106943e8a770a7f996bc5c71e9fcc74c45c4d326ec4f5582b8527c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d5648f1f2569f1aeebd08c555505249b"
age
286364
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y14mvix4wE%2FI7n%2Bil3LEqDRtqWC36AB2nsmbynPFXxldezqdrQed2rvBjTwS675i7PMMgaA9RqGRsCthQp8i9vT338dJnWTmD%2F6nhVObEDOTeqyzMvd%2BF7HB2HiggE37oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 08:17:43 GMT
vary
Accept-Encoding
x-amz-id-2
dvNKTqgRGW73VcP6I1ePDa59y9ld6v4FK5h2PAYc33Vd0vnKZApzLO5zFKv9AO4SbTXBqD0lmuA=
cache-control
max-age=1209600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
892JSMB8HWWGC5HF
cf-ray
8d8034c369ddb900-AMS
accept-ranges
bytes
content-length
117692
server
cloudflare
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame D611 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241025
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8227e54bade6ad0726dea4a75f701d99a2b817c6e2de15d7841052bf133c5bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"63c-LIoMfZizUUBU5OEdXi5UzdhwtEo"
age
9477
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230103-FRA, cache-ams2100119-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
866
x-jsd-version
1.0.2219
localstore.js
script.4dex.io/ Frame D611 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=1800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"00a8e13a83b2bbab51af8e55f52be363"
Age
126266
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lwSSS5YXZBcBzT%2BOyQk2JOhCJJsSksqPN82lAYi8NwNkuF2eHjsjxq8lRMAyow4OLPoDgeyDu98vn4n3OXo7TjWe0EdMaZ04xdTbNdti7O0bbqZ%2BeO9wGuElRjO0xh4h"}],"group":"cf-nel","max_age":604800}
CF-RAY
8d8034c40cce6646-AMS
Date
Fri, 25 Oct 2024 06:38:51 GMT
Content-Type
application/javascript
Last-Modified
Wed, 28 Aug 2024 15:06:32 GMT
Vary
Accept-Encoding
Server
cloudflare
topics_frame.html
pa.openx.net/ Frame 421C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2899
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Fri, 25 Oct 2024 05:50:32 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AHmUCY0XNQbTx0ABKZcr53aWIL0_BAvhAY1kp0rree-z0sAnzI99UrMGgVVtWx0Xrlr6rGPOscUWL2jGAw
topicsapi.html
onetag-sys.com/static/ Frame 9084 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
public, max-age=2628000, immutable
content-encoding
gzip
content-length
566
content-type
text/html
expires
Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security
max-age=15552000
vary
accept-encoding
topics.html
hb.360yield.com/privacy-sandbox/ Frame EAAB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-64.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
93
cache-control
max-age=3600
content-length
840
content-type
text/html
date
Fri, 25 Oct 2024 06:37:18 GMT
etag
"df731667f516cd61f16f3bc51bc7022f"
last-modified
Thu, 14 Mar 2024 16:48:35 GMT
server
AmazonS3
via
1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
x-amz-cf-id
qKN0yOCSL2Ra3PyNJ1btXtsoZFSD237t_2MpRQSd50vj86T99BUuiA==
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
x-amz-version-id
kpEupr6y3cwJy6IieEVrXoWKzFeDpUx4
x-cache
Hit from cloudfront
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame E042 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=114434
content-encoding
gzip
content-length
859
content-type
text/html
date
Fri, 25 Oct 2024 06:38:51 GMT
expires
Sat, 26 Oct 2024 14:26:05 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
c
prebid.a-mo.net/a/ Frame D611 		0
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.30 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

cache-control
max-age=0, private, must-revalidate
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:50 GMT
x-envoy-upstream-service-time
1
vary
origin, accept-encoding, Accept-Encoding
server
envoy
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame D611 		179 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Freturnofthelegend.com%2F&PageUrl=https%3A%2F%2Freturnofthelegend.com%2F&PageReferrer=https%3A%2F%2Freturnofthelegend.com%2F&CanonicalUrl=https%3A%2F%2Freturnofthelegend.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
3b8d673018fc1b98db48a333c01d8a8d2433eea0a9c190c5fd6ed5a4b716a18c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
7
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
access-control-allow-origin
https://returnofthelegend.com
content-length
179
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
ayl-lb-fra02
access-control-allow-headers
Accept-Encoding, Content-Type
hb-mm-multi
hb.minutemedia-prebid.com/ Frame D611 		82 B
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.213.147.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-147-110.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
ce4c685760575688d0361ceadc7bc03c367d814536c03dfd40d14d742bec2198

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://returnofthelegend.com
content-length
107
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
adreq
ads.servenobid.com/ Frame D611 		399 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6756
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.35.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-35-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
29d5adbead8d1627813f1de61dacaa34398dad7b99427b23cadf82d075367130

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json
vary
accept-encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame AA9E 		2 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241025
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8227e54bade6ad0726dea4a75f701d99a2b817c6e2de15d7841052bf133c5bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"63c-LIoMfZizUUBU5OEdXi5UzdhwtEo"
age
9477
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230103-FRA, cache-ams2100119-AMS
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
866
x-jsd-version
1.0.2219
localstore.js
script.4dex.io/ Frame AA9E 		1 KB
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

Cache-Control
public, max-age=1800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"00a8e13a83b2bbab51af8e55f52be363"
Age
126266
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQ2OCriL1KB7yUx9RKqBVTgl5aVGMbB%2FvzM2FxButpbz%2FwIHQ43X8UJrEu4wS1iuLP5y0sh5SVTok07xFVU46GPBk6tKyUdqe7xIWv7sZAjBzkOKrPXL1C45v7EvNH1p"}],"group":"cf-nel","max_age":604800}
CF-RAY
8d8034c43cf46646-AMS
Date
Fri, 25 Oct 2024 06:38:51 GMT
Last-Modified
Wed, 28 Aug 2024 15:06:32 GMT
Vary
Accept-Encoding
Server
cloudflare
Content-Type
application/javascript
prebid-topics-frame.html
api.popin.cc/topic/ Frame 24EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 25 Oct 2024 06:38:52 GMT
ETag
W/"8c71e26cee5af68d0dbe5d507b8ed111"
Expires
Fri, 25 Oct 2024 07:38:52 GMT
Last-Modified
Tue, 12 Mar 2024 03:24:51 GMT
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-Status
HIT from 10.252.55.26
x-amz-server-side-encryption
AES256
x-amz-version-id
NGIkCgD6bcLUel.CcLdlmpgCJ.f_PIbB
taboola-prebid-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame A93D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

abp
23
accept-ranges
bytes
access-control-allow-origin
*
age
3
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
539
content-type
text/html
date
Fri, 25 Oct 2024 06:38:51 GMT
etag
"3a04a0889d22f29ff26db71b6559fec1"
last-modified
Tue, 20 Feb 2024 14:00:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
LI1XIO9aQPLxA2IAOJaaKQnB6/JfCWXCUKnDqEYba6eOEVDy8/Oude2ylwbJYjLYVR80NrctmOs=
x-amz-replication-status
COMPLETED
x-amz-request-id
G4FA71BYP7W5MF5V
x-amz-server-side-encryption
AES256
x-amz-version-id
x9X4oBHDSMJ3A3AgD4XG8_3AHqwdsw1t
x-cache
HIT
x-cache-hits
1
x-served-by
cache-ams2100140-AMS
x-timer
S1729838332.578937,VS0,VE1
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame F10B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=114434
content-encoding
gzip
content-length
859
content-type
text/html
date
Fri, 25 Oct 2024 06:38:51 GMT
expires
Sat, 26 Oct 2024 14:26:05 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
topicsapi.html
onetag-sys.com/static/ Frame 597B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
public, max-age=2628000, immutable
content-encoding
gzip
content-length
566
content-type
text/html
expires
Mon, 01 Jan 2046 12:34:56 GMT
vary
accept-encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame AA9E 		179 B
231 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Freturnofthelegend.com%2F&PageUrl=https%3A%2F%2Freturnofthelegend.com%2F&PageReferrer=https%3A%2F%2Freturnofthelegend.com%2F&CanonicalUrl=https%3A%2F%2Freturnofthelegend.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
28c20d250f3c08fbba50af5b1a012aeb195317c587e51d10d49882cec8ac412b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
26
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
access-control-allow-origin
https://returnofthelegend.com
content-length
179
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
ayl-lb-fra02
access-control-allow-headers
Accept-Encoding, Content-Type
c
prebid.a-mo.net/a/ Frame AA9E 		0
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.30 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

cache-control
max-age=0, private, must-revalidate
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:50 GMT
x-envoy-upstream-service-time
1
vary
origin, accept-encoding, Accept-Encoding
server
envoy
access-control-allow-credentials
true
adreq
ads.servenobid.com/ Frame AA9E 		399 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7971
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.35.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-35-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9ca9ecf9277d2120b341c59dde57850b2b7c849811290c2ee1bbfac6e62550c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json
vary
accept-encoding
hb-mm-multi
hb.minutemedia-prebid.com/ Frame AA9E 		81 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.213.147.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-147-110.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
7ec76367b8c039e01ad123512e984350529a424e9883592668ae223c1978d9ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
9
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://returnofthelegend.com
content-length
106
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
age
0
cf-ray
8d8034c48ad9b954-AMS
content-length
3
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
adagio.js
script.4dex.io/a/latest/ Frame D611 		61 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

Access-Control-Expose-Headers
Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"3bd20e5fbdd6d804d194856ed36c4ccb"
Age
102392
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOxi1nFM8Llap3XsTGlHy2X70VGduCFh3WIVBa9c2YJPqGuCWfNW1XFo5gVum5haP2qsESDzfiwuSC6n%2BCesKkYkfbvVrVOgabB7zi19ErVp%2FF%2BUzDtbOXdtT5whAtfz"}],"group":"cf-nel","max_age":604800}
Date
Fri, 25 Oct 2024 06:38:51 GMT
Content-Type
application/javascript
Last-Modified
Wed, 28 Aug 2024 15:06:29 GMT
Vary
Origin, Accept-Encoding
Transfer-Encoding
chunked
Cache-Control
public, max-age=1800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d8034c468990ae3-AMS
Access-Control-Allow-Origin
*
Server
cloudflare
adagio.js
script.4dex.io/a/latest/ Frame AA9E 		61 KB
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

Cache-Control
public, max-age=1800
Access-Control-Expose-Headers
Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"3bd20e5fbdd6d804d194856ed36c4ccb"
Age
102392
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tu47fi69Ka0dVzWsuag395Kq70eJwxGCMEyuuWWUGJela5cXyXyIpIOnq6Pzp%2BZep0%2Fd6TV%2BrHApNaIAL5vRhbH3%2FOgQu7rQhkT8RhcmJMnd3GkQG7buFZCmaIeVAfNt"}],"group":"cf-nel","max_age":604800}
CF-RAY
8d8034c4a8e70ae3-AMS
Access-Control-Allow-Origin
*
Date
Fri, 25 Oct 2024 06:38:51 GMT
Last-Modified
Wed, 28 Aug 2024 15:06:29 GMT
Vary
Origin, Accept-Encoding
Server
cloudflare
Content-Type
application/javascript
/
api.purpleads.io/x/v2/b/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=2&pid=de3014226e2246e986d4731dd854e34b&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=c962004e-20e6-4923-9538-7c77a8423952&demand=unifiedPb&ts=1729838331768
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Authorization
Bearer 0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Referer
https://returnofthelegend.com/
x-request-url
aHR0cHM6Ly9yZXR1cm5vZnRoZWxlZ2VuZC5jb20v
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
pa-user-id
8c894495-be02-483c-9a20-9b5232a2d623
x-purpleads-version
4.0.3

Response headers

access-control-expose-headers
pa-user-id
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:51 GMT
access-control-allow-credentials
true
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=2&pid=de3014226e2246e986d4731dd854e34b&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=c962004e-20e6-4923-9538-7c77a8423952&demand=unifiedPb&ts=1729838331768
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://returnofthelegend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://returnofthelegend.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 25 Oct 2024 06:38:51 GMT
/
api.purpleads.io/x/v2/b/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=3&pid=de3014226e2246e986d4731dd854e34b&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100],[300,50]]&slotid=c8c63959-8cec-4c38-8a6a-5b43304583ab&demand=unifiedPb&ts=1729838331768
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Authorization
Bearer 0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Referer
https://returnofthelegend.com/
x-request-url
aHR0cHM6Ly9yZXR1cm5vZnRoZWxlZ2VuZC5jb20v
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
pa-user-id
8c894495-be02-483c-9a20-9b5232a2d623
x-purpleads-version
4.0.3

Response headers

access-control-expose-headers
pa-user-id
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:51 GMT
access-control-allow-credentials
true
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=3&pid=de3014226e2246e986d4731dd854e34b&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100],[300,50]]&slotid=c8c63959-8cec-4c38-8a6a-5b43304583ab&demand=unifiedPb&ts=1729838331768
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://returnofthelegend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://returnofthelegend.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 25 Oct 2024 06:38:51 GMT
auctionEnd
carbon-nv.servenobids.com/event/ Frame D611 		72 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://carbon-nv.servenobids.com/event/auctionEnd?pubid=22846935092
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.242.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-242-97.compute-1.amazonaws.com
Software
/
Resource Hash
bde2b9da5366970f086a7b108e45c18b1d53324dfc9fc2df4cc3942310e6d1d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://returnofthelegend.com/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
72
date
Fri, 25 Oct 2024 06:38:52 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
auctionEnd
carbon-nv.servenobids.com/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://carbon-nv.servenobids.com/event/auctionEnd?pubid=22846935092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.242.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-242-97.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://returnofthelegend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 25 Oct 2024 06:38:52 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auctionEnd
carbon-nv.servenobids.com/event/ Frame AA9E 		72 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://carbon-nv.servenobids.com/event/auctionEnd?pubid=22846935092
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.242.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-242-97.compute-1.amazonaws.com
Software
/
Resource Hash
bde2b9da5366970f086a7b108e45c18b1d53324dfc9fc2df4cc3942310e6d1d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://returnofthelegend.com/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
72
date
Fri, 25 Oct 2024 06:38:52 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
auctionEnd
carbon-nv.servenobids.com/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://carbon-nv.servenobids.com/event/auctionEnd?pubid=22846935092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.242.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-242-97.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://returnofthelegend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 25 Oct 2024 06:38:52 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
css
fonts.googleapis.com/ Frame 804C 		818 B
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 06:38:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 06:38:52 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 25 Oct 2024 05:25:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
prebid-2024-08-21.js
cdn.prplads.com/ Frame 804C 		356 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2024-08-21.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e404d56ce7106943e8a770a7f996bc5c71e9fcc74c45c4d326ec4f5582b8527c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d5648f1f2569f1aeebd08c555505249b"
age
286364
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y14mvix4wE%2FI7n%2Bil3LEqDRtqWC36AB2nsmbynPFXxldezqdrQed2rvBjTwS675i7PMMgaA9RqGRsCthQp8i9vT338dJnWTmD%2F6nhVObEDOTeqyzMvd%2BF7HB2HiggE37oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 08:17:43 GMT
vary
Accept-Encoding
x-amz-id-2
dvNKTqgRGW73VcP6I1ePDa59y9ld6v4FK5h2PAYc33Vd0vnKZApzLO5zFKv9AO4SbTXBqD0lmuA=
cache-control
max-age=1209600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
892JSMB8HWWGC5HF
cf-ray
8d8034c369ddb900-AMS
accept-ranges
bytes
content-length
117692
server
cloudflare
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 804C 		23 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://returnofthelegend.com
Referer
https://fonts.googleapis.com/

Response headers

age
223838
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:28:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:28:12 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 804C 		2 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241025
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8227e54bade6ad0726dea4a75f701d99a2b817c6e2de15d7841052bf133c5bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"63c-LIoMfZizUUBU5OEdXi5UzdhwtEo"
age
9477
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230103-FRA, cache-ams2100119-AMS
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
866
x-jsd-version
1.0.2219
localstore.js
script.4dex.io/ Frame 804C 		1 KB
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

Cache-Control
public, max-age=1800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"00a8e13a83b2bbab51af8e55f52be363"
Age
126267
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdQAEQTbLM4%2BmJ0pCy%2FTbIGfCZQxHGDK7NNR04kv8sMzK3OQk4kwj2IvqmbMu6hy%2FdMRca7NTf8tcdgdNuSAQn%2BLzCfKXkj0UkATJ9QKEZ%2FKlXD2LbeEVVKwbbFXH%2FRk"}],"group":"cf-nel","max_age":604800}
CF-RAY
8d8034c8b9576646-AMS
Date
Fri, 25 Oct 2024 06:38:52 GMT
Last-Modified
Wed, 28 Aug 2024 15:06:32 GMT
Vary
Accept-Encoding
Server
cloudflare
Content-Type
application/javascript
prebid-topics-frame.html
api.popin.cc/topic/ Frame 3455 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/topic/prebid-topics-frame.html?bidder=discovery
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=3600
Content-Encoding
gzip
Content-Type
text/html
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 25 Oct 2024 06:38:52 GMT
ETag
W/"8c71e26cee5af68d0dbe5d507b8ed111"
Expires
Fri, 25 Oct 2024 07:38:52 GMT
Last-Modified
Tue, 12 Mar 2024 03:24:51 GMT
Server
nginx
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Cache-Status
HIT from 10.252.55.26
x-amz-server-side-encryption
AES256
x-amz-version-id
NGIkCgD6bcLUel.CcLdlmpgCJ.f_PIbB
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 82B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=114434
content-encoding
gzip
content-length
859
content-type
text/html
date
Fri, 25 Oct 2024 06:38:51 GMT
expires
Sat, 26 Oct 2024 14:26:05 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
taboola-prebid-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 1DD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

abp
23
accept-ranges
bytes
access-control-allow-origin
*
age
3
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
539
content-type
text/html
date
Fri, 25 Oct 2024 06:38:51 GMT
etag
"3a04a0889d22f29ff26db71b6559fec1"
last-modified
Tue, 20 Feb 2024 14:00:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
LI1XIO9aQPLxA2IAOJaaKQnB6/JfCWXCUKnDqEYba6eOEVDy8/Oude2ylwbJYjLYVR80NrctmOs=
x-amz-replication-status
COMPLETED
x-amz-request-id
G4FA71BYP7W5MF5V
x-amz-server-side-encryption
AES256
x-amz-version-id
x9X4oBHDSMJ3A3AgD4XG8_3AHqwdsw1t
x-cache
HIT
x-cache-hits
1
x-served-by
cache-ams2100140-AMS
x-timer
S1729838332.578937,VS0,VE1
topicsapi.html
topics.authorizedvault.com/ Frame 9862 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.255.184 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
298300181.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=604800
content-encoding
gzip
content-type
text/html
date
Fri, 25 Oct 2024 06:38:52 GMT
etag
W/"b1da2234a554ee8bc6519a75d88402d9"
expires
Sun, 07 Jan 2024 22:30:26 GMT
last-modified
Mon, 26 Jun 2023 15:39:25 GMT
server
CDN77-Turbo
vary
Accept-Encoding
via
1.1 google
x-77-age
378465
x-77-cache
HIT
x-77-nzt
EgwBqZb/tgH3YcYFAAwB1GY4EQH3o1MDAA
x-77-nzt-ray
15b3c7112633e0e5fc3c1b67c51f3014
x-77-pop
frankfurtDE
x-goog-generation
1687793965818864
x-goog-hash
crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1404
x-guploader-uploadid
ABPtcPoZDS7_aCon-JVvX7xEB5qiduXohRxhaUJEcurJnHQA4lh4mfE-NaoMpM1Avb2HKdtYrSbrQ63T
c
prebid.a-mo.net/a/ Frame 804C 		0
43 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.30 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

cache-control
max-age=0, private, must-revalidate
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:51 GMT
x-envoy-upstream-service-time
0
vary
origin, accept-encoding, Accept-Encoding
server
envoy
access-control-allow-credentials
true
adreq
ads.servenobid.com/ Frame 804C 		399 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3015
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.35.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-35-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f0584d22596da6ff94772b3db5e31ac8934cb87d9607bcf2e61c90bb01367d93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:52 GMT
content-type
application/json
vary
accept-encoding
hb-mm-multi
hb.minutemedia-prebid.com/ Frame 804C 		82 B
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.213.147.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-147-110.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
d39b69763bd25689fd64f314d349ff2692a44a4ab7b78e4318ae88b50e753501

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
132
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://returnofthelegend.com
content-length
107
date
Fri, 25 Oct 2024 06:38:52 GMT
content-type
application/json
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 804C 		179 B
229 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Freturnofthelegend.com%2F&PageUrl=https%3A%2F%2Freturnofthelegend.com%2F&PageReferrer=https%3A%2F%2Freturnofthelegend.com%2F&CanonicalUrl=https%3A%2F%2Freturnofthelegend.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
8aea7ca293810e2ed74855d29e280768cecb1433d6267543779157580183d5e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://returnofthelegend.com/

Response headers

access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
6
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
access-control-allow-origin
https://returnofthelegend.com
content-length
179
date
Fri, 25 Oct 2024 06:38:51 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
ayl-lb-fra02
access-control-allow-headers
Accept-Encoding, Content-Type
adagio.js
script.4dex.io/a/latest/ Frame 804C 		61 KB
713 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://returnofthelegend.com/

Response headers

Cache-Control
public, max-age=1800
Access-Control-Expose-Headers
Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"3bd20e5fbdd6d804d194856ed36c4ccb"
Age
102393
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G27E655Y%2FjzQc%2FJrfxcw24WESXa6GBA6STHXfVeYOiL6ghAxJdqroJyIcDgGkFiR4wE1FVPgcqAXmTB3RLhoePsyBi0rlh99AvBkuewxywDZRwiHUcXpSY203Aqf06N4"}],"group":"cf-nel","max_age":604800}
CF-RAY
8d8034c8edb20ae3-AMS
Access-Control-Allow-Origin
*
Date
Fri, 25 Oct 2024 06:38:52 GMT
Last-Modified
Wed, 28 Aug 2024 15:06:29 GMT
Vary
Origin, Accept-Encoding
Server
cloudflare
Content-Type
application/javascript
f
api.purpleads.io/x/v2/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=de3014226e2246e986d4731dd854e34b&demand=unifiedPb&ts=1729838332464
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Authorization
Bearer 0d96bfc3a61e81c53f4d2f1c4e943eef:8a1b303108d017d4e1e5966ed267da21f2f22fa7652d7a0dd9b5821ed49b2cf1d9b29b11f4547f93b94b8d2c11ba4c9b9974a74a48e30755ec03cdf67aa8ea22
Referer
https://returnofthelegend.com/
x-request-url
aHR0cHM6Ly9yZXR1cm5vZnRoZWxlZ2VuZC5jb20v
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
pa-user-id
8c894495-be02-483c-9a20-9b5232a2d623
x-purpleads-version
3.0.0

Response headers

access-control-expose-headers
pa-user-id
access-control-allow-origin
https://returnofthelegend.com
date
Fri, 25 Oct 2024 06:38:52 GMT
access-control-allow-credentials
true
f
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=de3014226e2246e986d4731dd854e34b&demand=unifiedPb&ts=1729838332464
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.136.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-136-208.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://returnofthelegend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-allow-origin
https://returnofthelegend.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Fri, 25 Oct 2024 06:38:52 GMT
isyn
prebid.a-mo.net/ Frame C1B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.37 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 25 Oct 2024 06:38:54 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
0
sync.html
public.servenobid.com/ Frame 45A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
36643
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 24 Oct 2024 20:28:12 GMT
etag
W/"361804a95df9ae633ba4ad2e8380e33f"
last-modified
Thu, 17 Oct 2024 18:25:32 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
x-amz-cf-id
ZeTsDAomZM37Xs9loubt_ijeh0U1yfwNXhnoZlrT_zUNJNc2HVcpEg==
x-amz-cf-pop
FRA56-P8
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:91c17da3-ae5d-4daf-9e6c-f378cb3a567b
x-amz-meta-codebuild-content-md5
a3310f54477ff40d472d2411ad1e0176
x-amz-meta-codebuild-content-sha256
7dfae5f48043c90f0a8d4367b8d9d3c878dc5470ea12095a462cd16299fe57ad
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
isync
visitor.omnitagjs.com/visitor/ Frame 6B35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1855
content-type
text/html; charset=UTF-8
date
Fri, 25 Oct 2024 06:38:54 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
20
isyn
prebid.a-mo.net/ Frame 5A45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.37 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 25 Oct 2024 06:38:53 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
0
sync.html
public.servenobid.com/ Frame FDE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
36643
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 24 Oct 2024 20:28:12 GMT
etag
W/"361804a95df9ae633ba4ad2e8380e33f"
last-modified
Thu, 17 Oct 2024 18:25:32 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
x-amz-cf-id
ZeTsDAomZM37Xs9loubt_ijeh0U1yfwNXhnoZlrT_zUNJNc2HVcpEg==
x-amz-cf-pop
FRA56-P8
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:91c17da3-ae5d-4daf-9e6c-f378cb3a567b
x-amz-meta-codebuild-content-md5
a3310f54477ff40d472d2411ad1e0176
x-amz-meta-codebuild-content-sha256
7dfae5f48043c90f0a8d4367b8d9d3c878dc5470ea12095a462cd16299fe57ad
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
isync
visitor.omnitagjs.com/visitor/ Frame A85E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2024-08-21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://returnofthelegend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1857
content-type
text/html; charset=UTF-8
date
Fri, 25 Oct 2024 06:38:54 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
7

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.onesignal.com
URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js'%20async='async

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| DarkMode string| GoogleAnalyticsObject function| ga object| wpDarkMode function| checkOsDarkMode object| essb_settings function| documentInitOneSignal object| OneSignal function| loadCSS function| _0x2c70 function| _0x5e58 boolean| _purpleadsWasLoaded object| _purpleads string| purpleadsInstanceId function| _storage number| amountScrolled object| jQuery111302195189597660716 object| atOptions object| _0x550c function| _0x56ae boolean| _purpleAdsDisplayInit object| globalSlots object| purpleadsAgent object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer string| ecc874 boolean| ppuDisableTrigger object| google_tag_manager function| n5QKrv function| p6TI4 number| w_Rh9p function| V2bON function| q1mm object| qfxzwz function| _ object| _wpUtilSettings object| wp function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| SUShortcodesL10n object| SUImageCarousel object| lazyLoadOptions object| essb function| essb_open_mailform function| essb_close_mailform function| essb_mailform_send function| essbasc_popup_show function| essbasc_popup_close function| LazyLoad object| images object| iframes object| rocket_lazy number| height object| ADAGIO object| _ADAGIO

28 Cookies

Domain/Path Name / Value
.smartadserver.com/api Name: pid
Value: 8889236479661305500
.returnofthelegend.com/ Name: _ga
Value: GA1.2.1238284381.1729838331
.returnofthelegend.com/ Name: _gid
Value: GA1.2.119850237.1729838331
.returnofthelegend.com/ Name: _gat
Value: 1
.onesignal.com/ Name: __cf_bm
Value: szWJDjqOldcIRf5sYjFnec91bR2JrGOl5Ng1JfaMQQY-1729838330-1.0.1.1-Bzb8UaRdYl3TVMF9z.Xie11lUXFuL0qdsr1GxylnIJjPvjr.8q41e1H3xFzsaXfHSj08NSLv8AiRoIYS2Ed7Gg
.returnofthelegend.com/ Name: _ga_1PSYPS0MQ6
Value: GS1.2.1729838330.1.0.1729838330.0.0.0
.omnitagjs.com/ Name: ayl_visitor
Value: b811a74c5033aa069de0f5770852e9f0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjG0tLA0NDc0MhbiM9QNKDTO9SmyKPFKSYsEAAtM96klAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjG0tLA0NDc0MhbiM9QNKDTO9SmyKPFKSYsEAAtM96klAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtobmRpYWxhbGxiaWoKAD9nlZ0QAAAA
.creativecdn.com/ Name: ts
Value: 1729838334
.gumgum.com/ Name: vst
Value: e_c87ceaaf-0f83-454b-a368-451e5b0e1429
.aidemsrv.com/ Name: __cf_bm
Value: mc.vgYd1CJh3zznmhebFjWCJtKN9UGgTQRx1HkDgHYE-1729838334-1.0.1.1-hmUPHtU6.StQ99OSVUv8khPySXAGqCIhiXZGu8IlLpcAqDI5AzcQC26cEl4e16ycU4jad1lX7M3UZEYDwziuBw
.creativecdn.com/ Name: g
Value: QH8chf0vK6bIpeDtRqE0_1729838334974
.casalemedia.com/ Name: CMID
Value: Zxs8-lVbLKcAAFQkAJqfkAAA
.casalemedia.com/ Name: CMPS
Value: 3325
.casalemedia.com/ Name: CMPRO
Value: 3325
.bidswitch.net/ Name: tuuid
Value: 92e204a4-4d45-4c46-b3c3-123f4f0c1e5d
.bidswitch.net/ Name: c
Value: 1729838335
.bidswitch.net/ Name: tuuid_lu
Value: 1729838335
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.lijit.com/ Name: ljt_reader
Value: JjduALZH5QK-rvQ9SQOgQgCG
.servenobid.com/ Name: pid_309
Value: e_c87ceaaf-0f83-454b-a368-451e5b0e1429
.servenobid.com/ Name: pid_324
Value: 5144588532113420351
.servenobid.com/ Name: pid_321
Value: OPTOUT
.servenobid.com/ Name: pid_317
Value: 8889236479661305500

6 Console Messages

Source Level URL
Text
javascript warning URL: https://returnofthelegend.com/(Line 626)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://returnofthelegend.com/(Line 626)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://returnofthelegend.com/(Line 1420)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://returnofthelegend.com/(Line 1420)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
ads.servenobid.com
api.popin.cc
api.purpleads.io
cadmus.script.ac
carbon-nv.servenobids.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.prplads.com
cdn.purpleads.io
cdn.taboola.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
hb-api.omnitagjs.com
hb.360yield.com
hb.minutemedia-prebid.com
i.imgur.com
onetag-sys.com
pa.openx.net
prebid.a-mo.net
public.servenobid.com
region1.google-analytics.com
returnofthelegend.com
script.4dex.io
topics.authorizedvault.com
vengeful-egg.com
visitor.omnitagjs.com
warlockstallioniso.com
www.disfigured-survey.pro
www.google-analytics.com
www.googletagmanager.com
cdn.onesignal.com
104.18.23.145
104.26.3.51
104.26.8.169
119.63.193.220
13.32.99.31
142.250.185.227
142.250.186.110
151.101.1.229
151.101.129.44
151.101.130.137
163.5.194.30
163.5.194.37
169.150.255.184
172.217.16.200
172.217.18.10
18.245.31.106
185.255.84.150
185.255.84.152
188.114.96.3
192.243.59.12
199.232.192.193
216.239.32.36
23.213.164.238
3.161.82.64
34.192.136.208
34.36.214.49
45.133.44.2
51.89.9.254
52.213.147.110
52.30.35.77
54.158.242.97
88.85.69.212
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0af17552baaa71e1bc34e64cb3dfe4c4ea1b09d2d04ec9204d7484942f6d64ae
0bfc362d61a36174f9e4ef410adee1288b2a9afc839586ed871949c96f7fa0dc
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022
1278255503a65a6fbbb34582a1d0fa44abd1ac7c3956c674628ce133d4b50831
149254751538153a2d4fb2afab52d948f6edab789f64adf2a91d7cf25a985250
28c20d250f3c08fbba50af5b1a012aeb195317c587e51d10d49882cec8ac412b
29c0a22ec93885be5db5a5364c034cbeb0b7e81d9ee94a1d8f350bad2706b215
29d5adbead8d1627813f1de61dacaa34398dad7b99427b23cadf82d075367130
34038745144c898a7e2a4e65a224e2c67a0427f572ca5d2aaf7380f7a976d4e0
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3b8d673018fc1b98db48a333c01d8a8d2433eea0a9c190c5fd6ed5a4b716a18c
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
4318f6b0f340d709e097317ab9d4d3887be5ff1aff959fa2d324ce90486c2bc4
45f28cd857cd097e2af1133e7564e7893f0357a1699320f620b1eed60ea156b9
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5a9cc6357bbbc09f9d146b88b366955ea66d2b7544d29c95130c49fe88fc3b7b
6146e850afd9ba2175c55d58300dd7412223a95c7987cdbad5eee5060a6b3adf
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
71013898faa1cb06ea344067de4048cf646772d96da72a4644af4348a2ac0a7c
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
731fd8f7e869cac00985744e2daf26abed729e27c9ae57515a7137f81dd682d7
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ec76367b8c039e01ad123512e984350529a424e9883592668ae223c1978d9ad
8277612008fbd4b33ad1ad2f5d357517be701fee46e184bb283c5f42c5a02cb6
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410
83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
8aea7ca293810e2ed74855d29e280768cecb1433d6267543779157580183d5e1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9ca9ecf9277d2120b341c59dde57850b2b7c849811290c2ee1bbfac6e62550c0
9dd3a1326f714eee263d0cf46a7d3e04da82774573de40c6a2ff9094654e7dbd
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
bc9eed0574c3cc04f28cf225b1c8f7a86a62408b72e6b91600c854c855a46e24
bde2b9da5366970f086a7b108e45c18b1d53324dfc9fc2df4cc3942310e6d1d8
c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce4c685760575688d0361ceadc7bc03c367d814536c03dfd40d14d742bec2198
d39b69763bd25689fd64f314d349ff2692a44a4ab7b78e4318ae88b50e753501
d57ab89d7c7ceb5096dd538890be2edc1b23ec6ed387db466f5badb727d7a401
d84d0b11a13eb74fd1b784a6eefa221091eb2d7ebf2c3b3aa09c236290c9010a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e404d56ce7106943e8a770a7f996bc5c71e9fcc74c45c4d326ec4f5582b8527c
e63fb9c096ffb920c1620f83b49f1c55264ccd2fab90a72fe2418b98927d3f02
e79f2a244a0425c9b4629be09b808e4e7f61c5b292dcf84b91ab73f34a997d62
e8227e54bade6ad0726dea4a75f701d99a2b817c6e2de15d7841052bf133c5bd
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f0584d22596da6ff94772b3db5e31ac8934cb87d9607bcf2e61c90bb01367d93
f14eb4e20a27b4ae0b12f50026c3245a80eea835f8a30c7dedc44e76f9b4b178
f3d4d0d92564201ceb0ec3465188a37497bd7b635be731b78700c3b04461f1f1
ffae14daa4ab308754319a11408e6ecd99ea0aa94bac94d06433c58b11c8c657