villagereturn.com Open in urlscan Pro
198.50.167.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://villagereturn.com/
Submission: On July 28 via api (July 28th 2024, 5:34:43 pm UTC) from US — Scanned from CA

Summary HTTP 71 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 71 HTTP transactions. The main IP is 198.50.167.39, located in Canada and belongs to OVH, FR. The main domain is villagereturn.com.
TLS certificate: Issued by R10 on July 23rd 2024. Valid for: 3 months.

This is the only time villagereturn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	198.50.167.39 198.50.167.39	16276 (OVH) (OVH)
1	37.97.241.10 37.97.241.10	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
1	162.159.137.232 162.159.137.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.75.171 104.22.75.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
3	141.101.120.10 141.101.120.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.153.173 172.64.153.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.48.104.70 23.48.104.70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.14.208.197 3.14.208.197	16509 (AMAZON-02) (AMAZON-02)
3	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	104.26.13.60 104.26.13.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.38.113.3 54.38.113.3	16276 (OVH) (OVH)
1	23.223.252.212 23.223.252.212	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	23.48.104.77 23.48.104.77	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1	23.48.104.81 23.48.104.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	44.196.77.126 44.196.77.126	14618 (AMAZON-AES) (AMAZON-AES)
4 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	107.23.203.136 107.23.203.136	14618 (AMAZON-AES) (AMAZON-AES)
71	21

41 198.50.167.39 (Canada)

ASN16276 (OVH, FR)
PTR: bhs-panel.01.heavyhost.com.br

villagereturn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.97.241.10 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 37-97-241-10.colo.transip.net

www.flagcounter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.137.232 (None, )

ASN13335 (CLOUDFLARENET, US)

discord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.75.171 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.101.120.10 (None, )

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.173 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.104.70 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-70.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.14.208.197 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-208-197.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.60 (None, )

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.113.3 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: falcon-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.223.252.212 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-223-252-212.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.104.77 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-77.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.104.81 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-81.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.196.77.126 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-77-126.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.203.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-203-136.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	villagereturn.com villagereturn.com	2 MB
6	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 1596	3 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	2 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1256 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	21 KB
4	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 30000 t.sharethis.com — Cisco Umbrella Rank: 7974	5 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 18487 ic.tynt.com — Cisco Umbrella Rank: 15045 de.tynt.com — Cisco Umbrella Rank: 2349	11 KB
3	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 6811	4 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3463	726 B
2	lijit.com pxdrop.lijit.com — Cisco Umbrella Rank: 6153	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
2	amung.us widgets.amung.us — Cisco Umbrella Rank: 19859 whos.amung.us — Cisco Umbrella Rank: 10888	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	89 KB
1	33across.com cdn-tc.33across.com — Cisco Umbrella Rank: 35993
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1219	464 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 7251	589 B
1	discord.com discord.com — Cisco Umbrella Rank: 1427
1	flagcounter.me www.flagcounter.me	7 KB
0	googleapis.com Failed fonts.googleapis.com Failed
71	18

	Domain	Requested by
41	villagereturn.com	villagereturn.com
6	ps.eyeota.net	4 redirects villagereturn.com
4	match.adsrvr.org	4 redirects
3	tags.crwdcntrl.net	t.dtscout.com tags.crwdcntrl.net
3	t.dtscout.com	widgets.amung.us t.dtscout.com
2	t.sharethis.com	pd.sharethis.com t.sharethis.com
2	pixel.onaudience.com	2 redirects
2	pd.sharethis.com	t.dtscout.com villagereturn.com
2	pxdrop.lijit.com	t.dtscout.com pxdrop.lijit.com
2	www.facebook.com	villagereturn.com connect.facebook.net
2	connect.facebook.net	villagereturn.com connect.facebook.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn-tc.33across.com	de.tynt.com
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	villagereturn.com
1	tags.bluekai.com	villagereturn.com
1	t.dtscdn.com	t.dtscout.com
1	cdn.tynt.com	widgets.amung.us
1	whos.amung.us	widgets.amung.us
1	widgets.amung.us	villagereturn.com
1	discord.com	villagereturn.com
1	www.flagcounter.me	villagereturn.com
0	fonts.googleapis.com Failed	client
71	23

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.facebook.com
www.flagcounter.me

Subject Issuer	Validity	Valid
*.villagereturn.com R10	`2024-07-23` - `2024-10-21`	3 months	crt.sh
flagcounter.me R10	`2024-06-15` - `2024-09-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-07` - `2024-08-05`	3 months	crt.sh
discord.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
amung.us WE1	`2024-07-07` - `2024-10-05`	3 months	crt.sh
dtscout.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
cert2-prod.aut.a24365.net R11	`2024-07-26` - `2024-10-24`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-21` - `2025-05-20`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com WE1	`2024-07-09` - `2024-10-07`	3 months	crt.sh
cert1-prod.aut.a24365.net R11	`2024-07-26` - `2024-10-24`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://villagereturn.com/
Frame ID: F08B25CC62B5F53F74999A570D046D14
Requests: 64 HTTP requests in this frame

Frame: https://discord.com/widget?id=437080413203202069&theme=dark
Frame ID: 6A56C1E4473A00811DE84C97C7D8D03A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/lineage2village&width=402&height=255&colorscheme=light&show_faces=true&border_color=%23E2E2E2&stream=false&header=false&appId=577018195656213
Frame ID: E00B17059AE9B5BD09D453E1B98BB022
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C30172218807568906EA290F5B6BEAB
Frame ID: 9D08051C3FA4825883F87D9FDE4F4118
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1466.786&cid=c026&cls=sync
Frame ID: EC4E244B81E63597B86EC8A3E2D68B2D
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1466.23394&cid=c010&cls=C
Frame ID: 98637FCA5C94650244704FAE4DC52690
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: C199BF1D9DE8A3E7A2C0340E21770941
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/page.php?app_id=577018195656213&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f2c1df458172ccc%26domain%3Dvillagereturn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvillagereturn.com%252Ff49e60cb89cbd9595%26relation%3Dparent.parent&container_width=496&height=214&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Flineage2village&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=false&width=496
Frame ID: 371719BC9B402B49740543DD31742B54
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: BD8B8CD4794FB2D21EFCD825D6E92651
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Village Return - Interlude

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
jquery\.prettyPhoto\.js

Page Statistics

71
Requests

94 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

21
IPs

5
Countries

1937 kB
Transfer

2401 kB
Size

71
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/59p7p3nerp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lineage2village
Title: facebook page!

Search URL Search Domain Scan URL

URL: https://www.flagcounter.me/details/eS5

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://pixel.onaudience.com/?partner=137085098&mapped=4C30172218807568906EA290F5B6BEAB HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=d035c2a28847c9dd

Request Chain 64

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=Vz%2FbJWamgSzMu3ZvOTP%2BOA%3D%3D&us_privacy=&33random=1722188076919.1&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=Vz%2FbJWamgSzMu3ZvOTP%2BOA%3D%3D&us_privacy=&33random=1722188076919.1&cat=33across HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=fd57826b-caa1-4268-ae26-b58af0b5295a&bid=1e2n4ou

Request Chain 65

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=Vz%2FbJWamgSzMu3ZvOTP%2BOA%3D%3D&us_privacy=&33random=1722188076919.3&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=Vz%2FbJWamgSzMu3ZvOTP%2BOA%3D%3D&us_privacy=&33random=1722188076919.3&cat=33across HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=6c855afa-5dec-4870-842b-652cc7f2b65b&bid=1e2n4ou

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
villagereturn.com/ 21 KB
6 KB 3127ms
2668ms Document
text/html 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx / PHP/7.4.33
Resource Hash: 82a4ba500b0f82acf96a7bb1ba00ef639ea7be4cafc58cc57012fa3985c103cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Jul 2024 17:34:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.33

GET
H/1.1 200
OK prettyPhoto.css
villagereturn.com/css/ 6 KB
1 KB 74ms
71ms Stylesheet
text/css 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/css/prettyPhoto.css
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: a26a64b388b452fb9cd3ff7148d90fe662ea1b6d9d0307828645e804c6592fdd

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:34 GMT
Content-Encoding: br
Last-Modified: Tue, 02 Aug 2016 19:12:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK global.css
villagereturn.com/css/ 27 KB
5 KB 133ms
57ms Stylesheet
text/css 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/css/global.css?1
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: f2c27d87b7826fa4e3780733ef2f4b5d2a7dbc9fdda6c2864d2c643ddfe8e918

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:34 GMT
Content-Encoding: br
Last-Modified: Sun, 21 Jul 2024 00:06:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
villagereturn.com/js/ 95 KB
32 KB 334ms
208ms Script
application/javascript 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/js/jquery-1.12.4.min.js
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:34 GMT
Content-Encoding: br
Last-Modified: Wed, 29 Nov 2023 01:23:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK global.js Show response
villagereturn.com/js/ 7 KB
2 KB 215ms
89ms Script
application/javascript 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/js/global.js?1
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 85de7db8be726a888a574a6a29609afff2a24eec4d788f57e482cca48a8de1d3

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:34 GMT
Content-Encoding: br
Last-Modified: Wed, 29 Nov 2023 01:25:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK c96447353107caf81f7244ff38e4feb1.jpg
villagereturn.com/imgs/banners/ 45 KB
45 KB 314ms
189ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/banners/c96447353107caf81f7244ff38e4feb1.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: da3317dc22080a10e06c3eeadc7cc723ad5b18d8c9b200aad3701af3eec9ece8

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:34 GMT
Last-Modified: Sun, 28 Jul 2024 06:40:10 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46139
Content-Type: image/jpeg

GET
H/1.1 200
OK soon.min.css
villagereturn.com/css/ 38 KB
4 KB 257ms
126ms Stylesheet
text/css 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/css/soon.min.css
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 080ded3bffb7fc8049d4464fd574ad415a33e2e76705db739445be8480ccdf90

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:34 GMT
Content-Encoding: br
Last-Modified: Sun, 21 Feb 2016 16:02:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK soon.min.js Show response
villagereturn.com/js/ 39 KB
11 KB 85ms
85ms Script
application/javascript 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/js/soon.min.js
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: be19a398e6865f376efa69efb053ec7dd0d10b4a0ebb044c3d36139f9a2b4247

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Content-Encoding: br
Last-Modified: Sat, 06 Feb 2016 12:13:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK 7ad4e22b364c5833db6eb41af1c88e19.jpg
villagereturn.com/imgs/news/ 10 KB
10 KB 71ms
71ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/news/7ad4e22b364c5833db6eb41af1c88e19.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: d6ae5231f149d296ae6c0509eacb083e0a92b549595a2d2c662a5189a6482c45

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Mon, 15 Jul 2024 20:14:06 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10046
Content-Type: image/jpeg

GET
H/1.1 200
OK 59766c7615fcc84c9ae8a77eaf067e04.jpg
villagereturn.com/imgs/news/ 11 KB
11 KB 50ms
49ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/news/59766c7615fcc84c9ae8a77eaf067e04.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 66d007713545992cc6046b36fdce45e68e34b1c1f5662401c31446a3654a983c

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 04 Oct 2023 17:32:58 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11284
Content-Type: image/jpeg

GET
H/1.1 200
OK 50b192bcf7b6b697354954781c00827e.jpg
villagereturn.com/imgs/news/ 10 KB
10 KB 71ms
68ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/news/50b192bcf7b6b697354954781c00827e.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 8c084e5500746896043a25e22700aa105e405d87c0a9aee260c8077752818e01

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Mon, 02 Oct 2023 22:14:18 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10047
Content-Type: image/jpeg

GET
H/1.1 200
OK 676d1f561f52b4e1c754fee0c6f40c8a.jpg
villagereturn.com/imgs/news/ 9 KB
10 KB 74ms
63ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/news/676d1f561f52b4e1c754fee0c6f40c8a.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 5d26e96ea7495fa0428e74ae5e35d1136996b064d8df82011a14d619dc5e52e2

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Mon, 02 Oct 2023 17:53:00 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9604
Content-Type: image/jpeg

GET
H/1.1 200
OK 53038bbbc45403356d8b77d9dc0c7528.jpg
villagereturn.com/imgs/news/ 10 KB
10 KB 74ms
74ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/news/53038bbbc45403356d8b77d9dc0c7528.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 3a97eec6171125653a6239bc96fa5ba712c6141b174697669d7064e131538d56

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Mon, 02 Oct 2023 18:02:32 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9980
Content-Type: image/jpeg

GET
H/1.1 200
OK d43fc1e7a1404cf8df66e0b61c188b1f.jpg
villagereturn.com/imgs/news/ 10 KB
10 KB 58ms
56ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/news/d43fc1e7a1404cf8df66e0b61c188b1f.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: ad22e5051132608789bee3258d53e09de2c7cfc2f7c7783c941529238a9cbb2d

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Mon, 02 Oct 2023 17:58:20 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10236
Content-Type: image/jpeg

GET
H/1.1 200
OK 6ba186665f5e488c574bacd045c68487.jpg
villagereturn.com/imgs/news/ 9 KB
10 KB 83ms
83ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/news/6ba186665f5e488c574bacd045c68487.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: c56e1968b1aaa3927f4222729a5fe20b722f4c4e942e76833e58577100549df3

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Mon, 02 Oct 2023 17:56:20 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9697
Content-Type: image/jpeg

GET
H/1.1 200
OK 28494294c09f70666630b4154043ccc4.jpg
villagereturn.com/imgs/news/ 11 KB
11 KB 90ms
89ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/news/28494294c09f70666630b4154043ccc4.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 58e7e418ab6da40ff19a81e9e3ef4a8017d89d55289e34668e3cfe009b874e00

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Mon, 02 Oct 2023 18:04:16 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10875
Content-Type: image/jpeg

GET
H/1.1 200
OK 9780d6e381c623d90ad278bf4c5d8b03.jpg
villagereturn.com/imgs/news/ 11 KB
11 KB 82ms
82ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/news/9780d6e381c623d90ad278bf4c5d8b03.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: cafa160c3bd131680383506432600bc71566d8c0880201f182cfb9dd5eedaf5e

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Mon, 02 Oct 2023 18:02:16 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11084
Content-Type: image/jpeg

GET
H/1.1 200
OK loader.gif
villagereturn.com/imgs/nm/ 15 KB
16 KB 86ms
85ms Image
image/gif 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/nm/loader.gif
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 9c5e00c0475c9e7b303922a2893fd52398a2404bde712c0eacb12927fed72228

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Thu, 16 Jul 2015 22:25:18 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15865
Content-Type: image/gif

GET
H/1.1 200
OK donatebutton_en.jpg
villagereturn.com/imgs/ 10 KB
10 KB 306ms
66ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/donatebutton_en.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 80ae1dc45b75a1a271623c9ef7f705d4ffa57aafc58953918973170138460d4a

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Fri, 15 May 2015 12:29:40 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9775
Content-Type: image/jpeg

GET
H2 200 /
www.flagcounter.me/eS5/ 7 KB
7 KB 961ms
133ms Image
image/png 37.97.241.10
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flagcounter.me/eS5/
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.97.241.10 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 37-97-241-10.colo.transip.net
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: bfeb3b20ba9ec342d7fdcdf505b473b920b1e5462aa06478c91920f64e59e3c6

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 17:34:36 GMT
server: nginx
x-powered-by: PHP/7.4.33, PleskLin
content-type: image/png

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
villagereturn.com/js/ 21 KB
6 KB 86ms
75ms Script
application/javascript 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/js/jquery.prettyPhoto.js
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 0b6996e8b32bcd1a7fba39a9af28aa26e5bb35e178635890adb5786e04052b4d

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Content-Encoding: br
Last-Modified: Wed, 15 Jul 2015 22:32:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.cookie.js Show response
villagereturn.com/js/ 4 KB
1 KB 71ms
60ms Script
application/javascript 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/js/jquery.cookie.js
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: bb44c4cb430b9c92806843d8c70840217565fc3d6f74a47e4c0486f368b4ad25

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Dec 2012 11:53:34 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
4 KB 641ms
42ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: villagereturn.com
URL: https://villagereturn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

379fa2f62be955ac487a7f813f8a6bc8f920b37ef3daa0fe6385775210119fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 Jul 2024 17:34:35 GMT
content-md5: G85kp39KnwUNYBqofqkXvA==
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=12, mss=1316, tbw=2799, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: QguN1AMgJYgYTYRd8wqZvcD3HlfBbQ0yrcVckRhIzw2WoVVDN4kd0KCc71mNbpRZCLKeE29mT/8KZrzCFY6r0w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7fb9f411d25be2d92150e9458adca95c
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "6b6576c334f69f345d15641c062811eb"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 28 Jul 2024 17:37:39 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H/1.1 200
OK background1.jpg
villagereturn.com/imgs/ 984 KB
984 KB 140ms
91ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/background1.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 8bc3fe82fa1b9659c2078976dace23f622c10f377a66a666e3143f813bb5aaba

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Fri, 13 Oct 2023 03:20:22 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1007903
Content-Type: image/jpeg

GET
H/1.1 200
OK background2.jpg
villagereturn.com/imgs/ 337 KB
337 KB 139ms
89ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/background2.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: cf312d1a99d8dc2e1f6a6040815681b6e2508ea5aa68073c1059a09abe396f76

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Fri, 13 Oct 2023 02:30:18 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 345097
Content-Type: image/jpeg

GET
H/1.1 200
OK new_top_bar.jpg
villagereturn.com/imgs/ 10 KB
10 KB 316ms
73ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/new_top_bar.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 0f32eea13f5bccef03595e391fb7e5b6ada9f777d66ce1a1ca7fff805c6b566c

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Sat, 15 Jul 2017 11:26:26 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9848
Content-Type: image/jpeg

GET
H/1.1 200
OK css_spritesPNG.png
villagereturn.com/imgs/ 50 KB
51 KB 387ms
170ms Image
image/png 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/css_spritesPNG.png
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 9ba707da1f9b931e32975ea6f31ec6ecad035c3b83dc7355ef8b2418c16c54ec

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Fri, 27 Feb 2015 13:30:54 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51509
Content-Type: image/png

GET
H/1.1 200
OK css_spritesJPG.jpg
villagereturn.com/imgs/ 32 KB
32 KB 311ms
48ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/css_spritesJPG.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 9606eaef759bc38c1e01cebb90f999f37fdf1d32bcebfa6061c014084f2d2671

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 01 Nov 2017 05:30:46 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32794
Content-Type: image/jpeg

GET
H/1.1 200
OK continuo1.jpg
villagereturn.com/imgs/ 1 KB
2 KB 213ms
54ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/continuo1.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 2493cf0739fdff231f00a73e6795c036953ec31e695d060f0c8d791cba38e870

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 25 Feb 2015 14:09:58 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1374
Content-Type: image/jpeg

GET
H/1.1 200
OK menu_EN_1200.jpg
villagereturn.com/imgs/ 95 KB
95 KB 158ms
109ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/menu_EN_1200.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 0a3bc22740ff890c5c91c45865bbbe02b3ec506493a122d86f1fc09e47b54c7c

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 01 Nov 2017 04:26:18 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97354
Content-Type: image/jpeg

GET
H/1.1 200
OK continuo5.jpg
villagereturn.com/imgs/ 1 KB
2 KB 59ms
54ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/continuo5.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 0dce21b600554140a38b6a87798d5808d55bfeb6926fbf15ea50fd0a8ca34fe4

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 25 Feb 2015 19:59:56 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1337
Content-Type: image/jpeg

GET
H/1.1 200
OK continuo2.jpg
villagereturn.com/imgs/ 1 KB
1 KB 156ms
89ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/continuo2.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 21188ec2f6077ec39c5cc94dc5089aa44c14bec8d3a5a5b028d1aab24a86a7ed

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 25 Feb 2015 19:59:38 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1311
Content-Type: image/jpeg

GET
H/1.1 200
OK continuo4.jpg
villagereturn.com/imgs/ 1 KB
2 KB 154ms
90ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/continuo4.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 3487cfbc5cad042aa2dfac06d68796acd8c818e4c74addeaab18c6ae8dc31886

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 25 Feb 2015 16:44:30 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1424
Content-Type: image/jpeg

GET
H/1.1 200
OK continuo3.png
villagereturn.com/imgs/ 984 B
1 KB 167ms
101ms Image
image/png 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/continuo3.png
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: a93773aabfd438bda009d4b023cd09838dd220976ab189da945042bdccff4353

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 25 Feb 2015 16:42:52 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 984
Content-Type: image/png

GET
H/1.1 200
OK borders.png
villagereturn.com/imgs/ 14 KB
15 KB 454ms
141ms Image
image/png 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/borders.png
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: afb05c8c7740cc08eab340787e6d3e6828b62a23fbbb24d71a1940272f03c5cc

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 01 Nov 2017 04:44:12 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14760
Content-Type: image/png

GET
H/1.1 200
OK ini_e_end.jpg
villagereturn.com/imgs/ 5 KB
5 KB 311ms
77ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/ini_e_end.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: e7d7124548c4df584e61c7f387a98495579902d6159e96fcffb92d0f9392fac4

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 25 Feb 2015 16:50:28 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5183
Content-Type: image/jpeg

GET
H/1.1 200
OK main_repeat.jpg
villagereturn.com/imgs/ 8 KB
8 KB 237ms
79ms Image
image/jpeg 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/main_repeat.jpg
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 3b92ff14072ef61d027ca3ba06ca39a28c8b30d874f5ef0d625cfe32a764018a

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 08 Nov 2017 03:01:36 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7922
Content-Type: image/jpeg

GET
H/1.1 200
OK separator_big.png
villagereturn.com/imgs/ 1 KB
1 KB 386ms
63ms Image
image/png 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/separator_big.png
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: d3d913ae9efc64ab4daf3db8cf900dd5dca38d9554ea6db7914540b0b19a5d23

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 25 Feb 2015 17:01:04 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1057
Content-Type: image/png

GET
H/1.1 200
OK deco_title.png
villagereturn.com/imgs/ 4 KB
4 KB 231ms
60ms Image
image/png 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/deco_title.png
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 5c8e63c24630c1a6870b75ea416e5d6e63c9950086961dec67655b79b6d3cf1e

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 25 Feb 2015 16:51:46 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3619
Content-Type: image/png

GET
H3 200 widget
discord.com/ Frame 6A56 0
0 191ms
47ms Document
text/html 162.159.137.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/widget?id=437080413203202069&theme=dark

Requested by

Host: villagereturn.com
URL: https://villagereturn.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.137.232 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://villagereturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8aa69ef16a20aab6-YYZ
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jul 2024 17:34:35 GMT
last-modified: Thu, 05 Oct 2023 23:01:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ibtc7PwalR0BRjrLYTtK4o5umZURwOM7mOY5W1gI%2B6CDLbRCcOznzCdINL22Cqp8aoCzbUBcqWnhSc2lpP%2BsmT4v7txLAjvdPx2LS1wqRHH6LewGvJlJUCM%2Fl0Gj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-build-id: 8688a61c63e65df22fb849a73b303b75a3bca43d
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 classic.js Show response
widgets.amung.us/ 13 KB
7 KB 492ms
36ms Script
application/x-javascript 104.22.75.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/classic.js
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.75.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 17:34:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:40 GMT
server: cloudflare
age: 1025
etag: W/"63c0412c-32c5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8aa69ef0cd3439f0-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Jul 2024 17:17:30 GMT

GET
H/1.1 200
OK separator.png
villagereturn.com/imgs/ 1 KB
1 KB 365ms
61ms Image
image/png 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/separator.png
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: f97323f5f612fce17b933c6b89b2563161f4c8adbd6396c897cbe949b3fa2be4

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Wed, 25 Feb 2015 16:57:18 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1066
Content-Type: image/png

GET
H2 200 likebox.php
www.facebook.com/plugins/ Frame E00B 0
0 572ms
471ms Document
text/html 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/lineage2village&width=402&height=255&colorscheme=light&show_faces=true&border_color=%23E2E2E2&stream=false&header=false&appId=577018195656213

Requested by

Host: villagereturn.com
URL: https://villagereturn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://villagereturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jul 2024 17:34:36 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7396741461023819606"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7396741461023819606", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2769, tp=-1, tpl=-1, uplat=420, ullat=0
x-fb-debug: 5ktL+JwP4+q/rneEaNOo9ExhlhqDG0WB20zirQvRDuxnM3HsksaVwVqoh1hwImlc92IZeBDxe7vYp2Fgeu+Afg==
x-fb-server-load: 26
x-xss-protection: 0

GET
H2 200 / Show response
t.dtscout.com/i/ 8 KB
4 KB 181ms
65ms Script
application/javascript 141.101.120.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fvillagereturn.com%2F&j=
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 981e3a52834f5b7d33639c1e2992f22aed020d38da597c3bdf95e2d59d7bcecb

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 17:34:35 GMT
x-t: 0.221
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sm%2FVjlwEPw%2BSRW6Jhdy3k%2F24C%2FtdLdw1jwAvCF6YnB0I2FgJpD3wCGZ%2F2Rt5rta6QhgeoI7fk%2FKgRb3cTEInwwymtZi2u6r1jzn5sjYPF0Qs1FM5qzV3ZKhdkcY8Z0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl3
cf-ray: 8aa69ef1ef8236fe-YYZ
expires: Sun, 28 Jul 2024 17:34:34 GMT

GET
H3 200 / Show response
whos.amung.us/pingjs/ 30 B
178 B 71ms
53ms Script
text/javascript 104.22.75.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=h3b3kpnwzom1&t=Village%20Return%20-%20Interlude&c=c&x=https%3A%2F%2Fvillagereturn.com%2F&y=&a=0&d=4.119&v=27&r=5524
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.75.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dba3a260ff0091d786ee84c7030028d53efba49cc91bef847a3b18e237928e93

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 17:34:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8aa69ef16dba39f0-YYZ
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK fanbg.png
villagereturn.com/imgs/nm/ 95 B
303 B 63ms
62ms Image
image/png 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/nm/fanbg.png
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 2459d6c8b93ed9057696fc816e6d9930e7796c814e8e71882ac963688c5a79f5

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Mon, 10 Dec 2012 12:04:46 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95
Content-Type: image/png

GET
H/1.1 200
OK fanclose.png
villagereturn.com/imgs/nm/ 3 KB
4 KB 60ms
59ms Image
image/png 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://villagereturn.com/imgs/nm/fanclose.png
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/css/global.css?1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: fbd264de9fafc7ef7a2a52ad7439ae5b07f263fd182abdef1deab71a07146082

Request headers

Referer: https://villagereturn.com/css/global.css?1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:35 GMT
Last-Modified: Sun, 24 Jul 2016 12:25:40 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3454
Content-Type: image/png

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 299 KB
86 KB 109ms
51ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=fca69d593c839ee33a33a9a24af14efa

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

49735c5110698f8cd8a1bff14e0803d0144863467e6dfcd3c86d49731f192bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://villagereturn.com/
Origin: https://villagereturn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 Jul 2024 17:34:35 GMT
content-md5: RvdgSBmwIyoZInDr9edG2w==
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87650
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4327, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: aNk21T6JFcIVw08poqZFljWTgh3ANJ3uw/CZYhbwkXDgAqDOpF3PUAgwzcLimoUMJwy6SRwpqog8tRH6HuUV0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 12b4bd5928c25e34d3c36fe9a09674f0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "30430a4b913825df51a024d03da11cbd"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 28 Jul 2025 15:47:52 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 26 KB
9 KB 475ms
355ms Script
application/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.173 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 17:34:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:09:06 GMT
server: cloudflare
age: 8243
etag: W/"651ed192-66a6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8aa69ef47f54ab9a-YYZ
expires: Wed, 31 Jul 2024 17:34:36 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 /
t.dtscout.com/idg/ Frame 9D08 0
0 188ms
120ms Document
text/html 141.101.120.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=4C30172218807568906EA290F5B6BEAB
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fvillagereturn.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://villagereturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8aa69ef318b736cc-YYZ
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 28 Jul 2024 17:34:36 GMT
expires: Sun, 28 Jul 2024 17:34:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZLdhlO68pHvtVg3xur68rK5Oguog1pDzQIz2VrEG24a1byYOXh%2FMK4vrvkojyub91hxZ%2FMYY4M9NqQYf%2FjHX9Pq1p8F3URf5NYSERuiTHAGEH814XGyXJi7%2FJSdRo0Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK t.dhj Show response
pxdrop.lijit.com/1/d/ 2 KB
2 KB 439ms
49ms Script
application/javascript 23.48.104.70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=villagereturn.com&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=

Requested by

Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fvillagereturn.com%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.104.70 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-104-70.deploy.static.akamaitechnologies.com

Software

Resource Hash

3509aa114acfa3f9ef05a52b3917bfe7500be8e74e5be5b792c30a29fd1114b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1396
Expires: Sun, 28 Jul 2024 18:34:36 GMT

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 517ms
59ms Script
application/javascript 3.14.208.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fvillagereturn.com%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.14.208.197 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-14-208-197.us-east-2.compute.amazonaws.com

Software

Resource Hash

ad8f8cd6691d27b2351f7b2e0fd8523117407a6b4661c28532fbc524136c929b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
326 B 62ms
58ms Script
application/javascript 141.101.120.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=villagereturn.com&_ss=wu1lgf680a&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=4jj1&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fvillagereturn.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5a403a0fbc1141f211b8bef5edb29fd93cb49a45db1f2511070e77d0a845ba7

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 17:34:35 GMT
x-t: 0.132
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cBGQchVbMqaFOL3n2ywGg8TnbPcphIDrO7VaP7%2Bsal7ynGHSuJX0AQWq8KTfIbcexSapiU0e%2FCCqyzhxbNnX2rxTVIgqEHtaIdEitaCgOEVwc5MBzHq0SSo6v8WyUdM%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8aa69ef26fe836fe-YYZ
expires: Sun, 28 Jul 2024 17:34:34 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 61 KB
19 KB 142ms
53ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fvillagereturn.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb487c970b6a254eab7ea2ef8c3392d91856ea1c7192e80c52c512acec38c9aa

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 19:35:07 GMT
content-encoding: gzip
via: 1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jul 2024 18:07:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 79170
x-amz-server-side-encryption: AES256
etag: W/"6d5f005a10a94879ca0081a13ed411b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: sX4JPF70M7zeRk-qlb8l2Vr-BZ9KZ6oywsozj_bKbw-R1LKtcFlCJA==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
589 B 152ms
76ms Script
application/javascript 104.26.13.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=4C30172218807568906EA290F5B6BEAB&nid=0&p=2114454483&t=420&s=1600x1200x24&u=https%3A%2F%2Fvillagereturn.com%2F&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fvillagereturn.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 17:34:36 GMT
x-t: 2.45
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9P7DPz5Fn%2BzupMKAUTQIeRE4tvJhDtkP%2BxZ5S2cXygRvjSCD2plRCWQtNledWOexIOH%2F%2BdpBj7jfQJcrc1Ri4OV5zJfy1TQALV3V3jq97jN0Q5H0sedDvwpjxDkCGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 8aa69ef45f41b402-YYZ
expires: Sun, 28 Jul 2024 17:25:07 GMT

GET
H2

200

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=4C30172218807568906EA290F5B6BEAB
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=d035c2a28847c9dd

62 B
464 B

699ms
565ms

Image
image/gif

23.223.252.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=d035c2a28847c9dd
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: H2
Server: 23.223.252.212 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-223-252-212.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 28 Jul 2024 17:34:37 GMT
content-length: 62
x-request-id: a9ffa98fde224b8e5c79b80f7bda39db
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=d035c2a28847c9dd
content-length: 0

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 313ms
37ms Image
image/gif 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!h3b3kpnwzom1&lm=0&ts=1722188076342&dn=TC&iso=0&pu=https%3A%2F%2Fvillagereturn.com%2F&t=Village%20Return%20-%20Interlude&chmob=0
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 17:34:36 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1 200
OK t_.htm
pxdrop.lijit.com/a/ Frame EC4E 0
0 171ms
44ms Document
text/html 23.48.104.70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.1466.786&cid=c026&cls=sync
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=villagereturn.com&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.104.70 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-70.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://villagereturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1174
Content-Type: text/html
Date: Sun, 28 Jul 2024 17:34:36 GMT
Expires: Sun, 04 Aug 2024 17:34:36 GMT
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/k/ 2 KB
2 KB 249ms
50ms Script
application/javascript 23.48.104.77
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.639248338475926&stid=ZGAACmamgSwAAAAINkX2Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.104.77 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-104-77.deploy.static.akamaitechnologies.com

Software

Resource Hash

a4f75591bf170273d05ce80f6b9cfb1c8462c6336623b40126251331605eb267

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1383
Expires: Sun, 28 Jul 2024 18:34:36 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 54ms
53ms Image
image/gif 3.14.208.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvillagereturn.com%2F&event_source=dtscout&rnd=0.639248338475926&exptid=ZGAACmamgSwAAAAINkX2Aw%3D%3D&fcmp=false

Requested by

Host: villagereturn.com
URL: https://villagereturn.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.14.208.197 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-14-208-197.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 v2 Show response
de.tynt.com/deb/ 819 B
2 KB 361ms
47ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!h3b3kpnwzom1&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fvillagereturn.com%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 0f96a1e3511e4d0b0d9e7a450f783ee4b2ad7ff402cefd9a0db491747e0381fa

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Sun, 28 Jul 2024 17:34:36 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 819
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK t_.htm
t.sharethis.com/a/ Frame 9863 0
0 298ms
61ms Document
text/html 23.48.104.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1466.23394&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.639248338475926&stid=ZGAACmamgSwAAAAINkX2Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.104.81 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-104-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://villagereturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1174
Content-Type: text/html
Date: Sun, 28 Jul 2024 17:34:36 GMT
Expires: Sun, 04 Aug 2024 17:34:36 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 lotame-sync.html
cdn-tc.33across.com/ Frame C199 0
0 301ms
50ms Document
text/html 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!h3b3kpnwzom1&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fvillagereturn.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://villagereturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 32244
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 8aa69efac84836c3-YYZ
content-encoding: gzip
content-type: text/html
date: Sun, 28 Jul 2024 17:34:37 GMT
etag: W/"651ed192-157"
expires: Wed, 31 Jul 2024 17:34:37 GMT
last-modified: Thu, 05 Oct 2023 15:09:06 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=Vz%2FbJWamgSzMu3ZvOTP%2BOA%3D%3D&us_privacy=&33random=1722188076919.1&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=Vz%2FbJWamgSzMu3ZvOTP%2BOA%3D%3D&us_privacy=&33random=1722188076919.1&cat=33across
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=fd57826b-caa1-4268-ae26-b58af0b5295a&bid=1e2n4ou

70 B
440 B

48ms
47ms

Image
image/gif

44.196.77.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=fd57826b-caa1-4268-ae26-b58af0b5295a&bid=1e2n4ou
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Server: 44.196.77.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-77-126.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 28 Jul 2024 17:34:37 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=fd57826b-caa1-4268-ae26-b58af0b5295a&bid=1e2n4ou
date: Sun, 28 Jul 2024 17:34:37 GMT
server: Kestrel
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=Vz%2FbJWamgSzMu3ZvOTP%2BOA%3D%3D&us_privacy=&33random=1722188076919.3&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=Vz%2FbJWamgSzMu3ZvOTP%2BOA%3D%3D&us_privacy=&33random=1722188076919.3&cat=33across
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=6c855afa-5dec-4870-842b-652cc7f2b65b&bid=1e2n4ou

70 B
440 B

51ms
46ms

Image
image/gif

44.196.77.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=6c855afa-5dec-4870-842b-652cc7f2b65b&bid=1e2n4ou
Requested by: Host: villagereturn.com
URL: https://villagereturn.com/
Protocol: HTTP/1.1
Server: 44.196.77.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-77-126.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 28 Jul 2024 17:34:37 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=6c855afa-5dec-4870-842b-652cc7f2b65b&bid=1e2n4ou
date: Sun, 28 Jul 2024 17:34:37 GMT
server: Kestrel
content-length: 191

GET
H3 200 page.php
www.facebook.com/v2.7/plugins/ Frame 3717 0
0 640ms
639ms Document
text/html 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.7/plugins/page.php?app_id=577018195656213&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f2c1df458172ccc%26domain%3Dvillagereturn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvillagereturn.com%252Ff49e60cb89cbd9595%26relation%3Dparent.parent&container_width=496&height=214&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Flineage2village&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=false&width=496

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=fca69d593c839ee33a33a9a24af14efa

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://villagereturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jul 2024 17:34:38 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7396741473867261687"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7396741473867261687", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=40, mss=1232, tbw=31923, tp=42, tpl=0, uplat=595, ullat=0
x-fb-debug: 8Od4wqG16ccFO0Ub2/uKxP79tnBqX/kO+vSNd8oMHQ3umTmcGX4EkEJlH7AtjeeT+k8nAnSffMTztWSJLCz4Dw==
x-fb-server-load: 27
x-xss-protection: 0

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 188ms
92ms XHR
application/json 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jul 2024 17:34:39 GMT
content-encoding: gzip
via: 1.1 3155a44b32f22cf1d72a9a7b7439a6e2.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jul 2024 18:07:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: IgqV2QoWg9KO6TSKcEHTaUzqkk1kkU1dW8UI6BbyBmGiwJhZXkTIxA==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 528 B
1 KB 709ms
112ms XHR
application/json 107.23.203.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.203.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-203-136.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 33594a9666f87c63fc54cd84159fc1d12c6f219e881055ad60e706ec2366f840

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Jul 2024 17:34:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://villagereturn.com
cache-control: no-cache
x-server: 10.40.51.63
access-control-allow-credentials: true
content-length: 528
expires: 0

GET
H2 200 lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame BD8B 0
0 40ms
40ms Document
text/html 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://villagereturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 79172
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Sat, 27 Jul 2024 19:35:08 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
x-amz-cf-id: I86as8pn0OlqKjpcM35QS5OUMVKddpW6fc9SiKMYSigxkTqqwuuCAA==
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1 200
OK favicon.ico
villagereturn.com/imgs/ 1 KB
1 KB 45ms
44ms Other
image/x-icon 198.50.167.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://villagereturn.com/imgs/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.50.167.39 , Canada, ASN16276 (OVH, FR),
Reverse DNS: bhs-panel.01.heavyhost.com.br
Software: nginx /
Resource Hash: 325dc5a627f51b0e8ddf21a22f9d3341e4e6b50755b288d89c56fe083be336bf

Request headers

Referer: https://villagereturn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 28 Jul 2024 17:34:42 GMT
Content-Encoding: br
Last-Modified: Sat, 23 Sep 2023 04:40:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/x-icon

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Quicksand

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
villagereturn.com/	1969-12-31 23:59:59	Name: 697b9d9f9fb3b3b910fad6dda8b1a3b5 Value: 7761f7500bc65dd011a38a42b23ae6d9
villagereturn.com/	1970-01-20 23:06:20	Name: atualstudio_language Value: en
villagereturn.com/	1970-01-20 22:24:34	Name: atualstudioPopup Value: yes
.discord.com/	1969-12-31 23:59:59	Name: __cfruid Value: 6aa24c93288b5a96c350710248710b2e185db0de-1722188075
.discord.com/	1969-12-31 23:59:59	Name: _cfuvid Value: TPm_qd1FhXZx8gdnPx7PamOzNjcPmOqqa9fuVzApVcg-1722188075829-0.0.1.1-604800000
.dtscout.com/	1970-01-20 22:23:13	Name: m Value: 1
.dtscout.com/	1970-01-20 22:23:11	Name: st Value: 1
.dtscout.com/	1970-01-21 00:47:08	Name: df Value: 1722188075
.dtscout.com/	1970-01-21 00:31:17	Name: l Value: 4C30172218807568906EA290F5B6BEAB
.villagereturn.com/	1970-01-21 00:28:24	Name: __dtsu Value: 4C30172218807568906EA290F5B6BEAB
.dtscdn.com/	1970-01-21 02:40:53	Name: uid Value: 4C30172218807568906EA290F5B6BEAB
.lijit.com/	1970-01-20 22:24:34	Name: lijitAcc3PC Value: 1
.sharethis.com/	1970-01-21 07:08:44	Name: __stid Value: ZGAACmamgSwAAAAINkX2Aw==
.sharethis.com/	1970-01-21 07:08:44	Name: __stidv Value: 2
.onaudience.com/	1970-01-21 07:08:44	Name: cookie Value: 11b4f561f3ca93a1
.onaudience.com/	1970-01-20 22:24:34	Name: done_redirects109 Value: 1
.tynt.com/	1970-01-21 07:08:44	Name: uid Value: Vz/bJWamgSzMu3ZvOTP+OA==
.tynt.com/	1970-01-21 00:32:44	Name: pids Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1722188076919%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1722188076919%7D%5D
.discord.com/	1970-01-21 07:08:44	Name: cf_clearance Value: 2Ra3JrS1DlNbo.Y7BbCFGVlzpK50QwCt2naVEE6r9Nk-1722188077-1.0.1.1-RqbxSMFBRdxJkK9c0NLQsM_dU5JRANoXImq1qyspO8cplkSeGcr4K7KcATC5wJ8VULwiJd46CEsWUbZwUHXQcQ
.t.sharethis.com/	1970-01-20 22:43:17	Name: pxcelPage_default_c010_C Value: 1_0_1722188077217
.exelator.com/	1970-01-21 01:15:56	Name: EE Value: "927ec54038fc370032453a9032638951"
.ml314.com/	1970-01-21 07:08:44	Name: pi Value: 3645896182392160280
.exelator.com/	1970-01-21 01:15:56	Name: ud Value: "eJxrXxzq6XKLQcHSyDw12dTEwNgiLdnY3MDA2MjE1DjREkibGVtYmhouLkstWrC0tDg1JenQkoqckpym1WXxoY7xbo6%252Bnj6Ry5wzivJzU1eAhcJcgxYbGpktyS%252FKTF%252Fk7Li4KCWNYVFJ8angE7UmADRqKLs%253D"
.bluekai.com/	1970-01-21 02:48:05	Name: bku Value: 5RW99YtOoZRVe9XP
.bluekai.com/	1970-01-21 02:48:05	Name: bkpa Value: KJy9/9e4d02pSUHknp1p1Exhw0jojeNA1e1NRpJC1MQTBe5MmVHA9yYElxMi
.eyeota.net/	1970-01-21 07:08:44	Name: mako_uid Value: 190fa689a59-21010000010a4b23
.eyeota.net/	1970-01-20 22:23:08	Name: SERVERID Value: 19235~DM
.rlcdn.com/	1970-01-21 07:08:44	Name: rlas3 Value: Kco19C/+E8ZFVhEp+brHPUSKqOYVSAWuP3nxCuHw9tw=
.rlcdn.com/	1970-01-20 23:49:32	Name: pxrc Value: CK2CmrUGEgUI6AcQABIFCNtOEAA=
.adsrvr.org/	1970-01-21 07:08:44	Name: TDID Value: ac515460-c343-462a-848f-dbbc33e9905b
.crwdcntrl.net/	1970-01-21 04:51:54	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 04:51:54	Name: _cc_id Value: 532a9ba2d2b8a19a6be001ce22fa66f2
.crwdcntrl.net/	1970-01-21 04:51:56	Name: _cc_cc Value: "ACZ4nGNQMDU2SrRMSjRKMUqySDS0TDRLSjUwMExONTJKSzQzSzNiAIK0ZY36DHDAfe7oIWbGj7IM%2FxkZGZb%2FKYQxb5x6xAZjX0JiP3nxURfGPrx4DguMvWvdU24Y%2B3rXVBMYe%2FIJdRjzPJLynxunwNkAqJQ6ZA%3D%3D"
.crwdcntrl.net/	1970-01-21 04:51:56	Name: _cc_aud Value: "ABR4nGNgYGBIW9aozwADzAwMXDPArEWtIJLxYT2QBABaDATq"
.villagereturn.com/	1970-01-21 04:51:56	Name: _cc_id Value: 532a9ba2d2b8a19a6be001ce22fa66f2
.villagereturn.com/	1970-01-21 04:51:56	Name: _cc_cc Value: ACZ4nGNQMDU2SrRMSjRKMUqySDS0TDRLSjUwMExONTJKSzQzSzNiAIK0ZY36DHDAfe7oIWbGj7IM%2FxkZGZb%2FKYQxb5x6xAZjX0JiP3nxURfGPrx4DguMvWvdU24Y%2B3rXVBMYe%2FIJdRjzPJLynxunwNkAqJQ6ZA%3D%3D
.villagereturn.com/	1970-01-21 04:51:56	Name: _cc_aud Value: ABR4nGNgYGBIW9aozwADzAwMXDPArEWtIJLxYT2QBABaDATq
.villagereturn.com/	1970-01-20 22:24:34	Name: panoramaId_expiry Value: 1722274479054
.rubiconproject.com/	1970-01-21 07:08:44	Name: audit_p Value: 1\|N3q25adRWlU/+QquPtrD231NbmCQ9Ch7jPA2kZ/quSPsf3zahXrs4ffXhMtRsp5IddP2HLg0M9/yUhTWCqUS/D1eMj+H8dOHmLa1SzrMtAps2tX6mI9AEo7efRRNW8/h+URrjHw7EwCJuK3eIvBJZ2Dw8Z8vTu4Tk50LKQzdh9Q=
.rubiconproject.com/	1970-01-21 07:08:44	Name: khaos Value: LZ5UBEXI-H-66SR
.rubiconproject.com/	1970-01-21 07:08:44	Name: khaos_p Value: LZ5UBEXI-H-66SR
.rubiconproject.com/	1970-01-21 07:08:44	Name: audit Value: 1\|N3q25adRWlU/+QquPtrD231NbmCQ9Ch7jPA2kZ/quSPsf3zahXrs4ffXhMtRsp5IddP2HLg0M9/yUhTWCqUS/D1eMj+H8dOHmLa1SzrMtAps2tX6mI9AEo7efRRNW8/h+URrjHw7EwCJuK3eIvBJZ2Dw8Z8vTu4Tk50LKQzdh9Q=
.adnxs.com/	1970-01-21 07:59:08	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 07:59:08	Name: IDE Value: AHWqTUliQvz8kgZ3LJ_Ywuj064go1PT0AaV0oXUKSzjJOznktxBtY5Ek8PbpsnG03LA
.amazon-adsystem.com/	1970-01-21 04:18:48	Name: ad-id Value: A5y2PKaRnURaoCQpwhd0kGQ
.amazon-adsystem.com/	1970-01-21 07:59:08	Name: ad-privacy Value: 0
.tapad.com/	1970-01-20 23:49:32	Name: TapAd_TS Value: 1722188080118
.tapad.com/	1970-01-20 23:49:32	Name: TapAd_DID Value: 48e6d0f0-8798-4332-b26f-3e9076cf2ca6
.smartadserver.com/	1970-01-21 07:08:44	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 07:08:44	Name: pbw Value: %24b%3d16999%3b%24o%3d99999
.pubmatic.com/	1970-01-20 22:24:34	Name: KTPCACOOKIE Value: YES
.smartadserver.com/	1970-01-21 07:08:44	Name: pid Value: 3400701431382400611
.truoptik.com/	1970-01-21 07:08:44	Name: to_master_s Value: 4f80a06532b5dc551a7c7f5ca627ad7c
.truoptik.com/	1970-01-21 07:08:44	Name: to_version_s Value: b2
.pubmatic.com/	1970-01-21 07:08:44	Name: KADUSERCOOKIE Value: F284C305-E039-4232-A465-4A98A64ED522
.adsrvr.org/	1970-01-21 07:08:44	Name: TDCPM Value: CAESFAoFdGFwYWQSCwi46LT5ss2XPRAFGAEgASgCMgsI9t23psnNlz0QBTgBWgV0YXBhZGAC
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 43
sync.srv.stackadapt.com/	1970-01-21 07:08:44	Name: sa-user-id Value: s%3A0-eaba7a2f-4acf-5173-4b2c-6c77719b90b2.SEgIAcF90X8MmfoQtHZ6tMTbQkxEZTtv5n1g8JtCRgs
.srv.stackadapt.com/	1970-01-21 07:08:44	Name: sa-user-id Value: s%3A0-eaba7a2f-4acf-5173-4b2c-6c77719b90b2.SEgIAcF90X8MmfoQtHZ6tMTbQkxEZTtv5n1g8JtCRgs
sync.srv.stackadapt.com/	1970-01-21 07:08:44	Name: sa-user-id-v2 Value: s%3A6rp6L0rPUXNLLGx3cZuQspVYEPQ.%2BZ4Cor4c%2BlChOwsIysKWHIHLXixWFIJSaHXGidU8e7A
.srv.stackadapt.com/	1970-01-21 07:08:44	Name: sa-user-id-v2 Value: s%3A6rp6L0rPUXNLLGx3cZuQspVYEPQ.%2BZ4Cor4c%2BlChOwsIysKWHIHLXixWFIJSaHXGidU8e7A
sync.srv.stackadapt.com/	1970-01-21 07:08:44	Name: sa-user-id-v3 Value: s%3AAQAKIN_hn1bSj_grmm7iaBlwYiowoRc_tU-Jksl_GVkm86XwEGcYBCCwgpq1BjABOgTwTC9rQgQpk6UV.V8XihESAMX3uLR9l3TdG3TTrxbdeiNRZNjKukh2Jw6g
.srv.stackadapt.com/	1970-01-21 07:08:44	Name: sa-user-id-v3 Value: s%3AAQAKIN_hn1bSj_grmm7iaBlwYiowoRc_tU-Jksl_GVkm86XwEGcYBCCwgpq1BjABOgTwTC9rQgQpk6UV.V8XihESAMX3uLR9l3TdG3TTrxbdeiNRZNjKukh2Jw6g
.turn.com/	1970-01-21 02:42:20	Name: uid Value: 8636442686567782988
.tapad.com/	1970-01-20 23:49:32	Name: TapAd_3WAY_SYNCS Value: 1!5057
.demdex.net/	1970-01-21 02:42:20	Name: demdex Value: 56276365904042598023503071138316151289
.c.cintnetworks.com/	1970-01-20 22:23:11	Name: TiPMix Value: 23.36514827742553
.c.cintnetworks.com/	1970-01-20 22:23:11	Name: x-ms-routing-name Value: self
.sitescout.com/	1970-01-21 07:08:44	Name: ssi Value: d127741e-c235-4f44-b96c-8ed683b9fe62#1722188080643
.dpm.demdex.net/	1970-01-21 02:42:20	Name: dpm Value: 56276365904042598023503071138316151289
.sitescout.com/	1970-01-20 23:06:20	Name: _ssuma Value: eyI3IjoxNzIyMTg4MDgwNjk2fQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://villagereturn.com/(Line 186) Message: Mixed Content: The page at 'https://villagereturn.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Quicksand'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
cdn-tc.33across.com
cdn.tynt.com
connect.facebook.net
de.tynt.com
discord.com
fonts.googleapis.com
ic.tynt.com
match.adsrvr.org
pd.sharethis.com
pixel.onaudience.com
ps.eyeota.net
pxdrop.lijit.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bluekai.com
tags.crwdcntrl.net
villagereturn.com
whos.amung.us
widgets.amung.us
www.facebook.com
www.flagcounter.me
fonts.googleapis.com
104.18.35.167
104.22.75.171
104.26.13.60
107.23.203.136
108.138.128.46
141.101.120.10
157.240.229.1
157.240.229.35
162.159.137.232
172.64.153.173
198.50.167.39
23.223.252.212
23.48.104.70
23.48.104.77
23.48.104.81
3.14.208.197
35.71.131.137
37.97.241.10
44.196.77.126
54.38.113.3
67.202.105.31
67.202.105.33
080ded3bffb7fc8049d4464fd574ad415a33e2e76705db739445be8480ccdf90
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
0a3bc22740ff890c5c91c45865bbbe02b3ec506493a122d86f1fc09e47b54c7c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b6996e8b32bcd1a7fba39a9af28aa26e5bb35e178635890adb5786e04052b4d
0dce21b600554140a38b6a87798d5808d55bfeb6926fbf15ea50fd0a8ca34fe4
0f32eea13f5bccef03595e391fb7e5b6ada9f777d66ce1a1ca7fff805c6b566c
0f96a1e3511e4d0b0d9e7a450f783ee4b2ad7ff402cefd9a0db491747e0381fa
21188ec2f6077ec39c5cc94dc5089aa44c14bec8d3a5a5b028d1aab24a86a7ed
2459d6c8b93ed9057696fc816e6d9930e7796c814e8e71882ac963688c5a79f5
2493cf0739fdff231f00a73e6795c036953ec31e695d060f0c8d791cba38e870
325dc5a627f51b0e8ddf21a22f9d3341e4e6b50755b288d89c56fe083be336bf
33594a9666f87c63fc54cd84159fc1d12c6f219e881055ad60e706ec2366f840
3487cfbc5cad042aa2dfac06d68796acd8c818e4c74addeaab18c6ae8dc31886
3509aa114acfa3f9ef05a52b3917bfe7500be8e74e5be5b792c30a29fd1114b1
379fa2f62be955ac487a7f813f8a6bc8f920b37ef3daa0fe6385775210119fc2
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3a97eec6171125653a6239bc96fa5ba712c6141b174697669d7064e131538d56
3b92ff14072ef61d027ca3ba06ca39a28c8b30d874f5ef0d625cfe32a764018a
49735c5110698f8cd8a1bff14e0803d0144863467e6dfcd3c86d49731f192bcf
58e7e418ab6da40ff19a81e9e3ef4a8017d89d55289e34668e3cfe009b874e00
5c8e63c24630c1a6870b75ea416e5d6e63c9950086961dec67655b79b6d3cf1e
5d26e96ea7495fa0428e74ae5e35d1136996b064d8df82011a14d619dc5e52e2
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d007713545992cc6046b36fdce45e68e34b1c1f5662401c31446a3654a983c
80ae1dc45b75a1a271623c9ef7f705d4ffa57aafc58953918973170138460d4a
82a4ba500b0f82acf96a7bb1ba00ef639ea7be4cafc58cc57012fa3985c103cb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab
85de7db8be726a888a574a6a29609afff2a24eec4d788f57e482cca48a8de1d3
8bc3fe82fa1b9659c2078976dace23f622c10f377a66a666e3143f813bb5aaba
8c084e5500746896043a25e22700aa105e405d87c0a9aee260c8077752818e01
9606eaef759bc38c1e01cebb90f999f37fdf1d32bcebfa6061c014084f2d2671
981e3a52834f5b7d33639c1e2992f22aed020d38da597c3bdf95e2d59d7bcecb
9ba707da1f9b931e32975ea6f31ec6ecad035c3b83dc7355ef8b2418c16c54ec
9c5e00c0475c9e7b303922a2893fd52398a2404bde712c0eacb12927fed72228
a26a64b388b452fb9cd3ff7148d90fe662ea1b6d9d0307828645e804c6592fdd
a4f75591bf170273d05ce80f6b9cfb1c8462c6336623b40126251331605eb267
a5a403a0fbc1141f211b8bef5edb29fd93cb49a45db1f2511070e77d0a845ba7
a93773aabfd438bda009d4b023cd09838dd220976ab189da945042bdccff4353
ad22e5051132608789bee3258d53e09de2c7cfc2f7c7783c941529238a9cbb2d
ad8f8cd6691d27b2351f7b2e0fd8523117407a6b4661c28532fbc524136c929b
afb05c8c7740cc08eab340787e6d3e6828b62a23fbbb24d71a1940272f03c5cc
bb44c4cb430b9c92806843d8c70840217565fc3d6f74a47e4c0486f368b4ad25
be19a398e6865f376efa69efb053ec7dd0d10b4a0ebb044c3d36139f9a2b4247
bfeb3b20ba9ec342d7fdcdf505b473b920b1e5462aa06478c91920f64e59e3c6
c56e1968b1aaa3927f4222729a5fe20b722f4c4e942e76833e58577100549df3
cafa160c3bd131680383506432600bc71566d8c0880201f182cfb9dd5eedaf5e
cf312d1a99d8dc2e1f6a6040815681b6e2508ea5aa68073c1059a09abe396f76
d3d913ae9efc64ab4daf3db8cf900dd5dca38d9554ea6db7914540b0b19a5d23
d6ae5231f149d296ae6c0509eacb083e0a92b549595a2d2c662a5189a6482c45
da3317dc22080a10e06c3eeadc7cc723ad5b18d8c9b200aad3701af3eec9ece8
dba3a260ff0091d786ee84c7030028d53efba49cc91bef847a3b18e237928e93
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d7124548c4df584e61c7f387a98495579902d6159e96fcffb92d0f9392fac4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c27d87b7826fa4e3780733ef2f4b5d2a7dbc9fdda6c2864d2c643ddfe8e918
f97323f5f612fce17b933c6b89b2563161f4c8adbd6396c897cbe949b3fa2be4
fb487c970b6a254eab7ea2ef8c3392d91856ea1c7192e80c52c512acec38c9aa
fbd264de9fafc7ef7a2a52ad7439ae5b07f263fd182abdef1deab71a07146082

villagereturn.com Open in urlscan Pro 198.50.167.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

94 %HTTPS

0 %IPv6

18 Domains

23 Subdomains

21 IPs

5 Countries

1937 kBTransfer

2401 kBSize

71 Cookies

3 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

villagereturn.com Open in urlscan Pro
198.50.167.39 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

94 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

21
IPs

5
Countries

1937 kB
Transfer

2401 kB
Size

71
Cookies

71 HTTP transactions
1 data transactions