urlscan.io logo urlscan.io
SecurityTrails logo

returnsouls.com Open in urlscan Pro
34.132.134.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://returnsouls.com/
Effective URL: https://returnsouls.com/
Submission Tags: https://phish.report @phish_report Search All
Submission: On March 11 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 70 HTTP transactions. The main IP is 34.132.134.162, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is returnsouls.com.
TLS certificate: Issued by R3 on March 9th 2023. Valid for: 3 months.
This is the only time returnsouls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 34.132.134.162 396982 (GOOGLE-CL...)
1 162.159.134.42 13335 (CLOUDFLAR...)
1 173.231.16.76 18450 (WEBNX)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.193.99.219 16509 (AMAZON-02)
20 162.159.130.232 13335 (CLOUDFLAR...)
1 52.18.63.80 16509 (AMAZON-02)
4 162.159.136.232 13335 (CLOUDFLAR...)
70 13
24    34.132.134.162 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.134.132.34.bc.googleusercontent.com
returnsouls.com
1    162.159.134.42 (None, )

ASN13335 (CLOUDFLARENET, US)
www.playtonicgames.com
1    173.231.16.76 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-16-76.static.webnx.com
api.ipify.org
8    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    18.193.99.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-99-219.eu-central-1.compute.amazonaws.com
api.ipdata.co
20    162.159.130.232 (None, )

ASN13335 (CLOUDFLARENET, US)
media.discordapp.net
1    52.18.63.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-63-80.eu-west-1.compute.amazonaws.com
canarytokens.com
4    162.159.136.232 (None, )

ASN13335 (CLOUDFLARENET, US)
discord.com
Apex Domain
Subdomains		 Transfer
24 returnsouls.com
returnsouls.com
2 MB
20 discordapp.net
media.discordapp.net — Cisco Umbrella Rank: 5873
8 MB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 82
808 KB
4 discord.com
discord.com — Cisco Umbrella Rank: 2322
2 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 215
31 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
static.doubleclick.net — Cisco Umbrella Rank: 241
1 KB
2 ipdata.co
api.ipdata.co — Cisco Umbrella Rank: 33917
2 KB
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3531
onesignal.com — Cisco Umbrella Rank: 1362
70 KB
2 gstatic.com
fonts.gstatic.com
31 KB
1 canarytokens.com
canarytokens.com — Cisco Umbrella Rank: 519505
238 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2634
106 B
1 playtonicgames.com
www.playtonicgames.com
2 KB
70 12
Domain Requested by
24 returnsouls.com 1 redirects returnsouls.com
20 media.discordapp.net returnsouls.com
8 www.youtube.com returnsouls.com
www.youtube.com
4 discord.com returnsouls.com
4 jnn-pa.googleapis.com www.youtube.com
2 api.ipdata.co returnsouls.com
2 googleads.g.doubleclick.net 1 redirects returnsouls.com
2 fonts.gstatic.com www.youtube.com
1 canarytokens.com returnsouls.com
1 onesignal.com cdn.onesignal.com
1 cdn.onesignal.com returnsouls.com
1 static.doubleclick.net www.youtube.com
1 api.ipify.org returnsouls.com
1 www.playtonicgames.com returnsouls.com
70 14

This site contains links to these domains. Also see Links.

Domain
browsehappy.com
twitter.com
www.twitch.tv
www.youtube.com
www.mediafire.com
www.cookieyes.com
Subject Issuer Validity Valid
returnsouls.com
R3		 2023-03-09 -
2023-06-07		 3 months crt.sh
playtonicgames.com
Cloudflare Inc ECC CA-3		 2022-10-18 -
2023-10-17		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
api.ipdata.co
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-20		 9 months crt.sh
discordapp.net
Cloudflare Inc ECC CA-3		 2022-10-03 -
2023-10-03		 a year crt.sh
canarytokens.org
R3		 2023-01-15 -
2023-04-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://returnsouls.com/
Frame ID: 02DC652B85BFAC92FE128CFB503B5A81
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
Frame ID: D92E0A796748D52EC34340AAD190507C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Return Souls - The best RPG!social/twittersocial/twitchsocial/youtubeNextNextGroup 16 CopyNext

Page URL History Show full URLs

  1. http://returnsouls.com/ HTTP 308
    https://returnsouls.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <[^>]+class="[^"]*(?:uk-container|uk-section)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

99 %
HTTPS

46 %
IPv6

12
Domains

14
Subdomains

13
IPs

4
Countries

11415 kB
Transfer

13876 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://returnsouls.com/ HTTP 308
    https://returnsouls.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
returnsouls.com/
Redirect Chain
  • http://returnsouls.com/
  • https://returnsouls.com/
105 KB
106 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
32d72144845fe88bfc8c2d0de7bcc668b61291b89bc8df775d3a5af025338bb5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

access-control-allow-origin
*
content-length
107865
content-type
text/html; charset=utf-8
date
Sat, 11 Mar 2023 15:47:14 GMT
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster
global

Redirect headers

Content-Length
60
Content-Type
text/html; charset=utf-8
Date
Sat, 11 Mar 2023 15:47:14 GMT
Location
https://returnsouls.com/
Replit-Cluster
global
Via
1.1 google
main5066.js
returnsouls.com/gc.kes.v2.scr.kaspersky-labs.com/7EA5E9BB-55E1-4C31-9C21-4943DDFED2E4/ 		0
41 B 		Script
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/gc.kes.v2.scr.kaspersky-labs.com/7EA5E9BB-55E1-4C31-9C21-4943DDFED2E4/main5066.js?attr=fVdD-luf2Rg88mw4wTb9Ph4xH6beI_i6cKR6oO1n8vH41Szi95TqZDUosNqcvHVoek2-1hA5NyutB3yOeQg2Gldb8AWLdRb8gMCDjkp1pPV1bvTrgJvJD6GukkxU1ji4
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:14 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
0
content-type
text/javascript; charset=utf-8
classic-themes.min68b3.css
returnsouls.com/www.playtonicgames.com/wp/wp-includes/css/ 		217 B
245 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/www.playtonicgames.com/wp/wp-includes/css/classic-themes.min68b3.css?ver=1
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:14 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
217
content-type
text/css; charset=utf-8
cookie-law-info-public7e78.css
returnsouls.com/www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public7e78.css?ver=2.3.8
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
4a4aba78440c1205cf73af064ada0248584dcfa15b3cb45ef37782b0ca727541

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:14 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
4044
content-type
text/css; charset=utf-8
cookie-law-info-gdpr7e78.css
returnsouls.com/www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr7e78.css?ver=2.3.8
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
b426c235ad88e21d669aaf6226c60c196d041c6e74e507443af32d6541d55f4a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:14 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
22265
content-type
text/css; charset=utf-8
app-6b1cpr6a4d.css
returnsouls.com/www.playtonicgames.com/app/themes/sozo/public/css/ 		208 KB
208 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/www.playtonicgames.com/app/themes/sozo/public/css/app-6b1cpr6a4d.css?ver=6.1.1
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
7e921b62e2d95c2a4d6f3eb34068f77ad3926a3214735c1d67ce99f8c2bd493e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:14 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
212746
content-type
text/css; charset=utf-8
sirv6a4d.js
returnsouls.com/scripts.sirv.com/sirvjs/v3/ 		501 KB
502 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
60e79514694744ce4f34770e89c927e4d7dada3a75a07e333aaf96a8b33fd013

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:15 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
513507
content-type
text/javascript; charset=utf-8
jquery.mina7a0.js
returnsouls.com/www.playtonicgames.com/wp/wp-includes/js/jquery/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/www.playtonicgames.com/wp/wp-includes/js/jquery/jquery.mina7a0.js?ver=3.6.1
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:14 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
89684
content-type
text/javascript; charset=utf-8
cookie-law-info-public7e78.js
returnsouls.com/www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/js/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public7e78.js?ver=2.3.8
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
5fbce8a3467310e80aee477992c4ace2a0492cf074eb7bd808fbc54f1b32841f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:15 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
50923
content-type
text/javascript; charset=utf-8
vkq2rvl.css
returnsouls.com/use.typekit.net/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/use.typekit.net/vkq2rvl.css
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
9fb2d2c87e6e6d5c5b95b9aa19bff7fb32d2a6f9f2cb04dc50f17e4338ea7d52

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:15 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
4723
content-type
text/css; charset=utf-8
logo-cookieyes.svg
www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/images/logo-cookieyes.svg
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7270c2cc29edc1935a8caf8a5891a808080963cd6815abd06cca6d67ec3610d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ki-edge
v=17.19
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 05 Dec 2022 10:51:31 GMT
server
cloudflare
etag
W/"638dcd33-a43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWoIs2oPn3D8VOSgpHxWkCOl8AMlvDq18s%2FzIwNhAAYc1UXFCIUm9okJc2v4w0ZZBO1wlC5Z1FKrLJubB1jGh1BTh%2BgvvQqNUnKoCaG5nI6MBSm6vbJeRAXWol8C7kN0i1%2FSD6A6auE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
ki-cache-type
None
cf-ray
7a64ef58bed709ac-ARN
ki-cf-cache-status
BYPASS
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie-law-info-table7e78.css
returnsouls.com/www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/www.playtonicgames.com/app/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-table7e78.css?ver=2.3.8
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
5fb5f7b54d71a8ac603fceec9e2a6560c59dcea9ea178ffb165546cb185f21cc

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:15 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
6366
content-type
text/css; charset=utf-8
app-6b1cpr.js
returnsouls.com/www.playtonicgames.com/app/themes/sozo/public/js/ 		258 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/www.playtonicgames.com/app/themes/sozo/public/js/app-6b1cpr.js
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
37dc322c929714fdd600e11119d1417ea51ed2a43e8530e15ff99c71a246d35f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:15 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
264468
content-type
text/javascript; charset=utf-8
instantpage6734.js
returnsouls.com/www.playtonicgames.com/app/plugins/perfmatters/vendor/instant-page/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/www.playtonicgames.com/app/plugins/perfmatters/vendor/instant-page/instantpage6734.js?ver=1.9.9
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
7f2fa0eb1b5ed38b5135623310ea4c41ca585503a457d35ea960b7966839bbe1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:15 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
2892
content-type
text/javascript; charset=utf-8
OneSignalSDK6a4d.js
returnsouls.com/cdn.onesignal.com/sdks/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/cdn.onesignal.com/sdks/OneSignalSDK6a4d.js?ver=6.1.1
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:15 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
9138
content-type
text/javascript; charset=utf-8
/
api.ipify.org/ 		31 B
106 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=jsonp&callback=getIP
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.231.16.76 , United States, ASN18450 (WEBNX, US),
Reverse DNS
173-231-16-76.static.webnx.com
Software
/
Resource Hash
e95d7dbc62f8a395b53e8033d90dc41b4e9bbf85f40fcbba2d2df2bb88eddebf

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:16 GMT
content-length
31
vary
Origin
content-type
application/javascript
p2f8a.css
returnsouls.com/p.typekit.net/ 		5 B
32 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/p.typekit.net/p2f8a.css?s=1&amp;k=vkq2rvl&amp;ht=tk&amp;f=32204.37319.37321.37322.37324.43265&amp;a=85845077&amp;app=typekit&amp;e=css
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/use.typekit.net/vkq2rvl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/use.typekit.net/vkq2rvl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:15 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
5
content-type
text/css; charset=utf-8
dq0oLaqUcQ8
www.youtube.com/embed/ Frame D92E 		63 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8ce4d24c9f0bec3e15a1dd6613ddcab9d91225c2cac7eaa784672a1789afa22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://returnsouls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Mar 2023 15:47:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fi for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
le196
returnsouls.com/use.typekit.net/af/435145/00000000000000007735c428/30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/use.typekit.net/af/435145/00000000000000007735c428/30/le196?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&amp;fvd=n4&amp;v=3
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/use.typekit.net/vkq2rvl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
870df86ed95658575f7ba789c0a1e5a8df6dbc770e1b045426a03a750ea19c8e

Request headers

Referer
https://returnsouls.com/use.typekit.net/vkq2rvl.css
Origin
https://returnsouls.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:16 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
19640
content-type
l1f8b
returnsouls.com/use.typekit.net/af/cb3d34/00000000000000007735cc39/30/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/use.typekit.net/af/cb3d34/00000000000000007735cc39/30/l1f8b?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&amp;fvd=i6&amp;v=3
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/use.typekit.net/vkq2rvl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
79767c67c8545d0aff2b7d253c2956f10a94360241e3a24b0c99085bb2ef4600

Request headers

Referer
https://returnsouls.com/use.typekit.net/vkq2rvl.css
Origin
https://returnsouls.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:16 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
36688
content-type
l652f
returnsouls.com/use.typekit.net/af/bb5c38/00000000000000007735c433/30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/use.typekit.net/af/bb5c38/00000000000000007735c433/30/l652f?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&amp;fvd=n7&amp;v=3
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/use.typekit.net/vkq2rvl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
f81b652bc4265d6399bc01b2dff3ede684ecfe29365b9444e99a7ea6c6734c62

Request headers

Referer
https://returnsouls.com/use.typekit.net/vkq2rvl.css
Origin
https://returnsouls.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:16 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
20084
content-type
l3eab
returnsouls.com/use.typekit.net/af/5265b3/00000000000000007735affc/30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/use.typekit.net/af/5265b3/00000000000000007735affc/30/l3eab?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&amp;fvd=n3&amp;v=3
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/use.typekit.net/vkq2rvl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
1308f855fae39f6b2e4f4b64fbae60955197b9c9a04f2092d989d6972ed68fb3

Request headers

Referer
https://returnsouls.com/use.typekit.net/vkq2rvl.css
Origin
https://returnsouls.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:16 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
19848
content-type
l5bba
returnsouls.com/use.typekit.net/af/6727e5/00000000000000007735c42c/30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/use.typekit.net/af/6727e5/00000000000000007735c42c/30/l5bba?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&amp;fvd=n6&amp;v=3
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/use.typekit.net/vkq2rvl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
d892006e2ea382ebacb1b187e0fb66b5ed8a85dca8989a2b84def33810ccacce

Request headers

Referer
https://returnsouls.com/use.typekit.net/vkq2rvl.css
Origin
https://returnsouls.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:16 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
20008
content-type
www-player.css
www.youtube.com/s/player/21246a91/ Frame D92E 		401 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92d01b373b5e2bf12dc6da7768d80484fcd4c6bc3f332cd13f3b5ca237618166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:17:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
1816
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52577
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Mar 2024 15:17:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D92E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 15:27:04 GMT
x-content-type-options
nosniff
age
174012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D92E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 18:28:44 GMT
x-content-type-options
nosniff
age
249512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Mar 2024 18:28:44 GMT
www-embed-player.js
www.youtube.com/s/player/21246a91/www-embed-player.vflset/ Frame D92E 		345 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68d1e389efacae77b03ff9bffaa6ce790b9da9d9fc1e8aa8bb4ab39b5bfb72c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109885
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Mar 2024 15:44:32 GMT
base.js
www.youtube.com/s/player/21246a91/player_ias.vflset/fi_FI/ Frame D92E 		2 MB
609 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/player_ias.vflset/fi_FI/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
255bd2a670a1faef27c3d7e3a0b3254e3ab8bd64a4ea86fab5a8854365d9a027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 16:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
85333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
623290
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 09 Mar 2024 16:05:03 GMT
fetch-polyfill.js
www.youtube.com/s/player/21246a91/fetch-polyfill.vflset/ Frame D92E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 14:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
4751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 10 Mar 2024 14:28:05 GMT
id
googleads.g.doubleclick.net/pagead/ Frame D92E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92f5e953cbbe8670be95f981b0701b694e576e270037e67e887d428545b06afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 11 Mar 2023 15:47:16 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame D92E 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:35:06 GMT
x-content-type-options
nosniff
age
730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Mar 2023 15:50:06 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 11 Mar 2023 15:47:16 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D92E 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/fi_FI/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77b955a67aafa850599e5baf97ff3e13f686e995864c79cb09b07a860f6b828b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 11 Mar 2023 15:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30967
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame D92E 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?cpn=dyxlYQ3A5g1qpt3L&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24415864%2C24416291%2C24428818%2C24439361%2C24447748%2C24450350%2C24450367%2C24451033%2C24456736%2C24467287%2C24470891%2C24481771%2C24482081%2C24482667%2C24483085%2C24487104%2C24487565%2C24488210%2C24495841%2C39323074&cl=514252814&seq=1&event=streamingstats&docid=dq0oLaqUcQ8&cbr=Chrome&cbrver=111.0.5563.64&c=WEB_EMBEDDED_PLAYER&cver=1.20230305.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:1;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/fi_FI/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
X-YouTube-Client-Version
1.20230305.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtidzFUSWdqdFBudyiExbKgBg%3D%3D
X-YouTube-Ad-Signals
dt=1678549636492&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Sat, 11 Mar 2023 15:47:16 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/21246a91/player_ias.vflset/fi_FI/ Frame D92E 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21246a91/player_ias.vflset/fi_FI/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/fi_FI/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b239632fdffb42b7488fbbf72a412fabc0084f2ba86652e43dff515b3a9f7aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
78910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8608
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 01:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 09 Mar 2024 17:52:06 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/cdn.onesignal.com/sdks/OneSignalSDK6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:16 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1392
etag
W/"725985d8b3cb9e8905cfe4c97cc83600"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7a64ef5d98aad91e-HEL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 14 Mar 2023 15:47:16 GMT
web
onesignal.com/api/v1/sync/5d7039b9-f829-4492-ba65-f2338fead40c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/5d7039b9-f829-4492-ba65-f2338fead40c/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49de64c52af4a214101fc35560b38abdeac2877851c88312d942028f46dcd9c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
cf-polished
origSize=3405
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c645e7ec-4db0-4c34-990e-badb329eec6f
x-runtime
0.038969
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"502d297f717c7d4b7020f5a3333d7e32"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7a64ef5e5a8cd91e-HEL
access-control-allow-headers
SDK-Version
expires
Sat, 11 Mar 2023 16:47:16 GMT
/
api.ipdata.co/ 		1 KB
957 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipdata.co/?api-key=f9c6dbbf5fbce305ac584ead017fc8c2278e99bce2e7d798ec960f7e
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.99.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-99-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3ab69b60d8d618e4a5d33567941039aeb205920adaf92e3d209fc8db79247a83

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
content-encoding
gzip
x-amzn-requestid
d8362e2f-3679-450c-ada7-eab1307930b2
x-amzn-trace-id
Root=1-640ca285-5678c2c657fcc1c33d4941e3;Sampled=0
access-control-allow-methods
OPTIONS,POST,GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-apigw-id
Bn5U1HWMliAFjRw=
content-length
647
access-control-allow-headers
Content-Type
unknown.png
returnsouls.com/media.discordapp.net/attachments/1045789633918808167/1045790343884443749/ 		336 KB
336 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/media.discordapp.net/attachments/1045789633918808167/1045790343884443749/unknown.png?nometa&info=sirv_image_info_982313423_main
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
9b96edadd1da7e5af58a27b20607a15d1efd57461b743ba84d4e6a81d6c84f72

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:17 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
344089
content-type
image/png
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045789969983230022/ 		302 KB
303 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045789969983230022/unknown.png?nometa&info=sirv_image_info_291436091_main
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dba910ff2fdea1a9fe49fb5a423eeeb0e1ada61a67339daddaac82d1ec67cb1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:55:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeKj0jcCNQGBpU4xNQ%2BNhYM4elMAhKbgRA3iIe5X4hqVAiSpm4%2FrmoxVtpJiI8HggNxO1fmJPsK9Yl8Ve6BjzS2LMIQZnCiTAQPjqSzwc2%2BTFPqowjhM4WdkzHmVg6a7qJRS%2FiLi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef5f4a082d5f-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
309488
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790517419573348/ 		898 KB
899 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790517419573348/unknown.png?nometa&info=sirv_image_info_96441023_main
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55243a4e4f6d8f47049b8f8a0774d784e6f73d272b31b6c86ae5ba689f7a88b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1Cd56%2Bj12WnwiLO%2FGdO7fy1fOmd9TkrtrSJQ5DvdNmFx92ogy9VkWRJ77KrQZDFD8%2FfFM8yYo342NGJVjmh8oOSPvk4zkIO%2FKuapd8fNKxRnUD7jug5wFJKuGoGbWicqXzL5fDq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef5f4a0a2d5f-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
919046
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790188154138624/ 		317 KB
318 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790188154138624/unknown.png?nometa&info=sirv_image_info_606065209_main
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ed4095efc3dc5814a53f3e8f76fce3352975cc77987db607a22e594a622b1a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-length
324738
last-modified
Fri, 25 Nov 2022 19:56:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LY6xX0P8ciauMOmUDhumSYWrAXoZD2eX12XnwnGN0GjDxRkVUQgRTQLZYBvDvV85VJR4uz4WQD7s5C6neYMWEz7EtDq4Hpe%2BPXFVvmfoTctgWqV2cL4Iv%2BTXpM8Rq%2BExXQi0d0St"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef5f4a0c2d5f-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790159628668928/ 		315 KB
316 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790159628668928/unknown.png?nometa&info=sirv_image_info_2567033446_main
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040552744ecd39360431054859c01037f403b4a7ebba6eadb75b8f8b938d8922

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:56:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prqdlnuiNSnK2Z%2FlSIpBqrWh5OkaJQrg6SOxixXnoRw%2BxCtZetztI7R0%2B77O%2Ff96VeeCWnzJ4midA8%2FGcofEEydjb38IxWGnKjypTaN3ct%2FWtzXhyt5KbazaSWHXTTw6r%2BXl%2BS%2B4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef5f4a0e2d5f-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
322981
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790188154138624/ 		317 KB
318 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790188154138624/unknown.png?nometa&info=sirv_image_info_606065209_main
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ed4095efc3dc5814a53f3e8f76fce3352975cc77987db607a22e594a622b1a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZD0okce5HHeXF7aizVt%2BFWwZjWzP0Y0PYwaYu%2FQDPuBzCTOu21cj0gqXBsf8bOM7gKC2wD7o29Wfoa%2Fz3kKQRG8fFJ6hpeFCjl5mk9oZRKwztzCSzMSN3lqckogcmWTosmgdCzyv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef5f4a102d5f-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
324738
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790534846926959/ 		475 KB
476 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790534846926959/unknown.png?nometa&info=sirv_image_info_1372417916_main
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
619c8a1213c66ffdb3150b376ba3874a0b90377b3bf5f0a8f9a232a8075c09a1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:58:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAYSvkWKZcfh5NkKXceNiopkbGee%2FlDz7DJtGBZWSXKEGscQHqzsPLCqEMc3GPf4nWfwqHP1Qx8kEh7W4PYt5b7AI34g9O67cV%2BsH%2BgIf5xJbn7J4%2FnaQZhUK914eZp0yzSR4Tpz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef5f4a112d5f-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
486648
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790545739526144/ 		375 KB
376 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790545739526144/unknown.png?nometa&info=sirv_image_info_3396487063_main
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eab1c2fadeb6c102c79a24c51aaccb8ec1f312d465651278463460fbb6ff7ee

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:58:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GfyQZMGfLL3Ti4mo7Jm5gbh84JREiW0d%2BC2%2FINdr2sTaQaC9gRcGsOwRlomRfizzrqY3jlRcMiW9j7SSu1yj%2Bnvd9qQT4uktMwfdtfWBsZOphrBXNIKCVgutSLLuVF88XShbR%2B3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef5f4a132d5f-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
384367
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045802183720964186/ 		119 KB
119 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045802183720964186/unknown.png?nometa&info=sirv_image_info_817416101_main
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046bf6e873555a172c41be2b827d651672db5a784331188088c19b1b194ff2a8

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 20:44:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEtB9yyYXYQTnUIJI1yTuHQ9049Yr%2BG6uyJEzY6ZXGrqfLZyfmdUxxcB9AUkT6oP%2BjhWglm6QTjLbUICeqTNf%2FZDIKds2uWI%2B1VwfXY8EuyZ64M6HP4jQbtI8Vzf1T9ErSXHTkdr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef5f4a142d5f-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
121901
expires
Sun, 10 Mar 2024 15:47:17 GMT
0grfo6bh0wcepfnk01gmkw45n.jpg
canarytokens.com/ 		43 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canarytokens.com/0grfo6bh0wcepfnk01gmkw45n.jpg?l=https://returnsouls.com/&amp;r=
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.18.63.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-63-80.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sat, 11 Mar 2023 15:47:17 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D92E 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/player_ias.vflset/fi_FI/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db9849c26a1a6d16c276930b0cb96b6973ca49d75ccee1060f47beea827073bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 11 Mar 2023 15:47:17 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
3u5aU126pST1hilsGa8gteyJp_KBOCkfZjF8YPQ7UVAWm4bUuRbBueuenOy9KbSsfZTG
discord.com/api/webhooks/1083815969832579162/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://discord.com/api/webhooks/1083815969832579162/3u5aU126pST1hilsGa8gteyJp_KBOCkfZjF8YPQ7UVAWm4bUuRbBueuenOy9KbSsfZTG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://returnsouls.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision
access-control-allow-methods
POST, GET, PUT, PATCH, DELETE
access-control-allow-origin
https://returnsouls.com
allow
HEAD, OPTIONS, GET, DELETE, PATCH, POST
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a64ef60ff412d9e-ARN
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 11 Mar 2023 15:47:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgHVdes90s9C5pRFQiJVQxJ4s%2FSm7YVxN7R8oCZXGHed38xHq%2BEpvacxBHyOKFdv10DjtDnfBafhH6uvjQzGmmjLNabcGjt3d%2B241vBVFlsQnyuhSkcbsQO1SdcH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
3u5aU126pST1hilsGa8gteyJp_KBOCkfZjF8YPQ7UVAWm4bUuRbBueuenOy9KbSsfZTG
discord.com/api/webhooks/1083815969832579162/ 		0
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://discord.com/api/webhooks/1083815969832579162/3u5aU126pST1hilsGa8gteyJp_KBOCkfZjF8YPQ7UVAWm4bUuRbBueuenOy9KbSsfZTG
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returnsouls.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-ratelimit-bucket
3d2712a9e4fe17cc9d3fed4a8e672e5f
x-ratelimit-reset-after
1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
4
access-control-allow-methods
POST, GET, PUT, PATCH, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://returnsouls.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6glXK2Y0G%2FlrqJ90bgPwJwUrfYmu0pCfgRCwX1yYoJThyt%2F%2BB86LHxn2LT69dxpr6Vi0A9xS2KqQ%2F7oltM7jg7mRmN%2FQs8NeYPdtd1QoR%2B%2F1ixGh8OuuFfKNUTB"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Retry-After, X-RateLimit-Global, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Reset-After, X-RateLimit-Bucket, X-RateLimit-Scope, Date
access-control-allow-credentials
true
x-ratelimit-reset
1678549638
x-ratelimit-limit
5
cf-ray
7a64ef6228f12d9e-ARN
access-control-allow-headers
Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision
unknown.png
returnsouls.com/media.discordapp.net/attachments/1045789633918808167/1045790343884443749/ 		336 KB
336 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returnsouls.com/media.discordapp.net/attachments/1045789633918808167/1045790343884443749/unknown.png?nometa&info=sirv_image_info_982313423_main&callback=image_info_733045
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
e4f82f5153c31149e7c2e4a7ab7bbf29ff48a0456681cb665d8ec11fb408e374

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:17 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
344089
content-type
image/png
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045802183720964186/ 		119 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045802183720964186/unknown.png?nometa&info=sirv_image_info_817416101_main&callback=image_info_5376146
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed55a760af167d867ed85b54b2ab4f2692dae9f9c998214891aac2d4515b02ee

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 20:44:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytMeyJAVcduHy%2BRvk1%2FoiQE4vkkYZKq4RyauF5CGzF4d1GDIBBhbWazL%2Bv2jZxPOMzZNPo1b6wRBdgeTHJn1lj9q1jZ4otLXMY3fo2RpzaQeFkLtfw7LiFoH9BHsafkgxFNMKuwL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef623996169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
121901
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045789969983230022/ 		302 KB
303 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045789969983230022/unknown.png?nometa&info=sirv_image_info_291436091_main&callback=image_info_8845869
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63dd7984465c6d616a314750f5290447e154e370901e74247e73146e4b2fd419

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 19:55:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFkwZEOyN6bqFyK7stj%2B5crjO7MFaZXpvq9Kf6LXGRuSUK2nJOlTrKRFkuWLUzqG8pyloMa3Ud0%2BUU3%2BXhp21Lgz0xKa9xDXEd1LXGEFQgiq91rit8keUmdfND%2FOkp32P4dzOPHS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef623999169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
309488
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790188154138624/ 		317 KB
318 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790188154138624/unknown.png?nometa&info=sirv_image_info_606065209_main&callback=image_info_2421711
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12f6b28dda124addf9f6d65ea856a4d7fb6a744c195f9f6bb7a3e61e1871eae

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 19:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dy9Q0lC2gDrX6FCxk3JfKMAme4uUMix7sVL02kaHclPhxeTIww002gnxbn6I5m0jxtaCEaITlVo%2BjejaufqGvHzers9cf%2FTsrIuWaZlHr7lxueSrtq%2BNNer%2FqswHTDBrBT%2BrywE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef623997169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
324738
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790159628668928/ 		315 KB
316 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790159628668928/unknown.png?nometa&info=sirv_image_info_2567033446_main&callback=image_info_5402328
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c260234218fee4ebec48191ca2afd64332ea2348797b98aa4ca9ab16a1e66271

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 19:56:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otFT6aEuGGW%2BXHRlVZYu6%2BdlAVNloEBH320RciM7sSn6QtMYUBJck94mcjKROciUmmVCdmMkKvS5%2FlpOqS7EVsjz6TN%2Fp7Rr01XevVr8%2BRxhqv%2By9nxZsgH9bEleFLTzRx1Z%2Bpe1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef623998169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
322981
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790545739526144/ 		375 KB
376 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790545739526144/unknown.png?nometa&info=sirv_image_info_3396487063_main&callback=image_info_6175784
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69413957311c1cdfdfb2c42a6f3f2db9799d42c106c1b7069391796f5ebb0da4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 19:58:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghuPhaxryTwaxxf1xnLkegRFFBQ6ZnmkK9CxpVIdp%2Fvgwpl7sZZhfn2wS0NAhlfMSO1Oc6hYsXQ%2BU%2BphbHenk5tnASuAvbx%2FtqL0n%2F%2FGhIq%2BqK1J25abNEl7cc8oBbiyFfm%2BoGp4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef62399a169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
384367
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790188154138624/ 		317 KB
318 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790188154138624/unknown.png?nometa&info=sirv_image_info_606065209_main&callback=image_info_8269130
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12f6b28dda124addf9f6d65ea856a4d7fb6a744c195f9f6bb7a3e61e1871eae

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 19:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ff1bNwH7%2B5C2AbzHTU2%2Fwgii6nnzxxVLUxLci3GKB%2B%2BL5mF3f15gqYiTaqg%2B4qR8%2BQoRMGZiuBJ4Vcol%2BudcnvzDVAnbsOGmQvoAW%2BQZ62C4QsTr4rAHWJQeuQzOhXQ7E9a5kusp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef62399b169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
324738
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790517419573348/ 		898 KB
899 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790517419573348/unknown.png?nometa&info=sirv_image_info_96441023_main&callback=image_info_5548331
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c56d96c122a21964d0602e5678e399ac4967aaed2bce39694090347a99e5fda

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 19:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRpSkli2Fgy9vcx5jQ4%2BRJTqYLsAkxJtwS2SmyYWxOt1sbr0y9T9fh19ydE%2FTeNiX7gxbNarKbtQZ1fbB55GuMGIsfXQ6AtUD3U77DcGiOP1Qb2U%2F%2F9VkJ2ieS2o0WkeZ3Djl1js"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef62399d169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
919046
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790534846926959/ 		475 KB
476 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790534846926959/unknown.png?nometa&info=sirv_image_info_1372417916_main&callback=image_info_2469627
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/scripts.sirv.com/sirvjs/v3/sirv6a4d.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e655e0294954c103e6179ec93ee5770e4f57901cd9bc3678d97d95a5ee050eb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:17 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Nov 2022 19:58:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Mfbb6EArhnHg3%2Bl6ZzZJAO5IDbUvtLijhM3ds4fkvsGTC7hoNK0eaJX7lDrv%2BQo1SoP%2FMO0tfUaN9332mJc7g2GKLoMaSMtNs75E6Lz5bbzwf84pV175bsIhv0C9OZPfhB%2BKEWD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef62399f169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
486648
expires
Sun, 10 Mar 2024 15:47:17 GMT
unknown.png
returnsouls.com/media.discordapp.net/attachments/1045789633918808167/1045790343884443749/ 		336 KB
336 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://returnsouls.com/media.discordapp.net/attachments/1045789633918808167/1045790343884443749/unknown.png
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
9b96edadd1da7e5af58a27b20607a15d1efd57461b743ba84d4e6a81d6c84f72

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Mar 2023 15:47:17 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
344089
content-type
image/png
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790188154138624/ 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790188154138624/unknown.png
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ed4095efc3dc5814a53f3e8f76fce3352975cc77987db607a22e594a622b1a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:18 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6xE1jhCr1Q2D8ZbI7hYYTdoUCudWbYV3N7fPprMXshdyAUVTDlp8g6L7EpRVu7lj1ry1%2B91en8Sz4NyxmLkLdO5taJmQbwo7axjdxRqHo%2BwybO71JrJlCLKipE3iPIxbNNgD%2BQ2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef64fc01169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
324738
expires
Sun, 10 Mar 2024 15:47:18 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790159628668928/ 		315 KB
316 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790159628668928/unknown.png
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040552744ecd39360431054859c01037f403b4a7ebba6eadb75b8f8b938d8922

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:18 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:56:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXUM8o4t1XUkAZOkJ0yR7%2BbEY6FeRcXtj2LIB9pk7ZQa0J7CJ4mH%2FHas2271Xs0wluZxV2w8ZJSlbCE0ce%2FsYwiWZPBmOOX5Zvan6ALESlbmCFZ94FcHb%2F1%2FMRK8S0u6NvM6IVjb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef653c21169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
322981
expires
Sun, 10 Mar 2024 15:47:18 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045789969983230022/ 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045789969983230022/unknown.png
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dba910ff2fdea1a9fe49fb5a423eeeb0e1ada61a67339daddaac82d1ec67cb1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:18 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:55:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yYtAmTVirqQtQDVFLpI5AGnPkWd3G%2FENu8D69LzDuX%2Fdggau%2FtpTEkvC53CeBk54EUo9aAjLDdsP0a9Jlm9%2BFOoqYUNkG0m2VZwhVfSrDOXhs7yBLqMH99A4IClrWgFU0GzQj%2By"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef658c7e169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
309488
expires
Sun, 10 Mar 2024 15:47:18 GMT
unknown.png
media.discordapp.net/attachments/1045789633918808167/1045790517419573348/ 		898 KB
899 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1045789633918808167/1045790517419573348/unknown.png
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55243a4e4f6d8f47049b8f8a0774d784e6f73d272b31b6c86ae5ba689f7a88b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:18 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 19:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJRFwU0CHME1Tywufd%2FYAV2BpjIgWW81vGR0sEOiNlJZqGHWi8aQzHcNRmzoOClLNOFriNBTqc2oxMpPn5WYl%2F9IoPfiTI1LBmMWtJJmaXuW0nDaSD72AQ8l%2BPN4aTnbcmO4hbFl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a64ef668d21169d-ARN
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
919046
expires
Sun, 10 Mar 2024 15:47:18 GMT
/
api.ipdata.co/ 		1 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipdata.co/?api-key=f9c6dbbf5fbce305ac584ead017fc8c2278e99bce2e7d798ec960f7e
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.99.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-99-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8131a26b86409371b9e0c5567c9aa6bbb4432557785b1edb5cbc384b1da76a07

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://returnsouls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 15:47:18 GMT
content-encoding
gzip
x-amzn-requestid
06b6c0e3-4a6e-486a-9158-2fc352892075
x-amzn-trace-id
Root=1-640ca286-683ab8da2ecf7b231a5964d1;Sampled=0
access-control-allow-methods
OPTIONS,POST,GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-apigw-id
Bn5VBFFdFiAFrJw=
content-length
647
access-control-allow-headers
Content-Type
3u5aU126pST1hilsGa8gteyJp_KBOCkfZjF8YPQ7UVAWm4bUuRbBueuenOy9KbSsfZTG
discord.com/api/webhooks/1083815969832579162/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://discord.com/api/webhooks/1083815969832579162/3u5aU126pST1hilsGa8gteyJp_KBOCkfZjF8YPQ7UVAWm4bUuRbBueuenOy9KbSsfZTG
Requested by
Host: returnsouls.com
URL: https://returnsouls.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returnsouls.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 11 Mar 2023 15:47:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-ratelimit-bucket
3d2712a9e4fe17cc9d3fed4a8e672e5f
x-ratelimit-reset-after
1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
4
access-control-allow-methods
POST, GET, PUT, PATCH, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://returnsouls.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMZAiosHKvWmP6PGw27jPY4fBKHHmhG7IpwzccnoZMAdDjLW5f42WiuJt8hx1PX7oBFGbBZU82w2xlH%2BwEVP1g4KokBLaw9mZDvxaLfkZRze0CRNT6TjYa9Cb5fw"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Retry-After, X-RateLimit-Global, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Reset-After, X-RateLimit-Bucket, X-RateLimit-Scope, Date
access-control-allow-credentials
true
x-ratelimit-reset
1678549639
x-ratelimit-limit
5
cf-ray
7a64ef686cda1699-ARN
access-control-allow-headers
Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision
3u5aU126pST1hilsGa8gteyJp_KBOCkfZjF8YPQ7UVAWm4bUuRbBueuenOy9KbSsfZTG
discord.com/api/webhooks/1083815969832579162/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://discord.com/api/webhooks/1083815969832579162/3u5aU126pST1hilsGa8gteyJp_KBOCkfZjF8YPQ7UVAWm4bUuRbBueuenOy9KbSsfZTG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://returnsouls.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Debug-Options, x-client-trace-id, If-None-Match, Range, X-RateLimit-Precision
access-control-allow-methods
POST, GET, PUT, PATCH, DELETE
access-control-allow-origin
https://returnsouls.com
allow
GET, PATCH, HEAD, POST, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a64ef674bfe1699-ARN
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 11 Mar 2023 15:47:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8b6UXD3ZHJFhNMXvhNsrPGWpkhyH%2FCEPb2R9X9at88JRnAgIR7WvJV%2FDsfJIWLnTgp%2BX7MSNdwQi353mLb67cvFCn8Sz5OCNNcgU2BrJIyjy%2BM7sGCjiUHaZRO%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
log_event
www.youtube.com/youtubei/v1/ Frame D92E 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/21246a91/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time
1678549638770
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/dq0oLaqUcQ8?autoplay=1&controls=0&disablekb=1&mute=1&loop
X-YouTube-Client-Version
1.20230305.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtidzFUSWdqdFBudyiExbKgBg%3D%3D
X-YouTube-Ad-Signals
dt=1678549636348&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C3420%2C641&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 11 Mar 2023 15:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 11 Mar 2023 15:47:18 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery object| Cli_Data object| log_object function| documentInitOneSignal function| OneSignal string| cli_cookiebar_settings function| getIP number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| Sirv object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| icons function| UIkit function| Sharer object| dataLayer function| renderRecaptcha object| awkward object| bleed function| splitText object| Trunc string| currentText object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms

10 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 3VKHjfXoGV0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: bw1TIgjtPnw
.onesignal.com/ Name: __cf_bm
Value: J2EpoinNO1g.Lcp3IgOK4BZPSWQgE6MVp4NCTQTB2lo-1678549636-0-Adn/p897EJ+p39cHOmySq+FLFPGUmmD0PPUwXVUnOIokH0RQFypkCsCx8kJXSjXYEjQ/uNp7UDQM0pdvG6BZ+HQ=
returnsouls.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
returnsouls.com/ Name: cookielawinfo-checkbox-functional
Value: no
returnsouls.com/ Name: cookielawinfo-checkbox-performance
Value: no
returnsouls.com/ Name: cookielawinfo-checkbox-analytics
Value: no
returnsouls.com/ Name: cookielawinfo-checkbox-advertisement
Value: no
returnsouls.com/ Name: cookielawinfo-checkbox-others
Value: no
.discordapp.net/ Name: __cfruid
Value: 779ad4a584df42ec7491bb7c3b747910ad4b3c78-1678549637

10 Console Messages

Source Level URL
Text
security warning URL: https://returnsouls.com/
Message:
Mixed Content: The page at 'https://returnsouls.com/' was loaded over HTTPS, but requested an insecure element 'http://canarytokens.com/0grfo6bh0wcepfnk01gmkw45n.jpg?l=https://returnsouls.com/&amp;r='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://returnsouls.com/
Message:
Refused to execute script from 'https://returnsouls.com/media.discordapp.net/attachments/1045789633918808167/1045790343884443749/unknown.png?nometa&info=sirv_image_info_982313423_main&callback=image_info_733045' because its MIME type ('image/png') is not executable.
security error URL: https://returnsouls.com/
Message:
Refused to execute script from 'https://media.discordapp.net/attachments/1045789633918808167/1045802183720964186/unknown.png?nometa&info=sirv_image_info_817416101_main&callback=image_info_5376146' because its MIME type ('image/png') is not executable.
security error URL: https://returnsouls.com/
Message:
Refused to execute script from 'https://media.discordapp.net/attachments/1045789633918808167/1045790188154138624/unknown.png?nometa&info=sirv_image_info_606065209_main&callback=image_info_2421711' because its MIME type ('image/png') is not executable.
security error URL: https://returnsouls.com/
Message:
Refused to execute script from 'https://media.discordapp.net/attachments/1045789633918808167/1045790159628668928/unknown.png?nometa&info=sirv_image_info_2567033446_main&callback=image_info_5402328' because its MIME type ('image/png') is not executable.
security error URL: https://returnsouls.com/
Message:
Refused to execute script from 'https://media.discordapp.net/attachments/1045789633918808167/1045790545739526144/unknown.png?nometa&info=sirv_image_info_3396487063_main&callback=image_info_6175784' because its MIME type ('image/png') is not executable.
security error URL: https://returnsouls.com/
Message:
Refused to execute script from 'https://media.discordapp.net/attachments/1045789633918808167/1045790188154138624/unknown.png?nometa&info=sirv_image_info_606065209_main&callback=image_info_8269130' because its MIME type ('image/png') is not executable.
security error URL: https://returnsouls.com/
Message:
Refused to execute script from 'https://media.discordapp.net/attachments/1045789633918808167/1045789969983230022/unknown.png?nometa&info=sirv_image_info_291436091_main&callback=image_info_8845869' because its MIME type ('image/png') is not executable.
security error URL: https://returnsouls.com/
Message:
Refused to execute script from 'https://media.discordapp.net/attachments/1045789633918808167/1045790534846926959/unknown.png?nometa&info=sirv_image_info_1372417916_main&callback=image_info_2469627' because its MIME type ('image/png') is not executable.
security error URL: https://returnsouls.com/
Message:
Refused to execute script from 'https://media.discordapp.net/attachments/1045789633918808167/1045790517419573348/unknown.png?nometa&info=sirv_image_info_96441023_main&callback=image_info_5548331' because its MIME type ('image/png') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipdata.co
api.ipify.org
canarytokens.com
cdn.onesignal.com
discord.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
media.discordapp.net
onesignal.com
returnsouls.com
static.doubleclick.net
www.playtonicgames.com
www.youtube.com
162.159.130.232
162.159.134.42
162.159.136.232
173.231.16.76
18.193.99.219
2606:4700::6812:d73b
2a00:1450:4001:803::2006
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2002
34.132.134.162
52.18.63.80
040552744ecd39360431054859c01037f403b4a7ebba6eadb75b8f8b938d8922
046bf6e873555a172c41be2b827d651672db5a784331188088c19b1b194ff2a8
0eab1c2fadeb6c102c79a24c51aaccb8ec1f312d465651278463460fbb6ff7ee
1308f855fae39f6b2e4f4b64fbae60955197b9c9a04f2092d989d6972ed68fb3
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
255bd2a670a1faef27c3d7e3a0b3254e3ab8bd64a4ea86fab5a8854365d9a027
2dba910ff2fdea1a9fe49fb5a423eeeb0e1ada61a67339daddaac82d1ec67cb1
2e655e0294954c103e6179ec93ee5770e4f57901cd9bc3678d97d95a5ee050eb
32d72144845fe88bfc8c2d0de7bcc668b61291b89bc8df775d3a5af025338bb5
37dc322c929714fdd600e11119d1417ea51ed2a43e8530e15ff99c71a246d35f
3ab69b60d8d618e4a5d33567941039aeb205920adaf92e3d209fc8db79247a83
3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49de64c52af4a214101fc35560b38abdeac2877851c88312d942028f46dcd9c1
4a4aba78440c1205cf73af064ada0248584dcfa15b3cb45ef37782b0ca727541
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fb5f7b54d71a8ac603fceec9e2a6560c59dcea9ea178ffb165546cb185f21cc
5fbce8a3467310e80aee477992c4ace2a0492cf074eb7bd808fbc54f1b32841f
60e79514694744ce4f34770e89c927e4d7dada3a75a07e333aaf96a8b33fd013
619c8a1213c66ffdb3150b376ba3874a0b90377b3bf5f0a8f9a232a8075c09a1
63dd7984465c6d616a314750f5290447e154e370901e74247e73146e4b2fd419
68d1e389efacae77b03ff9bffaa6ce790b9da9d9fc1e8aa8bb4ab39b5bfb72c4
69413957311c1cdfdfb2c42a6f3f2db9799d42c106c1b7069391796f5ebb0da4
77b955a67aafa850599e5baf97ff3e13f686e995864c79cb09b07a860f6b828b
79767c67c8545d0aff2b7d253c2956f10a94360241e3a24b0c99085bb2ef4600
7c56d96c122a21964d0602e5678e399ac4967aaed2bce39694090347a99e5fda
7e921b62e2d95c2a4d6f3eb34068f77ad3926a3214735c1d67ce99f8c2bd493e
7f2fa0eb1b5ed38b5135623310ea4c41ca585503a457d35ea960b7966839bbe1
8131a26b86409371b9e0c5567c9aa6bbb4432557785b1edb5cbc384b1da76a07
870df86ed95658575f7ba789c0a1e5a8df6dbc770e1b045426a03a750ea19c8e
92d01b373b5e2bf12dc6da7768d80484fcd4c6bc3f332cd13f3b5ca237618166
92f5e953cbbe8670be95f981b0701b694e576e270037e67e887d428545b06afe
97ed4095efc3dc5814a53f3e8f76fce3352975cc77987db607a22e594a622b1a
9b96edadd1da7e5af58a27b20607a15d1efd57461b743ba84d4e6a81d6c84f72
9fb2d2c87e6e6d5c5b95b9aa19bff7fb32d2a6f9f2cb04dc50f17e4338ea7d52
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b239632fdffb42b7488fbbf72a412fabc0084f2ba86652e43dff515b3a9f7aae
b426c235ad88e21d669aaf6226c60c196d041c6e74e507443af32d6541d55f4a
b55243a4e4f6d8f47049b8f8a0774d784e6f73d272b31b6c86ae5ba689f7a88b
b8ce4d24c9f0bec3e15a1dd6613ddcab9d91225c2cac7eaa784672a1789afa22
c260234218fee4ebec48191ca2afd64332ea2348797b98aa4ca9ab16a1e66271
c7270c2cc29edc1935a8caf8a5891a808080963cd6815abd06cca6d67ec3610d
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d892006e2ea382ebacb1b187e0fb66b5ed8a85dca8989a2b84def33810ccacce
db9849c26a1a6d16c276930b0cb96b6973ca49d75ccee1060f47beea827073bd
e12f6b28dda124addf9f6d65ea856a4d7fb6a744c195f9f6bb7a3e61e1871eae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f82f5153c31149e7c2e4a7ab7bbf29ff48a0456681cb665d8ec11fb408e374
e95d7dbc62f8a395b53e8033d90dc41b4e9bbf85f40fcbba2d2df2bb88eddebf
ed55a760af167d867ed85b54b2ab4f2692dae9f9c998214891aac2d4515b02ee
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f81b652bc4265d6399bc01b2dff3ede684ecfe29365b9444e99a7ea6c6734c62