mariopartylegacy.com Open in urlscan Pro
104.152.168.8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mariopartylegacy.com/
Effective URL:
https://mariopartylegacy.com/
Submission: On August 11 via manual (August 11th 2022, 10:01:46 am UTC) from AE — Scanned from CA

Summary HTTP 250 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 47 domains to perform 250 HTTP transactions. The main IP is 104.152.168.8, located in Canada and belongs to CROCWEB, CA. The main domain is mariopartylegacy.com.
TLS certificate: Issued by R3 on July 11th 2022. Valid for: 3 months.

This is the only time mariopartylegacy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 49	104.152.168.8 104.152.168.8	63068 (CROCWEB) (CROCWEB)
1	108.178.23.114 108.178.23.114	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
4	138.199.40.58 138.199.40.58	60068 (CDN77 ^_^) (CDN77 ^_^)
8	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
3	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2606:4700:10:... 2606:4700:10::6816:2e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:220... 2606:2800:220:13d:2176:94a:948:148e	15133 (EDGECAST) (EDGECAST)
11	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
1	13.226.39.113 13.226.39.113	16509 (AMAZON-02) (AMAZON-02)
2 8	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2606:2800:21f... 2606:2800:21f:5b71:3e29:d001:be46:4bcc	15133 (EDGECAST) (EDGECAST)
1	2600:9000:210... 2600:9000:210b:3000:0:1651:6140:21	16509 (AMAZON-02) (AMAZON-02)
28	2a04:4e42:46:... 2a04:4e42:46::159	54113 (FASTLY) (FASTLY)
4	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	35.209.198.18 35.209.198.18	15169 (GOOGLE) (GOOGLE)
2	63.251.86.51 63.251.86.51	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 7	145.40.89.200 145.40.89.200	54825 (PACKET) (PACKET)
8	35.175.46.39 35.175.46.39	14618 (AMAZON-AES) (AMAZON-AES)
2 5	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	195.244.31.11 195.244.31.11	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
3	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2602:803:c002... 2602:803:c002:200::116	26667 (RUBICONPR...) (RUBICONPROJECT)
14	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
2 3	44.208.243.83 44.208.243.83	14618 (AMAZON-AES) (AMAZON-AES)
1 5	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	23.105.12.161 23.105.12.161	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	54.154.21.36 54.154.21.36	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
6	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
4	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1	173.223.56.228 173.223.56.228	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
2	54.225.94.43 54.225.94.43	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
2	2606:4700:10:... 2606:4700:10::6816:36ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	103.243.202.190 103.243.202.190	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
2 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2 4	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
3	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	141.95.98.66 141.95.98.66	16276 (OVH) (OVH)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	198.24.170.50 198.24.170.50	19437 (SS-ASH) (SS-ASH)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	135.148.35.200 135.148.35.200	16276 (OVH) (OVH)
1	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	23.41.168.211 23.41.168.211	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
250	53

49 104.152.168.8 (Canada) 1 redirects

ASN63068 (CROCWEB, CA)
PTR: server08.hostwhitelabel.com

mariopartylegacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.178.23.114 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

free.xjs.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2e8e (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:220:13d:2176:94a:948:148e (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.39.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-113.ewr53.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.160.186 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:21f:5b71:3e29:d001:be46:4bcc (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:3000:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)

d1oykxszdrgjgl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a04:4e42:46::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2001 (New York, United States)

ASN15169 (GOOGLE, US)

ea5dc0ce754a568f35231756f7620238.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.209.198.18 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 18.198.209.35.bc.googleusercontent.com

pbs.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.51 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 145.40.89.200 (Ashburn, United States) 2 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.175.46.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-46-39.compute-1.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

venatusmedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c002:200::116 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:816::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.208.243.83 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-243-83.compute-1.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2004 (New York, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.161 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.154.21.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-21-36.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81e::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.155 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80e::2001 (New York, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.56.228 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-228.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.225.94.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-94-43.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.166.1.10 (United States) 2 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.243.202.190 (Korea, Republic Of) 1 redirects

ASN45974 (NHN-AS-KR NHN, KR)

cm-exchange.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::c (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.24.170.50 (Ashburn, United States) 1 redirects

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.186.57 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.148.35.200 (United States) 2 redirects

ASN16276 (OVH, FR)
PTR: ns1015777.ip-135-148-35.us

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.168.211 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-211.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	mariopartylegacy.com 1 redirects mariopartylegacy.com	3 MB
37	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1333 abs.twimg.com — Cisco Umbrella Rank: 1721 pbs.twimg.com — Cisco Umbrella Rank: 650	478 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 ea5dc0ce754a568f35231756f7620238.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	141 KB
18	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	243 KB
14	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 cdn.adnxs.com — Cisco Umbrella Rank: 1351 nym1-ib.adnxs.com — Cisco Umbrella Rank: 1218 acdn.adnxs.com — Cisco Umbrella Rank: 584	76 KB
13	venatusmedia.com pbs.venatusmedia.com — Cisco Umbrella Rank: 38667 track.venatusmedia.com — Cisco Umbrella Rank: 29399	6 KB
11	twitter.com platform.twitter.com — Cisco Umbrella Rank: 674 syndication.twitter.com — Cisco Umbrella Rank: 864	232 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374	217 KB
10	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 732 gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	10 KB
8	360yield.com ice.360yield.com — Cisco Umbrella Rank: 1825 na-ice.360yield.com — Cisco Umbrella Rank: 5546 ad.360yield.com — Cisco Umbrella Rank: 649	4 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	2 KB
7	a-mo.net 2 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1237	25 KB
5	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 528 pixel.rubiconproject.com — Cisco Umbrella Rank: 326	5 KB
5	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 560 ssum.casalemedia.com — Cisco Umbrella Rank: 1365	4 KB
4	clean.gg i.clean.gg — Cisco Umbrella Rank: 1370	30 B
4	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 22977	317 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
3	gstatic.com fonts.gstatic.com	59 KB
3	emxdgt.com 2 redirects cs.emxdgt.com — Cisco Umbrella Rank: 931	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	56 KB
2	dyntrk.com 2 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1344	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	589 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2045	1 KB
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 531	1 KB
2	connectad.io cdn.connectad.io — Cisco Umbrella Rank: 4173
2	sonobi.com 2 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1010	1 KB
2	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1329	199 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	87 KB
2	openx.net venatusmedia-d.openx.net — Cisco Umbrella Rank: 34328	780 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 679	1 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2580	24 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
1	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 968	551 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1657	106 B
1	cpmstar.com 1 redirects server.cpmstar.com — Cisco Umbrella Rank: 5343	627 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	546 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 541	1 KB
1	toast.com 1 redirects cm-exchange.toast.com — Cisco Umbrella Rank: 5102	416 B
1	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2633	42 KB
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1522	2 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4534	637 B
1	cloudfront.net d1oykxszdrgjgl.cloudfront.net	41 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1366 api.rlcdn.com Failed	35 KB
1	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 28126	741 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	41 KB
1	xjs.lol free.xjs.lol — Cisco Umbrella Rank: 288253	2 KB
250	47

	Domain	Requested by
49	mariopartylegacy.com	1 redirects mariopartylegacy.com
28	pbs.twimg.com
14	tpc.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net mariopartylegacy.com googleads.g.doubleclick.net
11	securepubads.g.doubleclick.net	hb.vntsm.com securepubads.g.doubleclick.net mariopartylegacy.com
10	cdn.ampproject.org	d1oykxszdrgjgl.cloudfront.net
10	pbs.venatusmedia.com	hb.vntsm.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com d1oykxszdrgjgl.cloudfront.net googleads.g.doubleclick.net www.googletagservices.com
8	abs.twimg.com
8	ib.adnxs.com	2 redirects hb.vntsm.com acdn.adnxs.com
8	platform.twitter.com	mariopartylegacy.com platform.twitter.com
7	prebid.a-mo.net	2 redirects hb.vntsm.com
6	googleads.g.doubleclick.net	d1oykxszdrgjgl.cloudfront.net mariopartylegacy.com googleads.g.doubleclick.net
5	www.google.com	1 redirects d1oykxszdrgjgl.cloudfront.net mariopartylegacy.com googleads.g.doubleclick.net
4	gum.criteo.com	2 redirects d1oykxszdrgjgl.cloudfront.net
4	nym1-ib.adnxs.com	d1oykxszdrgjgl.cloudfront.net cdn.adnxs.com
4	fastlane.rubiconproject.com	hb.vntsm.com
4	ice.360yield.com	hb.vntsm.com
4	i.clean.gg	d1oykxszdrgjgl.cloudfront.net acdn.adnxs-simple.com
4	hb.vntsm.com	mariopartylegacy.com hb.vntsm.com
3	x.bidswitch.net	3 redirects
3	mug.criteo.com
3	fonts.gstatic.com	fonts.googleapis.com
3	track.venatusmedia.com	hb.vntsm.com
3	cs.emxdgt.com	2 redirects hb.vntsm.com
3	bidder.criteo.com	hb.vntsm.com
3	htlb.casalemedia.com	hb.vntsm.com
3	adservice.google.com	d1oykxszdrgjgl.cloudfront.net
3	syndication.twitter.com	platform.twitter.com
2	static.criteo.net	hb.vntsm.com
2	ssum.casalemedia.com	2 redirects
2	gu.dyntrk.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ad.360yield.com
2	ads.betweendigital.com	2 redirects
2	na-ice.360yield.com
2	bh.contextweb.com	2 redirects
2	cdn.connectad.io
2	sync.go.sonobi.com	2 redirects
2	rtb.gumgum.com	hb.vntsm.com
2	fonts.googleapis.com	d1oykxszdrgjgl.cloudfront.net
2	www.googletagservices.com	d1oykxszdrgjgl.cloudfront.net googleads.g.doubleclick.net
2	venatusmedia-d.openx.net	hb.vntsm.com
2	ap.lijit.com	hb.vntsm.com
2	script.4dex.io	hb.vntsm.com script.4dex.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.mathtag.com
1	cm.adform.net
1	pixel.rubiconproject.com	1 redirects
1	server.cpmstar.com	1 redirects
1	match.adsrvr.org	hb.vntsm.com
1	id5-sync.com	hb.vntsm.com
1	cm-exchange.toast.com	1 redirects
1	acdn.adnxs.com	mariopartylegacy.com
1	cdn.adnxs.com	d1oykxszdrgjgl.cloudfront.net
1	acdn.adnxs-simple.com	d1oykxszdrgjgl.cloudfront.net
1	prg.smartadserver.com	hb.vntsm.com
1	hb-api.omnitagjs.com	hb.vntsm.com
1	ea5dc0ce754a568f35231756f7620238.safeframe.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net
1	d1oykxszdrgjgl.cloudfront.net	hb.vntsm.com
1	ats.rlcdn.com	hb.vntsm.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	hb.vntsm.io	hb.vntsm.com
1	www.googletagmanager.com	mariopartylegacy.com
1	free.xjs.lol	mariopartylegacy.com
0	api.rlcdn.com Failed	hb.vntsm.com
250	66

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.youtube.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
mariopartylegacy.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
free.xjs.lol R3	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-08`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-07` - `2022-10-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.venatusmedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-12`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.a-mo.net R3	`2022-06-18` - `2022-09-16`	3 months	crt.sh
*.360yield.com Amazon	`2021-09-15` - `2022-10-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gumgum.com Amazon	`2021-10-15` - `2022-11-12`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2022-04-15` - `2023-04-15`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://mariopartylegacy.com/
Frame ID: E89DE2E3718449EAA0A6D39EC4FE3E31
Requests: 76 HTTP requests in this frame

Frame: https://hb.vntsm.com/v3/live/ad-manager.min.js
Frame ID: 482EF8E567590DB76DFD7148087C8317
Requests: 60 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fmariopartylegacy.com
Frame ID: 73D9807171A4CC9F6C124A369192F8F9
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2b1befbea3a1424bb94efd70105dfa52.en.html
Frame ID: B27EA35015039C57D222494BCB65DADB
Requests: 2 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/27a1.png
Frame ID: ECEDDC172E2E896C1C34DB97F88894E4
Requests: 43 HTTP requests in this frame

Frame: https://ea5dc0ce754a568f35231756f7620238.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2EB0E243B9F1C56920F8B1FB1266E595
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/umcheck?apnxid=6937898801334461956&redirect=https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ/YmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE
Frame ID: 462C839F7CA2ABC534B9B8030B381906
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DAD1CF87E981F4EE9B71280F02F19BF7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC6BC59EC72D51C679BAEF56D5CECE71
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: B7560905F6DDBF3B4BE5937E474A1250
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW7Q24g0Prn6g2XGkdb5uu8iMiMcktGP4iVIxVsdValIqDpRDE4nyHVRVwnYLCGioGB7BsAyg3uQS0IkcZ7yZE_4olo-ldHt3fPxAAdWXyr13H3_Sz1dXoGuNkKyE_nK0tRwvDnnKON6vY56YHfQvYpTqc84HYileYcT2qwY4r7pIRFZxIowpl07otb12FlX16PrVoOA_BDYGwW3hBGe5_ZVqxHbf_OSU9c8nu54SSekweH-Jb43lg-SwGH2JDuKGwee0SRAqGCj0GHLE7wccemDF-DrtV_35x8b-VU1nDXgOJmCA8AVOvxzjt3Pp37h-dQryolijormou1Z0c5fcxTWOl7Nwtb7A&sai=AMfl-YT4q5xwH_HEHQW4n4PP0y3C2cCf35j8B4rXK1DXQVK2t2Ca4X5EBtXxiKTIDaY6SjICnNxlbIeKhWhCfNN0tje1e3rVdPFuNXILqG2kwG6dEp1bzhdQ6kDVXFcBLg4n&sig=Cg0ArKJSzFJsVpc1vE5rEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 22F69175CB26FE50D2949FB0F202A582
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: C019A58911E59C1F2B5A79F6639EFDC1
Requests: 16 HTTP requests in this frame

Frame: https://hb.vntsm.com/psa/vg_300x50.jpg
Frame ID: 5D458BE5BBD2F5FCB89A38B053055E85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 6603384DDC49729B68CB49879085FC8D
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=987524
Frame ID: 8D86C45DD2760A7589F545A52F0EA7FC
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Frame ID: 70592F7E6C7C2293F6CEDEA7BDFF5C76
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 7E5FD17F4FB1ECE9B567F12BD58CC140
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A6A8155F4CD96785983D5AF67034E571
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Frame ID: ED406DFC5618FA5C714FD0926EC008DC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Frame ID: AC81FCD2A3E4955AAE8948C0A1BCD18F
Requests: 1 HTTP requests in this frame

Frame: https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=6937898801334461956brt54381660212099114682a1
Frame ID: 4274DA06DD50375DA87063188D8386E5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=mariopartylegacy.com
Frame ID: 1151AEC63C60719CC82898610675C694
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mario Party Legacy - The ultimate Mario Party resource

Page URL History Show full URLs

http://mariopartylegacy.com/ HTTP 301
https://mariopartylegacy.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

250
Requests

94 %
HTTPS

37 %
IPv6

47
Domains

66
Subdomains

53
IPs

7
Countries

4975 kB
Transfer

8440 kB
Size

65
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/BQMuUpM
Title: Discord

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/mariopartylegacy
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCKc0OJoJ3cyJgTAMpSkG2FA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MarioPartyLegacy/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/MPLNetwork
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mariopartylegacy.com/ HTTP 301
https://mariopartylegacy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138

https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ/YmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=6937898801334461956&redirect=https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ/YmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE

Request Chain 203

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
https://pbs.venatusmedia.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=16c8a101-681c-4082-9b38-3d266cf85462

Request Chain 227

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 232

https://cm-exchange.toast.com/bi/pixel?cm_mid=1908143852&toast_push&rest=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dnhnace%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D HTTP 301
https://pbs.venatusmedia.com/setuid?bidder=nhnace&gdpr=0&uid=QN2HRHYIIRPV432EC6PI7V4XA

Request Chain 240

https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$UIDbrt54381660212099114682a1 HTTP 302
https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=6937898801334461956brt54381660212099114682a1

Request Chain 241

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%25%25VGUID%25%25 HTTP 302
https://pbs.venatusmedia.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4hzrCZaRw7Zn&ev=1&pid=561205

Request Chain 242

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%25%25VGUID%25%25 HTTP 302
https://pbs.venatusmedia.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4hzrCZaRw7Zn&ev=1&pid=561205

Request Chain 243

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
https://pbs.venatusmedia.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=16c8a101-681c-4082-9b38-3d266cf85462

Request Chain 245

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmariopartylegacy.com%2F&domain=mariopartylegacy.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=zAvfKXxrd0RqS0U0VTMxMm1ieGNkbnBTL3ZIaDVrRk5tUENNSVJMU1hGYkVveVZqSGRvLzROcy9FMmRGOTBlVnE2UUU3S25SWEZsQ2xScjY2OGY5cXU4VmlGMVpQNXpBaGFETlQ1UzZia3pXcGtxRmUrbkg5TUd2NlA3U3M0ZjlhQkowTFFsREY0cllKY09Ea3ZYYzdXYmc1Sk5MVzJsWWtmeW5JMW1nOEdqaGJUYkNVbXQwMW5rVW9mQ2VoUlhrb2ZRZDAvKzBPRUNIWjN6Ymp3SDNrZHkydUJqa3J3YTZIOFpYVEkzS1RHZysrbjVBSTk0aE83eDBkekdGc0ZtSzVwaG9yfA&cppv=2

Request Chain 249

https://server.cpmstar.com/usersync.aspx?publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=390&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/match HTTP 302
https://na-ice.360yield.com/match?publisher_dsp_id=390&external_user_id=2-0qox_TpYzHmoQREvah0

Request Chain 250

https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=191&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/match HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=191&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/match HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dimprove%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dimprove%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=4cc6924a-c7e3-53df-8d83-2fc0ef77fc46&ssp=improve&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=5e9bf41d-aeb4-4dd9-8da4-ec18ec2daa04

Request Chain 251

https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2ad90b69-9651-409e-86e0-ac8e4568fb8c HTTP 302
https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2ad90b69-9651-409e-86e0-ac8e4568fb8c&verify=true HTTP 302
https://prebid.a-mo.net/setuid/yahoo?uid=y-HzK0aVBE2uEVboceid6muD.3eu1xmxkiJv6fjoY-~A&gdpr=0&gdpr_consent=

Request Chain 252

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=L6OVF26A-1L-LOM1&gdpr=0&us_privacy=1---

Request Chain 253

https://gu.dyntrk.com/adx/id/us.php?dynk=i2mpr0vd1g7&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=370&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/match HTTP 302
https://gu.dyntrk.com/adx/id/us.php?dynk=i2mpr0vd1g7&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=370&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/match&prevuid=06030002_62f4d3864f44c&knw= HTTP 302
https://na-ice.360yield.com/match?publisher_dsp_id=370&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_call_type=redirect&external_user_id=06030002_62f4d3864f44c

Request Chain 254

https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D2ad90b69-9651-409e-86e0-ac8e4568fb8c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F330%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2ad90b69-9651-409e-86e0-ac8e4568fb8c%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yYWQ5MGI2OS05NjUxLTQwOWUtODZlMC1hYzhlNDU2OGZiOGM%253D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F330%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2ad90b69-9651-409e-86e0-ac8e4568fb8c%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yYWQ5MGI2OS05NjUxLTQwOWUtODZlMC1hYzhlNDU2OGZiOGM%253D%26uid%3D&gdpr=1&gdpr_consent=&s=191503&us_privacy=1---&C=1 HTTP 302
https://prebid.a-mo.net/cchain/0/330?gdpr=0&gdpr_consent=&us_privacy=1---&A=2ad90b69-9651-409e-86e0-ac8e4568fb8c&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yYWQ5MGI2OS05NjUxLTQwOWUtODZlMC1hYzhlNDU2OGZiOGM%3D&uid=YvTThjwJ8TF2cBsQFeD8LgAA%26467 HTTP 302
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F330%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2ad90b69-9651-409e-86e0-ac8e4568fb8c%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yYWQ5MGI2OS05NjUxLTQwOWUtODZlMC1hYzhlNDU2OGZiOGM%253D%26uid%3D%24UID

Request Chain 256

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=ODBmYjc1ZjctODgyOC00ZTE2LWJlOGQtOWUwOGI0YzBmZjJk&dsp_callback=0 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEA3IlcXp_bKTLqnrzTnaIUw&google_cver=1

Request Chain 261

https://gum.criteo.com/sid/json?origin=publishertag&domain=mariopartylegacy.com&sn=ChromeSyncframe&so=3&topUrl=mariopartylegacy.com&bundle=ATRtOV9vNmFqY0tvOWZiRmJRUDlhciUyRm9ORGJqaG1xRjNxWFJMWjJieUF6R0luNWFzSThjQzJrMHVidG5pVVglMkIzczFvamUwcjVlZ0Z4RVRBZ0clMkY5aFJ5Zzg5JTJCb3h0aSUyQmRFJTJGYmNCY2t5RGNWUmFubkd5Q05RbzlpR000OFJ6dkpiaWlOZw&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_u4w6HxGb2FsMVFrUnJIcUExOENKQXhCYklrZnZ6UVBHM2g1SzBhYlJCT0d5WDdZckRBa252ZHc2N2V5YURReE83eEl0TU9IcEJpUFZmazFlWE8vU3htTDZDMTN6dG93OElFQXVRSFMxYkkzN2tvQ2ZZNThndEpHbm9RdExkZE1KVllDS2wwb0FZNUI0SS9KaldoVXlZSXpsK2kvZ1hrNkEyV29wMER1b3FNY1k5RUhmd2VKamhTcFZycGpxYTFyMlgyK3lEYlpxTjZRNFl6dndkK0cvK055VS94MjFHM2IrWWQvUFpIQWp2QVA0OUdOaldUaUVGRkIxQjBDMUhhOUlQcjY3RnkwUkgvdHNTd0YwblBUaDNxU3JSZldSR3JvTnIxUXVSRElRNkpYN2dhOD18&cppv=2

250 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mariopartylegacy.com/
Redirect Chain

http://mariopartylegacy.com/
https://mariopartylegacy.com/

86 KB
15 KB

699ms
669ms

Document
text/html

104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 160f7cfb6f024be09a40b462ca0b3d04b1e5fa1adf0b18b323dfa20255b583fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 10:01:37 GMT
link: <https://mariopartylegacy.com/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
x-ua-compatible: IE=edge

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Thu, 11 Aug 2022 10:01:36 GMT
location: https://mariopartylegacy.com/
server: LiteSpeed

GET
H2 200 pub.min.js Show response
free.xjs.lol/js/ 3 KB
2 KB 109ms
31ms Script
application/javascript 108.178.23.114
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://free.xjs.lol/js/pub.min.js

Requested by

Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx /

Resource Hash

2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 12:11:29 GMT
server: nginx
etag: "614b1d71-60b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
content-length: 1547
expires: Fri, 12 Aug 2022 10:01:37 GMT

GET
H2 200 style.min.css
mariopartylegacy.com/wp-includes/css/dist/block-library/ 87 KB
11 KB 13ms
10ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Wed, 13 Jul 2022 00:04:29 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10946
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 unsemantic-grid.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/ 12 KB
2 KB 14ms
11ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/unsemantic-grid.min.css?ver=3.1.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 06:37:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1655
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 style.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/ 21 KB
5 KB 14ms
12ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/style.min.css?ver=3.1.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 424332ea0ecacff818cf7de57fd7968c0172f01776ff025a4d2a99540422d3f0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 06:37:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4860
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 mobile.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/ 4 KB
1005 B 22ms
20ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/mobile.min.css?ver=3.1.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 06:37:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 972
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 font-icons.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/ 3 KB
713 B 23ms
21ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 06:37:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 680
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 font-awesome.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/ 30 KB
6 KB 23ms
22ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/font-awesome.min.css?ver=4.7
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 7181c93962530c41049c3aff9c3a0f4b0d03685ec63d22a39e3461e5628c09af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 06:37:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6556
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 featured-images.min.css
mariopartylegacy.com/wp-content/plugins/gp-premium/blog/functions/css/ 3 KB
487 B 24ms
22ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=1.12.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Wed, 16 Dec 2020 18:17:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 431
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 offside.min.css
mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 6 KB
1 KB 24ms
23ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=1.12.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 628492e9ee5248b3ae1bd504a7d60227a2e7a09b953b858784044d7d28844489

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Wed, 16 Dec 2020 18:17:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1392
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 icons.min.css
mariopartylegacy.com/wp-content/plugins/gp-premium/general/icons/ 273 B
172 B 25ms
23ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/plugins/gp-premium/general/icons/icons.min.css?ver=1.12.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: a84d93033cfb20c017fcdb465504883f68f8cddef078b205b04b0cd73f0d8405

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Wed, 16 Dec 2020 18:17:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 140
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 navigation-branding.min.css
mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 3 KB
616 B 25ms
24ms Stylesheet
text/css 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css?ver=1.12.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Wed, 16 Dec 2020 18:17:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 583
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 jquery.min.js Show response
mariopartylegacy.com/wp-includes/js/jquery/ 87 KB
30 KB 26ms
25ms Script
application/javascript 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 21:47:29 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30273
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 jquery-migrate.min.js Show response
mariopartylegacy.com/wp-includes/js/jquery/ 11 KB
4 KB 27ms
26ms Script
application/javascript 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Wed, 09 Dec 2020 23:16:15 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 100ms
51ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-84394370-1

Requested by

Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

291a322a80d7dbf8b2f378b0ab01747f0ad26830e3033f7ef13cca6641e07941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41882
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Aug 2022 10:01:37 GMT

GET
H3 200 wp-emoji-release.min.js Show response
mariopartylegacy.com/wp-includes/js/ 18 KB
5 KB 15ms
12ms Script
application/javascript 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Fri, 03 Jun 2022 00:38:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4619
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 cropped-mariopartylegacylogo.png
mariopartylegacy.com/wp-content/uploads/2019/12/ 90 KB
90 KB 16ms
12ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2019/12/cropped-mariopartylegacylogo.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: d297edda9cc0ac8d1ea9ae162e30430673ac07b4d8a536051b27ab2d96037c27

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Sat, 21 Dec 2019 10:16:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 92081
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariopartylegacythin.png
mariopartylegacy.com/wp-content/uploads/2021/02/ 26 KB
26 KB 39ms
35ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2021/02/mariopartylegacythin.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: c6f6d25594bb36ece49a086f833453906f388a3aec9a2e8568ba183807fc390b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Sat, 06 Feb 2021 19:44:13 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26624
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty1.png
mariopartylegacy.com/wp-content/themes/icons/ 20 KB
20 KB 49ms
45ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty1.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 84e5902420c80249fae4e0c136ae1c78b9f977210e528d676a0cbd1f276a12e3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20578
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty2.png
mariopartylegacy.com/wp-content/themes/icons/ 5 KB
5 KB 50ms
46ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty2.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 6624cfdb330a4273c33b550e5ae7440a7ef259e3c074b7b89bd27739bddfeb75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5103
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty3.png
mariopartylegacy.com/wp-content/themes/icons/ 5 KB
5 KB 50ms
46ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty3.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 4016e5c000f30547fe4c066aa2afad9f2ca5db3d6717b4d0990fecfd1a301507

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:35 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5269
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty4.png
mariopartylegacy.com/wp-content/themes/icons/ 5 KB
5 KB 50ms
46ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty4.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 095ce7913e543fa079a0e91c892304486f466f5d3c8ea49d50501a1d08ddd72d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:35 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5255
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty5.png
mariopartylegacy.com/wp-content/themes/icons/ 5 KB
5 KB 52ms
48ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty5.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: c0f68a9595fd8ff81f5a765be4da5aa5ce13cbbb8d5f40e25a270bd86978c35b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:35 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5288
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty6.png
mariopartylegacy.com/wp-content/themes/icons/ 5 KB
5 KB 52ms
49ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty6.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 61c34b945902ab85a4d8134bcbef2309558cef9b344777023e3acfac754ad430

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:35 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5177
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty7.png
mariopartylegacy.com/wp-content/themes/icons/ 5 KB
5 KB 53ms
50ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty7.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 5e939f7f2ddb20f90b0d03ff858ab310c3573e20abf16dd1f62609d0c06f9789

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:35 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5482
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty8.png
mariopartylegacy.com/wp-content/themes/icons/ 5 KB
5 KB 53ms
50ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty8.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 9755be0c168d11892adcf65aaa09cd3c671a262d4512e393bf542730a6a38aa8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5105
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty9.png
mariopartylegacy.com/wp-content/themes/icons/ 2 KB
2 KB 54ms
51ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty9.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 0edaf21554e0889aed8de9ec9e662e8247f3fad31fd795914a8822681bea1913

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2361
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 marioparty10.png
mariopartylegacy.com/wp-content/themes/icons/ 21 KB
21 KB 54ms
51ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/marioparty10.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: b884d92a693c2e1689e630dad72d23cb3775d4d9abc1c591f0a9439fa4b0d24f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21608
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariopartyadvance.png
mariopartylegacy.com/wp-content/themes/icons/ 7 KB
7 KB 56ms
53ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/mariopartyadvance.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 92f1c3973f0fdeed0f764028a1415b11372c3ce61d8c08bdcebde53d66f93cff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6662
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariopartyds.png
mariopartylegacy.com/wp-content/themes/icons/ 7 KB
7 KB 56ms
53ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/mariopartyds.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: ded6a344cab6b04f35d5974166b765ea329aa309368373d916658c000e2e1cef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:37 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6948
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariopartyislandtour.png
mariopartylegacy.com/wp-content/themes/icons/ 6 KB
6 KB 56ms
54ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/mariopartyislandtour.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: f74f09e9fd96d0445dcd5c4ebf50055bd5d782f5ad346174a7d4f389adca17c6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:37 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6192
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariopartystarrush.png
mariopartylegacy.com/wp-content/themes/icons/ 23 KB
23 KB 57ms
54ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/mariopartystarrush.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 04e335d4d6e4403b6be6ab4c8b75b2a59c060e00f8b36a2e8626b4de3ff3da3b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:37 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23064
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariopartytop.png
mariopartylegacy.com/wp-content/themes/icons/ 62 KB
62 KB 58ms
56ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/mariopartytop.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: fe4f915ffcb03078459bc08bceb07b6a3158278caa6f4a86c1a01aa229e05e7a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:38 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 63245
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariopartysuper.png
mariopartylegacy.com/wp-content/themes/icons/ 7 KB
7 KB 60ms
57ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/mariopartysuper.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 4cb32ec64c172379f3b33674d6ad45d1c5bb38601e17b9ee43597ba17a5c5350

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 26 May 2020 18:18:37 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7636
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariopartysuperstars.png
mariopartylegacy.com/wp-content/themes/icons/ 6 KB
7 KB 22ms
20ms Image
image/png 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/themes/icons/mariopartysuperstars.png
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 5b32009d78e3905b5795e394e00cb3fb5afbb912622323c581bbb856dfb560d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 15 Jun 2021 18:03:15 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6616
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mario-kart-8-deluxe-booster-dlc-wave-2-thumbnail.jpg
mariopartylegacy.com/wp-content/uploads/2022/07/ 764 KB
764 KB 25ms
22ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2022/07/mario-kart-8-deluxe-booster-dlc-wave-2-thumbnail.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 8a68f733a4c556d63f4075e483fa51939f0a6de4675336226c1a15077ee92c71

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Thu, 28 Jul 2022 16:13:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 782319
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 ad-manager.min.js Show response
hb.vntsm.com/v3/live/ Frame 482E 990 KB
297 KB 182ms
37ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-40-58.datapacket.com
Software: BunnyCDN-NY-885 /
Resource Hash: 12b0b58c95b4f68138c0e7bd8ef877fd58af5d204be750dbb975c3ad1cdb43f6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
cdn-edgestorageid: 885
access-control-allow-origin: *
cdn-cachedat: 08/11/2022 09:54:43
cdn-pullzone: 131999
cdn-requestpullsuccess: True
server: BunnyCDN-NY-885
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified: Wed, 10 Aug 2022 13:29:29 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"af9ceaaee77795ac8b9b63e0985de614"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
cdn-cache: HIT
x-bl: 0
cache-control: public, max-age=86400
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 254ba78252d51742a2535c815b98d3f3
cdn-requestcountrycode: CA
cdn-status: 200
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl

GET
H3 200 headerback9.jpg
mariopartylegacy.com/wp-content/uploads/2019/12/ 13 KB
13 KB 19ms
19ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2019/12/headerback9.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 732e093b7af9eb20bbae0d854548911684db64a17d4b69f0e31b81a928adb359

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Sat, 21 Dec 2019 10:38:59 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12975
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 headerback.jpg
mariopartylegacy.com/wp-content/uploads/2019/12/ 109 KB
109 KB 59ms
58ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2019/12/headerback.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 7cd06ebcc99017e3dac76cf98fb6bb6e987be09d24173d6dd9859852e88f82b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Sat, 21 Dec 2019 09:32:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 111579
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 headerback6.jpg
mariopartylegacy.com/wp-content/uploads/2019/12/ 106 KB
106 KB 10ms
10ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2019/12/headerback6.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 76be95cf10e2dc894e3960e5a50d616b9fd9b3a874fc0cfba65d43c3b94e83dd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Sat, 21 Dec 2019 10:39:27 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 108385
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 generatepress.woff2
mariopartylegacy.com/wp-content/themes/generatepress/assets/fonts/ 1 KB
1 KB 13ms
13ms Font
font/woff2 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3
Origin: https://mariopartylegacy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Fri, 08 Apr 2022 06:37:19 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1264
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mario-strikers-battle-league-guide-walkthrough-cheats-secrets-slide-2.jpg
mariopartylegacy.com/wp-content/uploads/2022/07/ 266 KB
266 KB 14ms
14ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2022/07/mario-strikers-battle-league-guide-walkthrough-cheats-secrets-slide-2.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 92b19b5113efbbaf8335fe55e8aff7d74a625a2964ff63f55593100e30bd3a0b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Wed, 20 Jul 2022 03:36:44 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 271897
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mario-kart-64-unlockables-guide-slide.jpg
mariopartylegacy.com/wp-content/uploads/2022/05/ 204 KB
204 KB 49ms
49ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2022/05/mario-kart-64-unlockables-guide-slide.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 906917064249257d133929d88cd256cc0f0a85bfebea2ffe13ee28e749dc2230

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Sun, 29 May 2022 10:01:19 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 208881
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mario-strikers-battle-league-guide-walkthrough-cheats-secrets-slide.jpg
mariopartylegacy.com/wp-content/uploads/2022/05/ 285 KB
285 KB 76ms
75ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2022/05/mario-strikers-battle-league-guide-walkthrough-cheats-secrets-slide.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 5f0d0dc37da096042a77e53ce42fdcc6152a6e606f453ab038cedd7dc088ddb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 24 May 2022 21:38:16 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 292012
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 83ms
21ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D24) /
Resource Hash: 71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:01:37 GMT
Content-Encoding: gzip
Age: 955
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29203
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 21:01:21 GMT
Server: ECS (nyb/1D24)
Etag: "2db8c3ce16d9541818f0d180a9ea89b1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3 200 offside.min.js Show response
mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/js/ 6 KB
2 KB 16ms
12ms Script
application/javascript 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=1.12.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Wed, 16 Dec 2020 18:17:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1919
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 jquery.cookie.min.js Show response
mariopartylegacy.com/wp-content/plugins/wplegalpages/admin/js/ 1 KB
666 B 17ms
13ms Script
application/javascript 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/plugins/wplegalpages/admin/js/jquery.cookie.min.js?ver=2.9.0
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 21:52:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 622
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 menu.min.js Show response
mariopartylegacy.com/wp-content/themes/generatepress/assets/js/ 7 KB
1 KB 17ms
13ms Script
application/javascript 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 06:37:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1509
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 wprt-script.js Show response
mariopartylegacy.com/wp-content/plugins/wp-responsive-table/assets/frontend/js/ 173 B
216 B 17ms
11ms Script
application/javascript 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://mariopartylegacy.com/wp-content/plugins/wp-responsive-table/assets/frontend/js/wprt-script.js?ver=1.2.6
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 6e8060b67a9bc601a234fad07a2ffdf1ba56bab8d4fe01fcdece885bce46f0aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Thu, 06 May 2021 20:41:08 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 173
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mario-golf-64-guide-walkthrough-cheats-secrets-slide.jpg
mariopartylegacy.com/wp-content/uploads/2022/04/ 196 KB
196 KB 24ms
22ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2022/04/mario-golf-64-guide-walkthrough-cheats-secrets-slide.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 63440413f9b013a54631b329d428a96694a8e82c1c67a5f924e29ade9ffc45e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Mon, 11 Apr 2022 21:38:55 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 200759
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariokartboosterslide.jpg
mariopartylegacy.com/wp-content/uploads/2022/02/ 244 KB
244 KB 26ms
24ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2022/02/mariokartboosterslide.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: d84628fdcbd80df1ec891a2d39af7837c748eaa2d7369fedd3e39cb902b04573

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 22 Feb 2022 20:35:25 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 249840
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H3 200 mariostrikersslide.jpg
mariopartylegacy.com/wp-content/uploads/2022/02/ 217 KB
218 KB 28ms
25ms Image
image/jpeg 104.152.168.8
CROCWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariopartylegacy.com/wp-content/uploads/2022/02/mariostrikersslide.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server08.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 0812fe1eca87b53058cf954b36e8b6c12fb15da281f92386acf6f0d800a2acbc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:37 GMT
last-modified: Tue, 22 Feb 2022 20:32:30 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 222671
expires: Thu, 18 Aug 2022 10:01:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84394370-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5766
date: Thu, 11 Aug 2022 08:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Aug 2022 10:25:32 GMT

GET
H/1.1 200
OK widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html Show response
platform.twitter.com/widgets/ Frame 73D9 320 KB
104 KB 19ms
18ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fmariopartylegacy.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0E) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 80477
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Thu, 11 Aug 2022 10:01:38 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Wed, 03 Aug 2022 20:59:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 73D9 513 B
520 B 127ms
41ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=60d65d4aebbd8233a8159021a8d4cbf6a9e13272

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fmariopartylegacy.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

22ef4342b29ba9a78eed291312a4e0f398f649a0d08f563320882ff35b18d571

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 11 Aug 2022 10:01:37 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 10:01:38 GMT
server: tsa_b
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 05a38ff017fe0fe9e2d4096affd960ba6780c9972a9431ab2e9f4e88150a7ea7
content-length: 241

OPTIONS
H2 200 58e3a82446e0fb000143f01b.enc
hb.vntsm.com/v2/live/ Frame 0
0 110ms
36ms Preflight
application/octet-stream 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/58e3a82446e0fb000143f01b.enc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-40-58.datapacket.com
Software: BunnyCDN-NY-885 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ref_url
Access-Control-Request-Method: GET
Origin: https://mariopartylegacy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-pullzone: 131999
cdn-requestcountrycode: CA
cdn-requestid: a8f2d10a7c23c86c4e6fe99f2e478b05
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-type: application/octet-stream
date: Thu, 11 Aug 2022 10:01:38 GMT
server: BunnyCDN-NY-885
x-bl: 0

GET
H2 200 content.html Show response
hb.vntsm.io/ Frame 482E 32 B
741 B 230ms
170ms Fetch
text/html 2606:4700:10::6816:2e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: MAEZCD8BB59Z2EJ8
content-length: 32
x-amz-id-2: GWAvMt1vcvmiTsEPs+iuMWDZfpCt9jectSfFoZl7U8tWnDolemYhRuVgMMq6IxjYwxQFa9TjfbI=
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, origin, Origin
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7390218df838714b-YUL

GET
H2 200 58e3a82446e0fb000143f01b.enc Show response
hb.vntsm.com/v2/live/ Frame 482E 29 KB
5 KB 167ms
167ms XHR
text/plain 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/58e3a82446e0fb000143f01b.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-40-58.datapacket.com
Software: BunnyCDN-NY-885 /
Resource Hash: e921680b363787cc6f8a38f1e9c47c7c61962501539df2b374fb3d356086d880

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
ref_url: aHR0cHM6Ly9tYXJpb3BhcnR5bGVnYWN5LmNvbS8=

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: br
cdn-edgestorageid: 885
access-control-allow-origin: *
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cdn-cachedat: 08/11/2022 09:58:18
cdn-pullzone: 131999
server: BunnyCDN-NY-885
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified: Wed, 10 Aug 2022 10:06:13 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6ba443306e1c40962ad26cc2f2876ada"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
cdn-cache: HIT
x-bl: 0
cache-control: public, max-age=86400
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 22027188974d12b5fac47f5cbdaad723
access-control-allow-credentials: true
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 78ms
33ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1299232676&t=pageview&_s=1&dl=https%3A%2F%2Fmariopartylegacy.com%2F&ul=en-us&de=UTF-8&dt=Mario%20Party%20Legacy%20-%20The%20ultimate%20Mario%20Party%20resource&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1135514704&gjid=491064871&cid=962445684.1660212098&tid=UA-84394370-1&_gid=644113614.1660212098&_r=1&gtm=2ou880&z=1569641431

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK button.fed83577e235944f1c02f314fdfd94dd.js Show response
platform.twitter.com/js/ 7 KB
3 KB 18ms
18ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fed83577e235944f1c02f314fdfd94dd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D24) /
Resource Hash: dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:01:38 GMT
Content-Encoding: gzip
Age: 80476
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2359
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:06 GMT
Server: ECS (nyb/1D24)
Etag: "c1233079fb145bc77c712143fa5dcd65+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK moment~timeline.0077362cedfc3f5894ac8f9171c2dfd9.js Show response
platform.twitter.com/js/ 25 KB
8 KB 37ms
18ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.0077362cedfc3f5894ac8f9171c2dfd9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D23) /
Resource Hash: 5997b2d231bf8e1d62578e8ed7bc0b60e6751c7a87c1762f7e260f65d1bbeb30

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:01:38 GMT
Content-Encoding: gzip
Age: 80477
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 8086
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:06 GMT
Server: ECS (nyb/1D23)
Etag: "de123dc04bbf19def7476a4c0045075f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.55e8262747461cf415fb59f1ac3ec11e.js Show response
platform.twitter.com/js/ 21 KB
7 KB 74ms
18ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.55e8262747461cf415fb59f1ac3ec11e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D12) /
Resource Hash: 7edb913cc2ae8ff20b333bed70a5f70ee8356cd4e0ae04939855a879ab5d5eb0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:01:38 GMT
Content-Encoding: gzip
Age: 80476
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 6582
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:06 GMT
Server: ECS (nyb/1D12)
Etag: "f99606e4608647fe92f8f2be88fe578f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.2b1befbea3a1424bb94efd70105dfa52.en.html Show response
platform.twitter.com/widgets/ Frame B27E 40 KB
15 KB 24ms
18ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2b1befbea3a1424bb94efd70105dfa52.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D24) /
Resource Hash: e8dcc8dd399a0ee4d0aa4e532a3538028c007182df71143ce6840757a5d63b46

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 80461
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15049
Content-Type: text/html; charset=utf-8
Date: Thu, 11 Aug 2022 10:01:38 GMT
Etag: "4226f50dc1d4b20c6bd89627506eabf4+gzip"
Last-Modified: Wed, 03 Aug 2022 20:59:07 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D24)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
357 B 46ms
44ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22MPLNetwork%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1660212098266%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b7df0f50e1ec1%3A1659558317797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=60d65d4aebbd8233a8159021a8d4cbf6a9e13272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 10
pragma: no-cache
last-modified: Thu, 11 Aug 2022 10:01:38 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 05a38ff017fe0fe9e2d4096affd960ba6780c9972a9431ab2e9f4e88150a7ea7
x-transaction: 479fe4415bfe1cd8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B27E 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 136 KB
9 KB 231ms
138ms Script
application/javascript 2606:2800:220:13d:2176:94a:948:148e
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_MPLNetwork_old&dnt=false&domain=mariopartylegacy.com&lang=en&screen_name=MPLNetwork&suppress_response_codes=true&t=1844680&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

f75e3c0f85562bcec2a5365aac78c458e8b1e6a4ec5803f4761d38fc9f901bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=121
content-length: 8443
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 99
last-modified: Thu, 11 Aug 2022 10:01:38 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 658dad2e54f8b45572f5bed64387022a69bc228797d504c6054373285631a58d
timing-allow-origin: *
x-transaction: aefb40e50929af4d
expires: Thu, 11 Aug 2022 10:06:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 116ms
53ms Script
text/javascript 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

sffe /

Resource Hash

df2de19eced8fe9f51e08c55c34b8abc0d9fb62689c1305bbf97e2571d61d80b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28635
x-xss-protection: 0
server: sffe
etag: "1300 / 652 of 1000 / last-modified: 1660207324"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Aug 2022 10:01:38 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
35 KB 71ms
20ms Script
application/x-javascript 13.226.39.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-113.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:45:44 GMT
content-encoding: br
age: 29755
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: W/"148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via: 1.1 4667374d732461e741437d79cda68ba0.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: EWR53-C2
content-type: application/x-javascript
x-amz-cf-id: li6lMTxrlGsh-_vO7Oecnh1ZTKl6ZzJtSHrL3n-WMreuJ0oF3Tb2AQ==

GET
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ Frame 482E 57 B
0 66ms
27ms Fetch
application/json 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:38 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1b8a6f9f-5e93-42b4-ba79-a5be25fd24bb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 57
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 27a1.png
abs.twimg.com/emoji/v2/72x72/ Frame ECED 363 B
531 B 90ms
24ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/27a1.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/47E3) /

Resource Hash

d5b7288f327425755badd771bd9807addb77d9a752890906f95eddfed131b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
age: 31022461
x-ton-expected-size: 363
x-cache: HIT
content-length: 363
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECAcc (nyb/47E3)
etag: "80IPnYtwZPbD8vd5/RBI8A=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: a7a6157b73de53b4f5f967289fa63cf5720cae4fc4354526b332b247c00e8a3b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 11 Aug 2023 10:01:38 GMT

GET
H2 200 1f914.png
abs.twimg.com/emoji/v2/72x72/ Frame ECED 1 KB
1 KB 94ms
29ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f914.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/476A) /

Resource Hash

5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
age: 440881
x-ton-expected-size: 1028
x-cache: HIT
content-length: 1028
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:34 GMT
server: ECAcc (nyb/476A)
etag: "X7St/AzVm+1oZjkmNZWNow=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: c1722585a39f598c36954fcc5a9bd12c48950b8a30667e752339696193623133
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 11 Aug 2023 10:01:38 GMT

GET
H2 200 1f440.png
abs.twimg.com/emoji/v2/72x72/ Frame ECED 1 KB
1 KB 92ms
27ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f440.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/4783) /

Resource Hash

487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
age: 5705195
x-ton-expected-size: 1024
x-cache: HIT
content-length: 1024
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:49:51 GMT
server: ECAcc (nyb/4783)
etag: "Edk5xK45DjvtJuiq8MRwOQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9f0adaf40728c3a34c3f1dadb82e6cd1df788598d93a7a0cc25d410defb37df0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 11 Aug 2023 10:01:38 GMT

GET
H2 200 1f335.png
abs.twimg.com/emoji/v2/72x72/ Frame ECED 556 B
944 B 87ms
22ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f335.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/1D6E) /

Resource Hash

855735a62345bd8181c61f5cf427dd5ef9568b9d0d909d9168f2af835dd28e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
age: 4016175
x-ton-expected-size: 556
x-cache: HIT
content-length: 556
x-response-time: 16
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:29 GMT
server: ECAcc (nyb/1D6E)
etag: "evC22Ovx3NbrqaCGZDKO4Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 4561179f6739846d4df544d160c2e25ff3b18a004dacefafb1980604134c9b8a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 11 Aug 2023 10:01:38 GMT

GET
H2 200 1f3a7.png
abs.twimg.com/emoji/v2/72x72/ Frame ECED 774 B
938 B 94ms
30ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3a7.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/46D8) /

Resource Hash

96e389bc7e931917946bab3b7f6cb92a9949b7c13386c458f032b53602b0b69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
age: 6139149
x-ton-expected-size: 774
x-cache: HIT
content-length: 774
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:12:44 GMT
server: ECAcc (nyb/46D8)
etag: "M8914t6j1Wz/j9CzYfwk2g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7585d7808f2b4e6a006d15ef0f07940e5bc38243f2f2e34281845421f506496b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 11 Aug 2023 10:01:38 GMT

GET
H2 200 1f50a.png
abs.twimg.com/emoji/v2/72x72/ Frame ECED 655 B
822 B 92ms
28ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f50a.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/4775) /

Resource Hash

55a389705b863e35578972d0a336c9cb65c962a5599314629159c47ba46ddcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
age: 1498088
x-ton-expected-size: 655
x-cache: HIT
content-length: 655
x-response-time: 13
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:25 GMT
server: ECAcc (nyb/4775)
etag: "9dkTSllwwiGg63GTJTGbew=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 21971c9c228be129309fa4dcf0e60423831a6d1fdbf77b38adc41938c2ac54c0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 11 Aug 2023 10:01:38 GMT

GET
H2 200 1f3ce.png
abs.twimg.com/emoji/v2/72x72/ Frame ECED 886 B
1 KB 23ms
23ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3ce.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/4758) /

Resource Hash

4087bec4d792d53309236b3da78efb45affedf853147c99bfbfe2bb785c7326b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
age: 2036764
x-ton-expected-size: 886
x-cache: HIT
content-length: 886
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:33 GMT
server: ECAcc (nyb/4758)
etag: "2Mp0/XgYanybJ8u7tZEq/w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 152fa83e25a8f42ee081daaf515f36aa7208fac4321a439ee7153d853dd2005b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 11 Aug 2023 10:01:38 GMT

GET
H2 200 1f368.png
abs.twimg.com/emoji/v2/72x72/ Frame ECED 912 B
1 KB 24ms
23ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f368.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/1D54) /

Resource Hash

85e5961b6381291ee3f9e2928bd5c50e7db3636dcd3812ab6170cd0e06747f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
age: 1262430
x-ton-expected-size: 912
x-cache: HIT
content-length: 912
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:30 GMT
server: ECAcc (nyb/1D54)
etag: "MfCqvrst9+yEEw3O9jCPCA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ba17dc464f3494b37f69c4562e47c0148f55f7f8cf48d7ee2973fe835b88af7e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 11 Aug 2023 10:01:38 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame ECED 53 KB
12 KB 19ms
18ms Stylesheet
text/css 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:01:38 GMT
Content-Encoding: gzip
Age: 80477
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:04 GMT
Server: ECS (nyb/1D1A)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 19ms
19ms Image
text/css 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:01:38 GMT
Content-Encoding: gzip
Age: 80477
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:04 GMT
Server: ECS (nyb/1D1A)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 script.js Show response
d1oykxszdrgjgl.cloudfront.net/ 118 KB
41 KB 75ms
21ms Script
application/javascript 2600:9000:210b:3000:0:1651:6140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:3000:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abd803fbe6320482e70ba6d23402ea69ac6acb7290bbe8256aeacde85dde5e66

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:54:59 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 06:04:45 GMT
server: AmazonS3
age: 400
etag: W/"79dab56bb424f6dc40515e1f30fa7096"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: diWrjIqkNweS-8t3FwkbKXc6022b6jxbKVMCj2CmjTf4iSJvXKrP6A==

GET
H3 200 pubads_impl_2022080801.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
131 KB 60ms
21ms Script
text/javascript 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

sffe /

Resource Hash

227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134395
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:39:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Aug 2023 08:14:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 111 B
112 B 78ms
39ms XHR
application/json 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mariopartylegacy.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

8292e076c85520d9770a2739a10f142c0471931cf0107d528626fa9bc998a0d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Thu, 11 Aug 2022 10:01:38 GMT

GET
H2 200 LPgLYQyP_normal.jpg
pbs.twimg.com/profile_images/1495969746138787840/ Frame ECED 2 KB
3 KB 79ms
18ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1495969746138787840/LPgLYQyP_normal.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ec2fb171e1620562e36b696354c0aeb30f901ac6d5797a01b2301c8645de308

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 03:50:35 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 2339
x-served-by: cache-fty21342-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZq1T5MVsAA_7tc
pbs.twimg.com/media/ Frame ECED 14 KB
14 KB 79ms
19ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZq1T5MVsAA_7tc?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb6c4e6e6a7eefc0f3474ff67bb49b350d80eb652572d5315c6efb6fca99211b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 21:33:22 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 13935
x-served-by: cache-fty21353-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZrF614VUAAv3X-
pbs.twimg.com/tweet_video_thumb/ Frame ECED 30 KB
30 KB 110ms
51ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FZrF614VUAAv3X-?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cbc45e3be2565f4385e89a79915818b5e275acc444ae89fa3acbc9c53e77990f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 22:45:55 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 31112
x-served-by: cache-fty21333-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZZAUDSVUAErRkY
pbs.twimg.com/tweet_video_thumb/ Frame ECED 20 KB
20 KB 39ms
22ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FZZAUDSVUAErRkY?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

71cb0e6452376bbcd2d1b8c20cf508995e44d8fdd6ea5394604f4ccb4bc169ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 10:28:16 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 20568
x-served-by: cache-fty21334-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZdY2IBUYAEDlAy
pbs.twimg.com/tweet_video_thumb/ Frame ECED 34 KB
34 KB 56ms
40ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FZdY2IBUYAEDlAy?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f437983f1cae20e921d0affac3a73d80d1ea8b92578f38144e06f50d42eb13d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sat, 06 Aug 2022 06:53:56 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 34631
x-served-by: cache-fty21332-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZV_CzLUEAAalsl
pbs.twimg.com/tweet_video_thumb/ Frame ECED 21 KB
21 KB 28ms
22ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FZV_CzLUEAAalsl?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8594789a17e9bf0e37bcef8d25f4ac8f78d92ee5c2c630e1e22147f2eba83d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 20:23:52 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 21781
x-served-by: cache-fty13725-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZTdg6qUEAECBYV
pbs.twimg.com/tweet_video_thumb/ Frame ECED 22 KB
22 KB 47ms
28ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FZTdg6qUEAECBYV?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fb6b06bb210b7da274a733722c2138fd72c508ab16837c0806c04fd576b40ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 08:38:08 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 22512
x-served-by: cache-fty21367-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FOD3W1hVgAAsz3p
pbs.twimg.com/tweet_video_thumb/ Frame ECED 16 KB
16 KB 50ms
33ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FOD3W1hVgAAsz3p?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

09c31a631cce7c0a5660a3c202a0bcb0f6e2a4e5aff9b533b68243839fad0d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 15:04:26 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 15985
x-served-by: cache-fty21332-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZKx5JqUYAAp-f-
pbs.twimg.com/tweet_video_thumb/ Frame ECED 17 KB
18 KB 58ms
42ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FZKx5JqUYAAp-f-?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7cf5be6c1bc7fa991a24dd34dcbe8ea2fd1e6beffd703750ec728a58da32e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Tue, 02 Aug 2022 16:10:35 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 17805
x-served-by: cache-fty21348-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZI1kNTUUAETA6y
pbs.twimg.com/media/ Frame ECED 33 KB
34 KB 45ms
29ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZI1kNTUUAETA6y?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d4229c13df78b26b4f3bc63f75538c7de6781496432695f852823fc4c00f32ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Tue, 02 Aug 2022 07:07:23 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 34207
x-served-by: cache-fty21337-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZGGIg6UYAA7V7a
pbs.twimg.com/tweet_video_thumb/ Frame ECED 9 KB
9 KB 43ms
26ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FZGGIg6UYAA7V7a?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8f139114bc9d6f02bac4f8db7962ebf7249d70cd72f7bc5516cc4bc3a0531c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 01 Aug 2022 18:20:54 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 9165
x-served-by: cache-fty13724-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 uSLbjgg5TnVruyb1
pbs.twimg.com/ext_tw_video_thumb/1554175414964068353/pu/img/ Frame ECED 12 KB
12 KB 59ms
42ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1554175414964068353/pu/img/uSLbjgg5TnVruyb1?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44f8bc68db1f9274972b51b3283af08ff15be71bb41d448eaa9b4f9cee9acee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 01 Aug 2022 18:39:08 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 12426
x-served-by: cache-fty21381-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 WVTp4M9F087pe_xN
pbs.twimg.com/ext_tw_video_thumb/1554174739781824512/pu/img/ Frame ECED 17 KB
17 KB 57ms
41ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1554174739781824512/pu/img/WVTp4M9F087pe_xN?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

627ee2509310793db792efd25325aa4ab2d6aee538cb0ab4f09e59713071c1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 01 Aug 2022 18:36:27 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 17278
x-served-by: cache-fty21333-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZBY0fzVQAA5IzY
pbs.twimg.com/tweet_video_thumb/ Frame ECED 5 KB
5 KB 48ms
32ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FZBY0fzVQAA5IzY?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

739292727f596929d88ff012ea27ffae6d90411d788068303bb9dee554b62f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sun, 31 Jul 2022 20:24:27 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 4726
x-served-by: cache-fty21369-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FY_AqOuUsAAHl2C
pbs.twimg.com/tweet_video_thumb/ Frame ECED 27 KB
28 KB 60ms
44ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FY_AqOuUsAAHl2C?format=jpg&name=360x360

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7c4388144313c54e5663e0b67d081b450dd51031a5cca8a2fbf11a1df0380663

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sun, 31 Jul 2022 09:19:39 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 28082
x-served-by: cache-fty21360-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZyK-jWUUAAjLAc
pbs.twimg.com/media/ Frame ECED 16 KB
16 KB 54ms
38ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZyK-jWUUAAjLAc?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1775ff5d45b1e62abda94567eafe1a1c49665d16bde9145e7344a39bfd5abf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 07:45:22 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 16205
x-served-by: cache-fty13726-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZyK3YGUcAAXpi6
pbs.twimg.com/media/ Frame ECED 15 KB
15 KB 60ms
44ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZyK3YGUcAAXpi6?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

353161bc1a5a51ff9bb30407cfa29add8b95dcce2ff3725bc35169f3a3953069

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 07:44:52 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 15391
x-served-by: cache-fty21357-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZyK34oVUAAq2A8
pbs.twimg.com/media/ Frame ECED 13 KB
13 KB 61ms
44ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZyK34oVUAAq2A8?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7038f89b5a261a1e67bedb38ce7b0f87622dfe38b5eed91983e4e25992c167af

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 07:44:55 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 12823
x-served-by: cache-fty21346-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZn-rAMUYAIq6p4
pbs.twimg.com/media/ Frame ECED 17 KB
17 KB 61ms
44ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZn-rAMUYAIq6p4?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff11a2ed40708f52065714c89793bb5fce23cb3d742922711f04379726122b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 08:15:24 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 17131
x-served-by: cache-fty21331-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZn-io8VsAEa5SU
pbs.twimg.com/media/ Frame ECED 19 KB
19 KB 61ms
44ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZn-io8VsAEa5SU?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2047061dc2b49a85098ff5ee1e3423422645b1e9c999f4c7f0fd3f26e363efd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 08:14:50 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: MISS, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 19022
x-served-by: cache-fty21367-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZn-jCxUUAEh9v5
pbs.twimg.com/media/ Frame ECED 15 KB
15 KB 60ms
43ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZn-jCxUUAEh9v5?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

84c7080181f3fb52215b918a242e8234f22cb2591c8bc1c4be5d8324e18f5d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 08:14:51 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 15296
x-served-by: cache-fty21328-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZjN9zeVUAAoQ4B
pbs.twimg.com/media/ Frame ECED 9 KB
9 KB 71ms
54ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZjN9zeVUAAoQ4B?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1110ab9b45bb1a2db197f78779e4318e0354d5c60eae1662111ab71f449cdd7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sun, 07 Aug 2022 10:04:07 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 9173
x-served-by: cache-fty21333-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZjN22kUcAEikNm
pbs.twimg.com/media/ Frame ECED 8 KB
9 KB 65ms
48ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZjN22kUcAEikNm?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0136aad6c7311d404432d6a0ade2412a0c3ec17d37a0495ec5d811e2681e297

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sun, 07 Aug 2022 10:03:39 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 8567
x-served-by: cache-fty21373-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZjN3nJUsAArscJ
pbs.twimg.com/media/ Frame ECED 7 KB
8 KB 67ms
50ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZjN3nJUsAArscJ?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52020354ae529af5b5b75613ac0f409ac978bdf73fdab032163ff58bbdc92bc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sun, 07 Aug 2022 10:03:42 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 7632
x-served-by: cache-fty21380-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZD51KdVEAAk8TI
pbs.twimg.com/media/ Frame ECED 15 KB
15 KB 67ms
51ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZD51KdVEAAk8TI?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b08db1943e625c7da2ec361aa24cb0e3d4bf4adaa0f715e8bde10732b11b360

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 01 Aug 2022 08:07:55 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 14938
x-served-by: cache-fty21335-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZD5iU3VUAEJnke
pbs.twimg.com/media/ Frame ECED 17 KB
17 KB 65ms
49ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZD5iU3VUAEJnke?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d12b1b045cd56b5331058e7206493681cf4e4ba0cdfc8a9414f7b0f9cd8fe7ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 01 Aug 2022 08:06:38 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 16992
x-served-by: cache-fty21323-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZD5i-3UIAAX7zb
pbs.twimg.com/media/ Frame ECED 14 KB
14 KB 64ms
48ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZD5i-3UIAAX7zb?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a96f14050e7aa247f75fa61e33a4920fd79744cb39929750a1ac7c9eff0c0e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 01 Aug 2022 08:06:41 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 14189
x-served-by: cache-fty13722-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
H2 200 FZD5ji3VEAEHHwX
pbs.twimg.com/media/ Frame ECED 15 KB
15 KB 66ms
50ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZD5ji3VEAEHHwX?format=jpg&name=240x240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0801d8045c86660a7b29dcf4025273c8ad6dd45d89fd1ea13f608d074b13406f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 01 Aug 2022 08:06:43 GMT
date: Thu, 11 Aug 2022 10:01:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 14948
x-served-by: cache-fty21333-FTY, cache-lga21937-LGA, cache-tw-ZZZ1

GET
DATA 200
OK truncated
/ Frame ECED 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame ECED 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame ECED 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame ECED 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame ECED 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame ECED 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 51ms
27ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 57ms
27ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mariopartylegacy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 11 Aug 2022 10:01:38 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
124 B 45ms
45ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22MPLNetwork%22%2C%22widget_data_source%22%3A%22profile%3AMPLNetwork%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1660212098792%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b7df0f50e1ec1%3A1659558317797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=60d65d4aebbd8233a8159021a8d4cbf6a9e13272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 11
pragma: no-cache
last-modified: Thu, 11 Aug 2022 10:01:38 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 05a38ff017fe0fe9e2d4096affd960ba6780c9972a9431ab2e9f4e88150a7ea7
x-transaction: 092cf78c72750830
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 90ms
34ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mariopartylegacy.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 416ms
416ms XHR
text/plain 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1455671446290315&correlator=344755132518290&eid=31068854%2C44768683&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22756711119%2CVM_58e3a82446e0fb000143f01b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&ifi=1&adks=1634366647&sfv=1-0-38&fsapi=false&prev_scp=hb_pb%3D0.11%26hb_adid%3D58e3a83746e0fb000143f024-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3D95c6416a-v6.6.0_fo%26pg_ld_id%3Dfdf97da29b0f89978d5a7ec08a3033dd%26mo%3Dscan%26ac_id%3D58e3a7fb46e0fb0001b2d13e%26si_id%3D58e3a82446e0fb000143f01b%26pl_id%3D58e3a83746e0fb000143f024%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-08-10%252010%253A06%253A11%26ta_si%3D728x90%26rt_sh%3D0.6%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26to_sp%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660212098826&lmt=1660212098&dlt=1660212097689&idt=1070&adxs=436&adys=306&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmariopartylegacy.com%2F&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=4&ohw=1600&ga_vid=962445684.1660212098&ga_sid=1660212099&ga_hid=1299232676&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

4d3cf04ef7b532a3a693e8a401136c6690f774201d67d172acdd2674c6d83157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9437
x-xss-protection: 0
google-lineitem-id: 4753389744
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238778460
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 99ms
43ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e60a141d86e1f1d9f5be1cdbfdfb2eec104bbc8b4596ca9ca884308986f112da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11075
x-xss-protection: 0

GET
H2 200 container.html Show response
ea5dc0ce754a568f35231756f7620238.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2EB0 6 KB
4 KB 116ms
35ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ea5dc0ce754a568f35231756f7620238.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 10:01:38 GMT
expires: Fri, 11 Aug 2023 10:01:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 482E 483 B
940 B 46ms
16ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248505
x-amz-request-id: tx86f8e995592547ee95ab9-00629f4bc7
x-amz-id-2: tx86f8e995592547ee95ab9-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrREle4m4RYgCxphYgm0HDMAr6XhtK12OWuaAvz37ity%2BCz6Rwk0TJAVqMEO5ck1222sYWwz3X0h8jGNK8r16xqVsGylhH5CR%2FJ93ItYjsKPpZS4nr9%2BS86J5zJpB6Vn5l77K0s2Eyr49JNd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 73902192288f7145-YUL

POST
H2 200 cookie_sync Show response
pbs.venatusmedia.com/ Frame 482E 4 KB
922 B 137ms
41ms XHR
application/json 35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.venatusmedia.com/cookie_sync
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: 4c65483f42b44d20cec8adc80e9bffb52b8896c97e5a3225dafa17a80e15b372

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
pbs: nam
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 687
via: 1.1 google
expires: 0

POST
H2 200 auction Show response
pbs.venatusmedia.com/openrtb2/ Frame 482E 406 B
394 B 136ms
42ms XHR
application/json 35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.venatusmedia.com/openrtb2/auction
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: 7aff58f15e92dee4a98d2250738afefebc6c80c0506538e7c8283e20e4d31e0d

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
pbs: nam
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 306
via: 1.1 google
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 482E 24 B
525 B 101ms
33ms XHR
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 6c7764b312c07d567830ddc6306df6a36efbcb395781b9ab7e8c421e9a579856

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 10:01:38 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mariopartylegacy.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 482E 258 B
1 KB 212ms
177ms XHR
application/json 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2af76dc22473bbf2a49ff3caa8cd3d96a9153196eb49c1680471ab77c9748757

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:39 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: a8e45114-a054-4ced-ac57-6910a9a311ca
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 258
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ Frame 482E 459 B
843 B 255ms
197ms XHR
application/json 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 6225df10b0d2fee3e493d36aca6648a8fc5887715c5e5b8ce19aff674d94f767

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mariopartylegacy.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 175
content-length: 276

GET
H2 200 hb Show response
ice.360yield.com/ Frame 482E 99 B
518 B 183ms
75ms XHR
application/json 35.175.46.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223961286ed3539f6%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2247221576-9c64-4479-9d42-19335bcb1241%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22231562483eda7fa%22%2C%22pid%22%3A%2222440556%22%2C%22tid%22%3A%22c485f262-3f50-4fd0-92d7-f42950531773%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.46.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-46-39.compute-1.amazonaws.com
Software: /
Resource Hash: 8db9a9301d5b212cfe7c0dd69589439c475aa7438169577ad0c5b9b9608e76f9

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mariopartylegacy.com
date: Thu, 11 Aug 2022 10:01:39 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ Frame 482E 98 B
518 B 180ms
73ms XHR
application/json 35.175.46.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2240e94fac5d4c5d%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2247221576-9c64-4479-9d42-19335bcb1241%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222415a870f41be2f%22%2C%22pid%22%3A%2222440556%22%2C%22tid%22%3A%22e558f832-4009-4fd5-9e09-06a04947cbca%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.46.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-46-39.compute-1.amazonaws.com
Software: /
Resource Hash: 2e5a3c6860e4f51565416c539d4e41c9f49fe7798665b26667b3c2f8d9b09afd

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mariopartylegacy.com
date: Thu, 11 Aug 2022 10:01:39 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 98
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 482E 37 B
645 B 122ms
73ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=171567&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22255a8fd2b48bd43%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22268955158ce5209%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22300x100%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222736afcbcaeaca7%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2247221576-9c64-4479-9d42-19335bcb1241%22%7D%5D%7D%5D%7D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3cd7998667673ac989c75a0c062513c34b091a0d3bd8b53b9770ae15f6875f1

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ypWzIFhjU%2FLg6HHQwckezginTK2pCT3Tve3Fpx6ZBrHu7w8T75YloThvEnxyp5TC444Jc64yWNULchoXaHFlEzxqEQe%2Fdg%2FgMUXJC5Z2nEM7xGK9sQ%2BjaT6ksYnoQpvqs%2FEp4KH"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 739021928fd4a210-YYZ
expires: 0

GET
H2 200 arj Show response
venatusmedia-d.openx.net/w/1.0/ Frame 482E 173 B
593 B 182ms
114ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmariopartylegacy.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e558f832-4009-4fd5-9e09-06a04947cbca&nocache=1660212098899&pubcid=06bdc65a-7192-46c5-a7a6-10bfa919ad66&schain=1.0%2C1!venatus.com%2C58e3a82446e0fb000143f01b%2C1%2C%2C%2C&aus=300x250&divids=1003-58e3a84046e0fb000143f026-1&aucs=&auid=538731336
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e12d0fdc74504385b158eb92f60fbca2c83c596464e3196182baad52158c18aa

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://mariopartylegacy.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 482E 180 B
637 B 87ms
24ms XHR
application/json 195.244.31.11
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fmariopartylegacy.com%2F&SafeFrame=true&CanonicalUrl=https%3A%2F%2Fmariopartylegacy.com%2F&PublisherDomain=https%3A%2F%2Fmariopartylegacy.com

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

46f826ce2e6f25a50e5126d4fd8864853c9509b2de9cd4ad2605f364888a31d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 4
vary: Accept-Encoding
content-length: 180
pragma: no-cache
server: ayl-lb-usa02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 482E 18 B
318 B 303ms
99ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=69157388629

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mariopartylegacy.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 482E 310 B
1 KB 100ms
28ms XHR
application/json 2602:803:c002:200::116
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160038&zone_id=767292&size_id=19&alt_size_ids=43%2C44%2C117&rp_schain=1.0,1!venatus.com,58e3a82446e0fb000143f01b,1,,,&eid_pubcid.org=47221576-9c64-4479-9d42-19335bcb1241%5E1&rf=https%3A%2F%2Fmariopartylegacy.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=c485f262-3f50-4fd0-92d7-f42950531773&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6830238679572442
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 185c0125cf9c057803cea7fb15e7a54fb1f96b6783ce07b369f699a05222e4e2

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:38 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 482E 283 B
1 KB 112ms
24ms XHR
application/json 2602:803:c002:200::116
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160038&zone_id=767292&size_id=15&rp_schain=1.0,1!venatus.com,58e3a82446e0fb000143f01b,1,,,&eid_pubcid.org=47221576-9c64-4479-9d42-19335bcb1241%5E1&rf=https%3A%2F%2Fmariopartylegacy.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=e558f832-4009-4fd5-9e09-06a04947cbca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12012791683242541
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c3bfdabdfd7ebc9372af709a28ca948d7afad8786ff7b0406bae97a15d3e7223

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:39 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 482E 72 KB
23 KB 67ms
44ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 241707
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx018c9ad15ea74d8893432-00629f4bf5
x-amz-id-2: tx018c9ad15ea74d8893432-00629f4bf5
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpJkrQet1PZzwRF%2FsJzmvFG6CEAJ1TRbxyOpGa2s42WJy81OWShnapQeGgLncAlMNZFeGfOHAxXRWNNle6q23FrO8Qubs2SDT%2Fl8iK6MegolZbGUwAWo2QBIIwxB2IixvGrkLIH4NF%2FFVxvA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 739021926b1eecfa-YUL
access-control-allow-headers: Authorization

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 147ms
90ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 10:01:39 GMT

GET
H2

500

umcheck Show response
cs.emxdgt.com/ Frame 462C
Redirect Chain

https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26ui...
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db...
https://cs.emxdgt.com/umcheck?apnxid=6937898801334461956&redirect=https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9wYnM...

511 B
568 B

5643ms
5643ms

Document
text/html

44.208.243.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/umcheck?apnxid=6937898801334461956&redirect=https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ/YmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-208-243-83.compute-1.amazonaws.com
Software: /
Resource Hash: 8c3d3c6c0c12b0ebe7d355c3d337e9b5f2115bbfeb99fce7804e391a006cde54

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 511
content-type: text/html
date: Thu, 11 Aug 2022 10:01:44 GMT

Redirect headers

AN-X-Request-Uuid: 0958aa8a-b23a-42b8-8e22-5acbc1560ed6
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 11 Aug 2022 10:01:39 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://cs.emxdgt.com/umcheck?apnxid=6937898801334461956&redirect=https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ/YmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DAD1 13 KB
5 KB 64ms
20ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 176458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 09:00:41 GMT
expires: Wed, 09 Aug 2023 09:00:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AC6B 783 B
1 KB 85ms
40ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d725844de8c1de7aae652426ce2c75e3b9fe1509afb0ea6bd11b8bec0134372

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TDG35qSa6h5Ep9lkKG0e7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-TDG35qSa6h5Ep9lkKG0e7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 10:01:39 GMT
expires: Thu, 11 Aug 2022 10:01:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js Show response
pagead2.googlesyndication.com/bg/ Frame DAD1 36 KB
14 KB 64ms
21ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13955
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:45:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC6B 0
0 61ms
39ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080801&jk=1455671446290315&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 78ms
34ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mariopartylegacy.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 471ms
471ms XHR
text/plain 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1455671446290315&correlator=3852477786497007&eid=31068854%2C44768683&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22756711119%2CVM_58e3a82446e0fb000143f01b&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C320x50%7C300x100%7C320x100&ifi=2&adks=1211667048&sfv=1-0-38&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D609525109ddea76a9b42dab2-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3D95c6416a-v6.6.0_fo%26pg_ld_id%3Dfdf97da29b0f89978d5a7ec08a3033dd%26mo%3Dscan%26ac_id%3D58e3a7fb46e0fb0001b2d13e%26si_id%3D58e3a82446e0fb000143f01b%26pl_id%3D609525109ddea76a9b42dab2%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-08-10%252010%253A06%253A11%26ta_si%3D300x50%26rt_sh%3D0.6%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660212099225&lmt=1660212099&dlt=1660212097689&idt=1070&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmariopartylegacy.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=132&ohw=1600&ga_vid=962445684.1660212098&ga_sid=1660212099&ga_hid=1299232676&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

d631a865c8fe63f8afac3a28d2a09f5df7e1b4760253f570360320dca74327c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9317
x-xss-protection: 0
google-lineitem-id: 4753389588
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238778460
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
13 KB 487ms
486ms XHR
text/plain 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1455671446290315&correlator=3373730291714952&eid=31068854%2C44768683&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22756711119%2CVM_58e3a82446e0fb000143f01b&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3997522798&sfv=1-0-38&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D58e3a84046e0fb000143f026-1003%26hb_iv%3D1%26sv%3D1%26re_ve%3D95c6416a-v6.6.0_fo%26pg_ld_id%3Dfdf97da29b0f89978d5a7ec08a3033dd%26mo%3Dscan%26ac_id%3D58e3a7fb46e0fb0001b2d13e%26si_id%3D58e3a82446e0fb000143f01b%26pl_id%3D58e3a84046e0fb000143f026%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-08-10%252010%253A06%253A11%26ta_si%3D300x250%26rt_sh%3D0.6%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660212099228&lmt=1660212099&dlt=1660212097689&idt=1070&adxs=1100&adys=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmariopartylegacy.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=962445684.1660212098&ga_sid=1660212099&ga_hid=1299232676&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e68b554129be821a197ac1f5756b98ffe307e2cd0e497fec1f4bca74cd97e5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13006
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mariopartylegacy.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 auction Show response
pbs.venatusmedia.com/openrtb2/ Frame 482E 406 B
374 B 78ms
40ms XHR
application/json 35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.venatusmedia.com/openrtb2/auction
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: d24863d9723a995f476ca0a71f78c46d54da68c77a3b8eaf952eefbb4036125f

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
pbs: nam
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
via: 1.1 google
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 482E 18 B
317 B 108ms
108ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=61799148327

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mariopartylegacy.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 482E 20 KB
13 KB 184ms
184ms XHR
application/json 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

50a851e128d4680cbfa1729eee45b9381a76c7e7ed17f1f0b21d96532d3f546e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 10:01:39 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c571b436-14dd-456c-ad27-8bca71a5ec4d
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ Frame 482E 23 KB
12 KB 170ms
169ms XHR
application/json 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 02d7ec61ba9ff1f911d41e5d3585e8e109d0614b69bba0e6b70484193dba93b3

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:38 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mariopartylegacy.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 146
content-length: 11664

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 482E 1007 B
2 KB 285ms
104ms XHR
application/json 23.105.12.161
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.161 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 0a2c2dc82b96627abaafb2527020c824af825987cb008f0ca3577e62b3e2883c

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ Frame 482E 36 B
609 B 72ms
51ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=171567&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22743358a176bd3d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227549b47f3285825%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2247221576-9c64-4479-9d42-19335bcb1241%22%7D%5D%7D%5D%7D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c04d0fe419546111d53047abf36448f1b9a917f1064ccd3dfd298321c998e6

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRi9B0UCik%2F4958vNjG4IplSf4mncSGpKCMXb7TTe8Rk%2FVUh43HDyKSsWGZBWnD8F9zUWQw%2FeKafgjtruBAARkJjKNYDmW1kRhCKUeR5re87y4OPHRBPSjhPSDyByhNodhd9DZL4"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73902194df235419-YYZ
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 482E 302 B
763 B 32ms
32ms XHR
application/json 2602:803:c002:200::116
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160038&zone_id=767292&size_id=2&alt_size_ids=57&rp_schain=1.0,1!venatus.com,58e3a82446e0fb000143f01b,1,,,&eid_pubcid.org=47221576-9c64-4479-9d42-19335bcb1241%5E1&rf=https%3A%2F%2Fmariopartylegacy.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=9fac80de-a4c6-466e-b50a-7d6ea427cfa8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2296014354470921
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ca27a95318a6407c7e8bc20127db44112255ec1f91f5d65de1c0996d1444684f

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:39 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 302
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 hb Show response
ice.360yield.com/ Frame 482E 1 KB
675 B 71ms
70ms XHR
application/json 35.175.46.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2287c3c658ce6b258%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2247221576-9c64-4479-9d42-19335bcb1241%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22807e454c310e74a%22%2C%22pid%22%3A%2222440556%22%2C%22tid%22%3A%229fac80de-a4c6-466e-b50a-7d6ea427cfa8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.46.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-46-39.compute-1.amazonaws.com
Software: /
Resource Hash: 96377c5f6377c332cd969538a480e6cfa8cd748caa70c75d7dc36f3c8950f658

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mariopartylegacy.com
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 439
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 482E 24 B
525 B 42ms
42ms XHR
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 70d4a4de09fc33f3a7f12ab08eca8507d1af2d3a4f75164a502f86b3e5331959

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 10:01:39 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://mariopartylegacy.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H3 200 arj Show response
venatusmedia-d.openx.net/w/1.0/ Frame 482E 173 B
187 B 152ms
139ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmariopartylegacy.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9fac80de-a4c6-466e-b50a-7d6ea427cfa8%2C9fac80de-a4c6-466e-b50a-7d6ea427cfa8&nocache=1660212099306&pubcid=06bdc65a-7192-46c5-a7a6-10bfa919ad66&schain=1.0%2C1!venatus.com%2C58e3a82446e0fb000143f01b%2C1%2C%2C%2C&aus=728x90%2C970x250%7C728x90%2C970x250&divids=1000-58e3a83746e0fb000143f024-1%2C1000-58e3a83746e0fb000143f024-1&aucs=%2C&auid=538731338%2C538731339
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 3a458b43ff12f80e48228c3616448c86cfa41f62d2afe7462a4b0cd452e1ec49

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://mariopartylegacy.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DAD1 0
9 B 19ms
19ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zDJi5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 auction Show response
pbs.venatusmedia.com/openrtb2/ Frame 482E 406 B
370 B 40ms
40ms XHR
application/json 35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.venatusmedia.com/openrtb2/auction
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: f0fe95e0d6ee31ba1808af274c8ce037baf1332129b7e616e79197fe0d3a899b

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
x-prebid: pbs-java/1.79.0
content-type: application/json
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
pbs: nam
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
via: 1.1 google
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 482E 302 B
763 B 30ms
30ms XHR
application/json 2602:803:c002:200::116
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160038&zone_id=767292&size_id=2&alt_size_ids=55&rp_schain=1.0,1!venatus.com,58e3a82446e0fb000143f01b,1,,,&eid_pubcid.org=47221576-9c64-4479-9d42-19335bcb1241%5E1&rf=https%3A%2F%2Fmariopartylegacy.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=20c50004-55f9-4366-9379-d019b5348339&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.27259683286527103
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f5ac554b9752de5e06673b4735e078105d1a79eeddc04d1ec7ed66352d9ad9c5

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:39 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 302
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ Frame 482E 23 KB
12 KB 189ms
189ms XHR
application/json 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: a5d86ddc85d9d24bc961831e13ee1287927ca22844500a5fa75c1b5752620a25

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mariopartylegacy.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 165
content-length: 12165

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 482E 18 B
317 B 100ms
99ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=32022904922

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mariopartylegacy.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ Frame 482E 38 B
578 B 45ms
45ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=171567&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22108e892a640fac72%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221090c10960ecbe9c%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2247221576-9c64-4479-9d42-19335bcb1241%22%7D%5D%7D%5D%7D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bec3c4da19909fbb537422ac0d5fec59a01c38d3e64fd533e11be7289b531501

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCHa6EAl0CK4Cl7b%2B0Co3fmckU%2B%2FsvN%2Ft3CIwiKDEDOxM%2BPd8WjbjIzbvRZWwtetOcduhRTwrHbHlK4VONvExwSxK2Y1CEVNXnCW4aWK0q%2B34VAKsYLDyEAoo2mp59yYnV8dF6uq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 739021952f665419-YYZ
expires: 0

GET
H2 200 hb Show response
ice.360yield.com/ Frame 482E 1 KB
692 B 107ms
107ms XHR
application/json 35.175.46.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22114e4d5ade1cf8fe%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2247221576-9c64-4479-9d42-19335bcb1241%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211192638a48a3879%22%2C%22pid%22%3A%2222440556%22%2C%22tid%22%3A%2220c50004-55f9-4366-9379-d019b5348339%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.46.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-46-39.compute-1.amazonaws.com
Software: /
Resource Hash: 411558f9a45b4b5ef2cbe8c2e3787b4dda0d1723483a4547f3984d8d0f0dc0b7

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mariopartylegacy.com
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 456
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 482E 16 KB
9 KB 236ms
202ms XHR
application/json 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ca0666c9ee95a2648d90b2316cc385c7888d89a30197c2c7f22535c76aa5e957

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 10:01:39 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5d256611-72aa-4872-b973-6af932848616
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame 482E 16 B
168 B 316ms
96ms XHR
application/json 54.154.21.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.21.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-21-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://mariopartylegacy.com
date: Thu, 11 Aug 2022 10:01:39 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame B756 118 KB
42 KB 191ms
10ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a991cef8e1b302989f94dad4a0e23a70dd561b60d2b41f58ed87228f0051f9c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:01:39 GMT
Content-Encoding: gzip
Age: 18138
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 42145
X-Served-By: cache-lga21964-LGA, cache-yul12825-YUL
Access-Control-Allow-Origin: *
Last-Modified: Wed, 10 Aug 2022 13:16:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1660212100.825608,VS0,VE0
ETag: W/"62f3af90-1d8e8"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 12 Aug 2022 04:59:24 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 2197

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B756 0
20 B 81ms
79ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-BQKjrdmpy9De330eP-OOj5zPAvfAeqN8IarI9lGwfvXLlBedxSh37MB_gflWfTpEuxTp3opqW32MSCasbeE355dX6mUg

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame B756 7 KB
4 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2666
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3151
x-xss-protection: 0
server: cafe
etag: 3095951791532391640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 10:17:13 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame B756 85 KB
29 KB 47ms
10ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:01:39 GMT
Content-Encoding: gzip
Age: 14518990
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21929-LGA, cache-yul12821-YUL
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1660212100.682771,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 3124187

GET
H/1.1 200
OK it
nym1-ib.adnxs.com/ Frame B756 0
817 B 57ms
18ms Image
text/html 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fmariopartylegacy.com%252F&e=wqT_3QKRBvBMEQMAAAMA1gAFAQiDp9OXBhCD-9TvpLX7q3QYhMyYqbjGl6RgKjYJd2fttgvNhT8RjDGwjuOHgj8ZAAAA4HoU-j8hjDGwjuOHgj8pd2cJJMgxAAAAQOF6lD8wgI2qBTimBkDlHkhlUKeiyyVY74NNYABohR14iPwFgAEBigEDVVNEkgEBBvBhmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCH-AC7pAB6gIdaHR0cHM6Ly9tYXJpb3BhcnR5bGVnYWN5LmNvbS-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHQJM3BwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ0eRC9nZW5fMjA0P2lkPWF3YmlkJgUG9GkBX2I9QUtBbWYtQnhOcWdGU3VUR2puY3JReHNFUmc0WFJ6Q21PNGRBM0VxdjdPdWUxOHlVS2FVX08zOXlKY3o1bVF5ZEgwa050Z3BCV2xULXZYTUNHanQ0OVE4T2hKeGVqdVdQTFEmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTODM4MzQzMDU0NzA4MTYwODU3OSIINzg4Mjc4MTUqBDM5NDE6ATDAA6wCyAMA2AOdyS_gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODmoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFmvSHpbfpm_cjwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFg85F-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAFFgkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDE0MDAxMDc2MzgwMLoHDwgAASlEIAAwADi0BEAAyAeI_AXSBw0JCUUAAAVHCNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=16e6df83afbae3992ee9dd03d32638031499e867

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:39 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: f6f7603c-91f7-4607-a020-96b26f29c93d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mariopartylegacy.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
13 KB 538ms
538ms XHR
text/plain 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1455671446290315&correlator=119777919485583&eid=31068854%2C44768683&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22756711119%2CVM_58e3a82446e0fb000143f01b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=4&adks=3875135371&sfv=1-0-38&fsapi=false&prev_scp=hb_pb%3D0.03%26hb_adid%3D609524789ddea76a9b42daab-1004%26hb_iv%3D1%26sv%3D1%26re_ve%3D95c6416a-v6.6.0_fo%26pg_ld_id%3Dfdf97da29b0f89978d5a7ec08a3033dd%26mo%3Dscan%26ac_id%3D58e3a7fb46e0fb0001b2d13e%26si_id%3D58e3a82446e0fb000143f01b%26pl_id%3D609524789ddea76a9b42daab%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-08-10%252010%253A06%253A11%26ta_si%3D728x90%26rt_sh%3D0.6%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26st_ty%3Dhorb&eri=1&sc=1&cookie=ID%3D9b8c0cec42078464-224f39a5977c0012%3AT%3D1660212098%3AS%3DALNI_MYcdn_iyrVnVs4ktDig4bsedyI1WQ&gpic=UID%3D0000087985eeac41%3AT%3D1660212098%3ART%3D1660212098%3AS%3DALNI_MY1m8acs6_4YE178fL3c-7oB8JL9Q&abxe=1&dt=1660212099660&lmt=1660212099&dlt=1660212097689&idt=1070&adxs=436&adys=1156&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmariopartylegacy.com%2F&frm=20&vis=1&psz=1600x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=962445684.1660212098&ga_sid=1660212099&ga_hid=1299232676&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

7d04c37b9569eb7e62bdfadfe28244411b048e8ef741949c7fd3f791d4e18d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13247
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mariopartylegacy.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame 482E 16 B
167 B 97ms
97ms XHR
application/json 54.154.21.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.21.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-21-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://mariopartylegacy.com
date: Thu, 11 Aug 2022 10:01:39 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22F6 0
0 42ms
42ms Fetch
image/gif 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW7Q24g0Prn6g2XGkdb5uu8iMiMcktGP4iVIxVsdValIqDpRDE4nyHVRVwnYLCGioGB7BsAyg3uQS0IkcZ7yZE_4olo-ldHt3fPxAAdWXyr13H3_Sz1dXoGuNkKyE_nK0tRwvDnnKON6vY56YHfQvYpTqc84HYileYcT2qwY4r7pIRFZxIowpl07otb12FlX16PrVoOA_BDYGwW3hBGe5_ZVqxHbf_OSU9c8nu54SSekweH-Jb43lg-SwGH2JDuKGwee0SRAqGCj0GHLE7wccemDF-DrtV_35x8b-VU1nDXgOJmCA8AVOvxzjt3Pp37h-dQryolijormou1Z0c5fcxTWOl7Nwtb7A&sai=AMfl-YT4q5xwH_HEHQW4n4PP0y3C2cCf35j8B4rXK1DXQVK2t2Ca4X5EBtXxiKTIDaY6SjICnNxlbIeKhWhCfNN0tje1e3rVdPFuNXILqG2kwG6dEp1bzhdQ6kDVXFcBLg4n&sig=Cg0ArKJSzFJsVpc1vE5rEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 10:01:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 10:01:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22F6 140 KB
44 KB 101ms
42ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 10:01:39 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ Frame C019 220 KB
61 KB 91ms
20ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame C019 14 KB
5 KB 124ms
54ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame C019 94 KB
28 KB 126ms
56ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame C019 5 KB
2 KB 134ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame C019 40 KB
13 KB 135ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C019 4 KB
1 KB 84ms
35ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:39:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 10:01:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 10:01:39 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C019 2 KB
2 KB 20ms
19ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:15:20 GMT
x-content-type-options: nosniff
server: cafe
age: 6379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Aug 2022 08:15:20 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C019 295 B
319 B 21ms
20ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:15:20 GMT
x-content-type-options: nosniff
server: cafe
age: 6379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 12 Aug 2022 08:15:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C019 0
0 84ms
38ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRB88QdnWUZL_U2iPw2USHOHWeM9L3kScSak40YrCXoXhtQ4Z-OZ2U882ce8Lh8mgNSjh1ezCyW1jfDVZNhnDjiv9xk9w
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C019 0
0 46ms
45ms Image
text/html 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CM15Lg9P0YqbPEYaWnATzxI_ICqW1vclr-se9rMoQoN3Pv9EIEAEgg5vTaWDJluyKtKTYD6AByuXgvwLIAQmpAs5CWJrOdLQ-4AIAqAMByAMKqgSNAk_Q1qP5ydYmFki38Pt-ZtyWAX2PqdYAhch8ESdmUhXtXoVqE155sYNGqU2Cz7YXA-cKs3K1tJ5dIjaWvR9NCTQjQ4DsI9fL2pCMybnLQf5DI4FX6Szd-59kaqikIdLEWP8JB47ZQJ6TXS2yGrT8O_aUirWvJrGzrFbX3P9R8Lbv4j8XZAfxD0i7s8TBKGNzF3ivv622PI6rex_sL2nnti3y-Ahhd_50Z3gbQ3V5bC-Gk-nKVZkVCdgkKs1TYoDk1HcyFqer2MPGXf8lznNQNYD6TjNo5pUQFeTNGPm2zsboj-JJ4VqgcLgAixdBbXOOQjDYV1alEuOpdHMcey1VbqOJiSbnN-IPGp_kFA9TwASYi_ftkQTgBAGgBi6AB56an8ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQzYMY0ggQCIhhEAEYHTIDioIBOgKAQPIIG2FkeC1zdWJzeW4tMTAwNDM1MjQ0NjE1MDExMIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01NzgxNTMxMjA3NTA5MjMyGOe2bQ&sigh=ozeCfNzrUz0&uach_m=[UACH]&template_id=5000
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s33-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2942371168104070488/ Frame C019 7 KB
7 KB 20ms
20ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2942371168104070488/downsize_200k_v1?w=400&h=209

Requested by

Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccef8870777e9e4b23cd586009492125f5ee592852fbb95ce9f7c511575cfdde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:53:26 GMT
x-content-type-options: nosniff
age: 162493
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6727
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 10:45:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 12:53:26 GMT

GET
DATA 200
OK truncated
/ Frame C019 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C019 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db0044f180f21209bbf7f729894af77ab70acef154028b16cb1972a388bdfb93

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vg_300x50.jpg
hb.vntsm.com/psa/ Frame 5D45 14 KB
15 KB 38ms
37ms Image
image/jpeg 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.vntsm.com/psa/vg_300x50.jpg
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-40-58.datapacket.com
Software: BunnyCDN-NY-885 /
Resource Hash: fc5b5131523cba943cce9651db751d032f38b9fc629cd3e5044dae0d9d5c5de5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
cdn-edgestorageid: 885
cdn-cachedat: 08/11/2022 09:55:24
cdn-pullzone: 131999
cdn-requestpullsuccess: True
content-length: 14530
server: BunnyCDN-NY-885
last-modified: Thu, 02 Nov 2017 09:52:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "b6ad5081f5e9a579ec2aab3b541738a6"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
cdn-cache: HIT
x-bl: 0
cache-control: public, max-age=86400
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid: 9f00f79b04d5cf9150122a6597dd7fe1
cdn-requestcountrycode: CA
accept-ranges: bytes
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl

OPTIONS
H3 204 1a
i.clean.gg/ Frame 0
0 27ms
26ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mariopartylegacy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 11 Aug 2022 10:01:39 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ Frame B756 0
15 B 28ms
28ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 10:01:39 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 6603 13 KB
5 KB 62ms
21ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 62566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 16:38:53 GMT
etag: 12223946614886178233
expires: Thu, 11 Aug 2022 16:38:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8D86 52 KB
17 KB 86ms
20ms Document
text/html 173.223.56.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=987524
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.223.56.228 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-228.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 11 Aug 2022 10:01:39 GMT
ETag: "623de86a-cf34"
Expires: Fri, 12 Aug 2022 10:01:41 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
nym1-ib.adnxs.com/ Frame B756 0
817 B 18ms
18ms Script
text/html 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fmariopartylegacy.com%2F&e=wqT_3QKNMPBMDRgAAAMA1gAFAQiDp9OXBhCD-9TvpLX7q3QYhMyYqbjGl6RgKjYJd2fttgvNhT8RjDGwjuOHgj8ZAAAA4HoU-j8hjDGwjuOHgj8pd2cJJMgxAAAAQOF6lD8wgI2qBTimBkDlHkhlUKeiyyVY74NNYABohR14iPwFgAEBigEDVVNEkgEBBvBYmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCH-AC7pAB6gIdaHR0cHM6Ly9tYXJpb3BhcnR5bGVnYWN5LmNvbS_yAgwKBkhFSUdIVBICOTABD_DtBVdJRFRIEgM3MjjyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTY4OTEzMTAzN_ICvxUKC1BSRV9TQ1JJUFRTEq8VPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmOy8qCgogU1BEWC1MaWNlbnNlLUlkZW50aV49AGRrPUFycmF5LnByb3RvdHlwZS5pbmRleE9mPxW6LGEsYyl7cmV0dXJuIFotABAuY2FsbAEpJCx2b2lkIDApfTo2PwA0aWYoInN0cmluZyI9PT0BaBBvZiBhKQlWERoAIRUaSGN8fDEhPWMubGVuZ3RoPy0xOmERmFAoYywwKTtmb3IodmFyIGQ9MDtkPGENKVw7ZCsrKWlmKGQgaW4gYSYmYVtkXT09PWMNaAggZDsJcQwtMX07EaA4IGwoYSl7bFsiICJdKGEpDSIIIGF9CRMAPREoCCgpex01AG4BNQRhPQnuOD09PWE_ZG9jdW1lbnQ6YRVDJC5jcmVhdGVFbGUBGRgoImltZyIpHUUAcCUycGQpe2EuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwoWhoAED1bXSk7IQAUYj1uKGEuEXwEKTsB_QQpewEaAGUuugAZFwRmPVpTADwsZz1rKGYsYik7MDw9ZyYmPuoBFHNwbGljZSnpdGYsZywxKX1iLnJlbW92ZUV2ZW50TGlzdGVuZXImJlIXADQoImxvYWQiLGUsITEpO1IjAGI6ABBlcnJvcg07GH07Yi5hZGRCcwA-FAA-cAA-IAABbT4UAAAoNmoAHGIuc3JjPWM7WjEBGC5wdXNoKGIu0QEEcSgpfARhPTGSIC5jdXJyZW50U4UPTRoAKDI5AixudWxsOmEpJiYiNzdhHWxhLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2E6FVc8cXVlcnlTZWxlY3RvcignWw0lAD0BRAxdJyl9RR3wUnI9UmVnRXhwKCJeaHR0cHM_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7CmZ1bmN0aW9uIHQoEeAAaAVhDGM9W10FCQRkPQHGDDtkb3tBexhiPWE7dHJ5BQwAZUGTGGU9ISFiJiYBJBwhPWIubG9jYaEUIC5ocmVmKWI6ewEtkGwoYi5mb28pO2U9ITA7YnJlYWsgYn1jYXRjaChtKXt9ZT0hMX0BXghmPWUZFwBmARYMaWYoZgmZAGc-XgAMO2Q9YnUfIfQ1QiRyZWZlcnJlcnx8AZckfWVsc2UgZz1kLA3LAGMp3zBuZXcgdShnfHwiIikpBdUUYT1iLnBhIdQZhgBhBf9MfX13aGlsZShhJiZiIT1hKTtiPTCFqQBhlcp0LTE7Yjw9YTsrK2IpY1tiXS5kZXB0aD1hLWI7Yj1oISs5HgGuNSo4YW5jZXN0b3JPcmlnaW5zbhwArQwAPR11ACmhLxRhPTE7YTyxVEw7KythKWc9Y1thXSxnLnVybHx8KAUILkIBOnYAFFthLQoxXSEMGCxnLmg9ITAB4ykiAGgZqyHVZeUAZyUWJQIEZD0yBAEcMDw9ZDstLWShrEhmPWNbZF0sIWcmJnIudGVzdChmAY8gKSYmKGc9ZiksBQ4sJiYhZi5oKXtiPWY7RRsAfQ1dAGQV5gQmJgHMATsEOzBBZSVaCCYmZAVIARsIKTtjBa0QdihiLGe16BRjLmc_Yy4F-gw6Yy5pAUAAfbHzBCB2oaEcKXt0aGlzLmlB1QEJCGc9YxkiAHUdIgh1cmwRJBRoPSEhYzsFLwWIJQq9-gB3lSkUdCgpLGM92d48Ij8iKTtzZXRUaW1lb3V0KBGMDTEAZNlzGGQ_LjAxOmRBNUQhKE1hdGgucmFuZG9tKCk-ZClpDwxiPXEoIaQAImX_NDovLyIrKGImJiJ0cnVlgWsAYlZrBDgtcmNkIik_InBhZ2VhZDLNnRBzeW5kaWm5IC1jbi5jb20iOmYjAAUgDCkrIi8JRXgvZ2VuXzIwND9pZD1qY2EmamM9NzcmdmVyc2lvbj0ihUUMZT0oZQGxDCkmJmVamQANMTAiKXx8InVua25vd24iYeNcK2UrIiZzYW1wbGU9IitkO2I9d2luZG93BVgAZjk0FGY_ITE6ZiEzNGU9Yi5uYXZpZ2F0b3IpMg4AUC51c2VyQWdlbnQsZT0vQ2hyb21lL0mbIGUpJiYhL0VkZxkRHD8hMDohMTtlYZMVUTAuc2VuZEJlYWNvbj8KHWkdGCQoZCk6cChiLGQsIkUICZ4IKX19DuIIFqoIKCAwPD1jP2Euc3ViFj8JHCgwLGMpOmF9CeAMLnJmbC7oBw01aGVuY29kZVVSSUNvbXBvbmVudCh3KCkpfTt9KenBQZoUKTsKPC9zxZhkPvICyQIKCkVYVFJBX1RBR1MSugI8ZGl2IHMORQsUPSJwb3NpobFkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIOFLVYdJFEpZAkE2DR4uMgIUYXdiaWQmBQbwhl9iPUFLQW1mLUJRS2pyZG1weTlEZTMzMGVQLU9PajV6UEF2ZkFlcU44SWFySTlsR3dmdlhMbEJlZHhTaDM3TUJfZ2ZsV2ZUcEV1eFRwM29wcVczMk1TQ2FzYmVFMzU1ZFg2bVVnIiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIjEaqGRpc3BsYXk6bm9uZSI-PC9kaXY-8gKZAQoMUE9TVF9TQ1JJUFRTEogBPHMlajYIARb2CVBhZHMuZy5kb3VibGVjbGljay5uZXQxBjx4YmZlX2JhY2tmaWxsLmpzAWUttQ1TAD6dJCAge3IzcHgoJzYenAwcJyk7fSkoKTs96hCMEQoQSAGdNFBPUlRfUEFSQU1TEvcQkSOKlADwbWFkZmV0Y2g_YWRrPTQwODMxMzY1MzEmYWRzYWZlPW1lZGl1bSZjbGllbnQ9Y2EtcHViLTMwNzY4OTAwMTI3NDE0NjcmZm9ybWF0PTcyOHg5MF9hcyZpcD0xNDkuNTYuMTUzLjE4OSZvdXRwdXQ9Dn0NICZ1bnZpZXdlZA6XDUWLIF9zdGFydD0xJqF2EbwEbWFK-w0QJnN1Yl8NjgBiQZT0VQNyLTI4ODQ1MzQmaGw9ZW4mYWNlaWQ9TUhVWHRBRDhHN1FBLVZVMEFVWmJOQUVPYURRQmxIQTBBUkIxTkFHb2RUUUJ3SFUwQVExNE5BR2JlRFFCSVhrMEFXVjZOQUgwZWpRQm5IczBBYng3TkFIcGV6UUI3SHMwQVJ4OE5BRXRmRFFCTG53MEFVVjhOQUZSZkRRQlczdzBBVjU4TkFGZmZEUUJZWHcwQVc1OE5BRjZmRFFCZlh3MEFZRjhOQUdDZkRRQmhYdzBBWTk4TkFHZWZEUUJyM3cwQWJSOE5BRzFmRFFCdDN3MEFiOThOQUZMYzBFQlUzTkJBZndRMmdGZ0hGd0NraDVjQWhfNmlBS2ZRS29DSjBLcUFpaENxZ0lwUXFvQzJVYXFBaUJhcWdMOWVLb0MySTZxQW8tVHFnSkZscW9DWDV1cUFvQ2JxZ0tCbTZvQ2dwdXFBcUtvcWdLNHNLb0N6TWVxQXYzTXFnSncwcW9DZGRxcUFsWGVxZ0tnNWFvQ1ZQQ3FBc0R4cWdJNThxb0NpX1NxQXFUMHFnS3Y5S29DUFBXcUFsejRxZ0twLXFvQ3dQcXFBaWI3cWdKQy02b0N4X3VxQXFMX3FnSWdBNnNDOXdXckFrWUlxd0p1Q2FzQ2pRbXJBZ1FLcXdLN0RLc0M3dzJyQXJNUXF3Sm1FcXNDc1JLckFrNFVxd0xYRktzQ0hoV3JBc29XcXdLRUY2c0N1Qm1yQWljYXF3S1pHNnNDcXh1ckFnOGNxd0xoSEtzQ25SMnJBZ3NlcXdLQ0hxc0M1eDZyQWxJZnF3S1BJS3NDd2lDckFzWWdxd0xSSUtzQ0R5R3JBa2tocXdKYUlhc0MzeUdyQW9naXF3S2JJcXNDUENPckFrRWpxd0xuSTZzQ29DU3JBdGNrcXdJU0pxc0NuU2FyQWtzbnF3TEQyS0VPQllWaUVBT3MteElyclBzU0k2MzdFajIxLXhKVnl2c1NSOV83RW52ay14Sk82dnNTd1BmN0VzdjgteEw1X1BzU1ZfNzdFbUgtLXhLT19fc1NrUUQ4RXYwQV9CTHlXOUFUWE5PV0dmaFdheHFadlA4amY4dTFMckdTUVRrJmV4az02ODkxMzEwMzcmYXdiaWRfYz1BS6WU8LBrZ0lJbkdaQ291alRKdGx5LVZidFhLaU1WcU0zWFgtS2h3SnpxeVJYMzhPeV9KT2pCSFBzWkVRZS1mcy02V0NadlhOTVA2YTlNdTZBRUd4c3F3b0dEZV81em5NR3RCcEluM3NDRGNpb3lNbDcxcWczd2N5QVpMZXF1MXhGTUxKZVpQNENtZXp3UUstLVJnMUlZelhpN2dScW44MzJKc1RicGdDNXpQcTcxX3UwMTJTQSbJVABkzVT0EgVENDQzdkt1RmttdFVJb05yajlCeS14bDU4cF9KMkp3WWtaSGUyNlpnU1l2STYyNHJyRnZEODB1clRJMlJFZ25TR0Y3TW9aT3JxVS1oc0JIcWFBemM3SE1PQzRIY0tDMGtwZzVGTWpWY3JuVTlGRS1DUjVXSkVZYVcyT0c3SlZHSjFJYzJKTTRKTHRZRjdGWHZhVXU5dnNicHpzNTJ3dWp5VkRHbVJkY3BRZVhrTzB1Y0tTRGN0T3gxai1iVW41VHBLVDhhVTVDU0ZZRWNlZU9Gdmc4OVRJOG9LMHdRamZ6TXgycnVLMDB1R0xENDRKMGltdjlkOURJeEM0NHBOMGJObHFlTGQyY1pTb3loend2NGxORF94ajRIc1VrbmotNDRNSTVTQWwxU1JEdDgxUGtWM3pLNS12dDhBNEdmV2k2MkRVYkdfNkU4bU5oY0sxXzVZQnJHSEN1aHFxVXl6bEc0a2hCUjFqQ0NlNlAwWjNYNF9fakdiakJEQnZaeDNTVHpKVnozaFRmRE9ERUxocVJ2Vy1rOFVrdU5wNjBRQ1JURERjem8yOU5Wd24xSEtFdXhaTjJBOHdDcjVOX3BlOFdfeVN0R3hiVUtXWUlxa1gxM2xfc2VxQjlyaFVzTFdxeDZCTElZVUxqQ2JlWHpqb2d2U0NxVE1yVlIxZ3pkcko3TFV5Qm1TQUdDRUtfVWF6Q1ZsSU5XS0oyeWZmU1hOdDBYTDQwS2lIUUJrWTNNUExub3pqdXhhaXcwVmVsZHdmdnJqWUtTRjVZUjlfMW15cUhMaHdER1puMTF1ZWVuVGx5Wk1kZzRSNzMyaFR0UlFEc3FZazU1a25CS0tyendFUGxLOGt5djZkS3NvMngzczYtY2xNTXNLTFdIejJYeUlFaGxPX0ZKUzhmaFRUcFdsX3ZvR21JUFdDdjNKQmlGNEJiVGlUZllaYV9pWlNaam1HZnlGM2R5MHdBR1NDYTF4eDllcGxpa2stSE5EZGtGY2VPN1FUR040bnB3bXNHYmZmbml5OFNVb1R1UGtPNWk5N0I3Vy1rVno5WkpLck1KdFVCajA4ZTdEQkxxU240VWJhdFhBRFBVMThkbFNlMFFhdERDcFBBeW0xX0VZcU5tQkx2cDJQUVBJQTNKSzdoQSZjaWQ9Q0FBU0JPUm9aMkUmYV9jaWQ9gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDnckv4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTg5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKeiyyWIBQGYBQCgBZr0h6W36Zv3I8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHqBQ0KCGluLWZvY3VzEgEx6gUQCgtpcy12aWV3YWJsZRIBMeoFBwoCaHASATHqBQwKB2luLXZpZXcSATHqBQ8KCmxvb3AtaW5kZXgSATHwBYPORfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxNDAwMTA3NjM4MDC6Bw8IABAAGAAgADAAOLQEQADIB4j8BdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEACVCAAAgD-YCAE.&s=99dc147034906953fc7e35ff304b87fef5532105&bdref=https%3A%2F%2Fmariopartylegacy.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fmariopartylegacy.com%2F,https%3A%2F%2Fmariopartylegacy.com%2F&

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:39 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0c817388-b290-49f7-b2cf-584fe6dadf62
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C019 16 KB
16 KB 66ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mariopartylegacy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 19:32:09 GMT
x-content-type-options: nosniff
age: 52170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 19:32:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C019 15 KB
15 KB 68ms
26ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mariopartylegacy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 19:35:49 GMT
x-content-type-options: nosniff
age: 51950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 19:35:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22F6 0
0 42ms
42ms Fetch
image/gif 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxlAE-hVafYmLIqqWk1e0mqeMnZ-JGhPLsdO1YzfIQGPKagJPWjz3WiZR7fcJNsiqjrXwrzJYadOXqegij-MwUyPGf8ZhOGpZUNqKXcCX6Y7q6UDej1-o0jBb_K7vi0zVysAVoroSIISHBckVZlvVLvR1fdBge2Na1TKCS88wUELGmDg15V2LtAnRz5gyHs1UrUYvxG8IT-6X3iOfVU7p_mbdxwrMEXRLeTRtePTJ8aTP0QUXE23Jfz3d75DN7nQVsxQ6E4qDMmJd5os1mY-Jihoc0m6W4i2-8lCYWWxRfIIQXtEngPFXoPkZMaR7N5Wk_pSd1NxtPQlHvlaqhZ9D368JT5qp6lzwFEg&sai=AMfl-YSy44qRmCKZ3p8-e7Av6-u9F93MYPnSM3x03cmPaD-4kM-lYXF2NgVLwfNSlCHLXF1eCAX0gmi85_4kTWRHqNY62WT5QJ7nGqq9OQi9t9gxiXF_O1EMHKG1TI4SbEAg&sig=Cg0ArKJSzPmYpayH7wcJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 10:01:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 10:01:39 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame 482E 16 B
167 B 98ms
96ms XHR
application/json 54.154.21.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.21.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-21-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://mariopartylegacy.com
date: Thu, 11 Aug 2022 10:01:39 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080801&jk=1455671446290315&bg=!6eql6q7NAAa4hXTbmIU7ACkAdvg8WqyKccSu6XXjTRt-ZmdmNT4760NWlCkYeIRAlQKtOVlCkt_3_wIAAABqUgAAAAFoAQeZAuG-cI809dcPDasEO-ZrT3ei62SrzUCAcu8A-gNnKjnZMIkV6tGkDnxEbGdTQiSDY1vb-xip68eItnOD3rq_jVAZic9rCr7wtuqRfENxVqDQJdDkHqW3A9gGEchRkLFuLxq7-2ONg0y1AHulTcASfmrG95rPuEepDzrhu8X6ZEfFGsuyHWhfLVXiJnjQFXM7oEhy1wEu16IVxDOAKGflanVfZkHDOQAykWSnqOVy9d3wi5_GKynTFHlQ2HUwoBF_aQRJ5PURnqp-GQ_yLhVB56YVRPykwbPkSs505ZNhvzKUIAbj9WVL9-hPLxwSH2S4wNnrD64ouq4pvVezNWyp0b_68LavQivlevlEkks1-tE6r5G7xLbLG172ILu5Uo4CiHV-UNMMPs5mlWsOm-0corebZjGt6AWg8TkfAjsiDoKHqKkMEWxNb8Az_iAqinIi2C_EZnnreSinfFXmAGG9bc-AvKBLI9lCWzoBB-jVu8Jgu7hZoDFtQ6m9Lw0AB4HLky5dGsYpE0Y0MGIbP6-OENxv11qDaPV-TKyfY6w9v-_aPr-3TnF7wJhyJjsOpWycsAMz0nEgafG2_YYMP7nWyLoaS8mNcRRxDy5mpb0Idx7EInrQESnebS42AfTHOOxTpX_ulaeFc_YrZFUGPAIy4O1Qd1-WK7Ih3Ql5Y8twAH9GfEAj5_c6WdXqlMU9PYXSJ-NZ5zH3C_RmRWGodY-0puBm1y8EXvyRzOa1xT6j2UEnj6mCWoWDhx29zRjNaC3meIjTkGpWDjQA622o_xD8N4o5ae8N-TBjSih-jdxTdifL-TqxlnogKLEwfS5hTeMSrmGnoKLmx0z6nEgeTETJnol4yLp2WC6jtBKxoqjNQbhPcdZ9YYUnzi0AUHJUFKFkdKqvE5DLK2lJNNF_-uy0QuLYiukPxAbAHekKi6noK5VO5EGRdZ9PSq-WkRNHvw1GwVHoRF9GB0sF0uYIIIv9ZQR28A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

POST
H/1.1 200
OK vevent
nym1-ib.adnxs.com/ Frame B756 0
844 B 23ms
22ms Ping
text/html 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmariopartylegacy.com%2F&e=wqT_3QKRBvBMEQMAAAMA1gAFAQiDp9OXBhCD-9TvpLX7q3QYhMyYqbjGl6RgKjYJd2fttgvNhT8RjDGwjuOHgj8ZAAAA4HoU-j8hjDGwjuOHgj8pd2cJJMgxAAAAQOF6lD8wgI2qBTimBkDlHkhlUKeiyyVY74NNYABohR14iPwFgAEBigEDVVNEkgEBBvBhmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCH-AC7pAB6gIdaHR0cHM6Ly9tYXJpb3BhcnR5bGVnYWN5LmNvbS-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHQJM3BwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ0eRC9nZW5fMjA0P2lkPWF3YmlkJgUG9GkBX2I9QUtBbWYtQnhOcWdGU3VUR2puY3JReHNFUmc0WFJ6Q21PNGRBM0VxdjdPdWUxOHlVS2FVX08zOXlKY3o1bVF5ZEgwa050Z3BCV2xULXZYTUNHanQ0OVE4T2hKeGVqdVdQTFEmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTODM4MzQzMDU0NzA4MTYwODU3OSIINzg4Mjc4MTUqBDM5NDE6ATDAA6wCyAMA2AOdyS_gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODmoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFmvSHpbfpm_cjwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFg85F-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAFFgkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDE0MDAxMDc2MzgwMLoHDwgAASlEIAAwADi0BEAAyAeI_AXSBw0JCUUAAAVHCNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=16e6df83afbae3992ee9dd03d32638031499e867&type=nv&nvt=5&jm=1003&px=436&py=261&bw=728&bh=90&sid=1089286951195314785&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=11175552&sw=1600&sh=1200&pw=1600&ph=4897&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:39 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6625137e-9c04-4214-8ad4-69d65ed36592
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prbds2s Show response
rtb.gumgum.com/usync/ Frame 7059 0
100 B 82ms
24ms Document
text/plain 54.225.94.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.94.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-94-43.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
date: Thu, 11 Aug 2022 10:01:40 GMT
etag: "0d41d8cd98f00b204e9800998ecf8427e"
server: nginx
timing-allow-origin: *

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8D86 0
745 B 20ms
20ms Script
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=987524&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=987524

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:40 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1ddec884-3933-4ada-8d29-358b56488e1f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 6603 76 KB
30 KB 81ms
80ms XHR
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1473dda63c79518d7170b5c32eeffcd56a60c7b1c3add672f6e0b3a0af5b5163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 10:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30905
x-xss-protection: 0

GET
H2

200

setuid
pbs.venatusmedia.com/ Frame 482E
Redirect Chain

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%5BUID%5D
https://pbs.venatusmedia.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=16c8a101-681c-4082-9b38-3d266cf85462

86 B
412 B

44ms
40ms

Image
image/png

35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.venatusmedia.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=16c8a101-681c-4082-9b38-3d266cf85462
Protocol: H2
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:40 GMT
via: 1.1 google
content-type: image/png
pbs: nam
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:40 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-76
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pbs.venatusmedia.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=16c8a101-681c-4082-9b38-3d266cf85462
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ Frame 7E5F 220 KB
60 KB 68ms
23ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 7E5F 14 KB
5 KB 98ms
54ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 7E5F 94 KB
28 KB 101ms
57ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 7E5F 5 KB
2 KB 64ms
21ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 7E5F 40 KB
13 KB 65ms
22ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 236616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7E5F 8 KB
893 B 81ms
38ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:43:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 10:01:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 10:01:40 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7E5F 2 KB
2 KB 19ms
19ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:15:20 GMT
x-content-type-options: nosniff
server: cafe
age: 6380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Aug 2022 08:15:20 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7E5F 295 B
319 B 20ms
20ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:15:20 GMT
x-content-type-options: nosniff
server: cafe
age: 6380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 12 Aug 2022 08:15:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7E5F 0
0 38ms
37ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiMcXkB9mcl15hnS4BcFGzw8BMrOP6-VzV5UXLMXvdWedjRnv4rJjWyI4cpmD5k-JXAnpyqNEo7N0wcMj0EqUAFlLF4Q
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7E5F 0
0 52ms
51ms Image
text/html 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca5vRg9P0Yp-NLJuPjvQP7fi3gAmltb3Ja_rHvazKEKDdz7_RCBABIIOb02lgyZbsirSk2A-gAcrl4L8CyAEJqQLOQliaznS0PuACAKgDAcgDCqoEjwJP0BLPeroext_GzSLWM9A2LFpIDN3hPTRL03fbq7RkVYXmQzUowpVtV1zMI8dSqkryNNUPeaWij927lvV7GOaOD_6gx78dsP_eQXxCTiKl3VxEn6gp0Nu-V8WH-eQxTiQWo0itj7c4w8XECkixtzpzjKyhY9o6uJXxv6HOT_4ajyoyYzQKS3PzHlM6M3K5hjGRAQ2w6ZNV1Ra_JRlwFoFj2IUgLsohvSpYb6d7_j60RVc4ICvHy03klxW4vWt0eKYt7iy7qMNP9Xmk9qeddm6i9Qg93m_IFWITyxI3QfrJdg1DnoIsh6Z3k_lr9tZlR1C7LPkV48OiDq1NCRF5whYZmNzfJ91uOajKx65s6fHzwASYi_ftkQTgBAGgBi6AB56an8ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQmbUh0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi0xMDA0MzUyNDQ2MTUwMTEwgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTU3ODE1MzEyMDc1MDkyMzIY57Zt&sigh=RmcKYa9sq3c&uach_m=[UACH]&template_id=5000
Requested by: Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s33-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3561105316270857861/ Frame 7E5F 6 KB
6 KB 21ms
20ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3561105316270857861/downsize_200k_v1?w=195&h=102

Requested by

Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4779503132bf2f6ec2a7cd844de7cb3960c30cb18e13f05ee8e98f4f7b77ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 20:08:33 GMT
x-content-type-options: nosniff
age: 136387
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6469
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 10:45:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 20:08:33 GMT

GET
DATA 200
OK truncated
/ Frame 7E5F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7E5F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7E5F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a2233250a9a47936cc5c622b851955f886c645648fdee92e0671e67a537c9fe

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 6603 30 KB
12 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 08:16:05 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6603 3 KB
1 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 09:30:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6603 140 KB
43 KB 113ms
68ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 10:01:40 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6603 26 KB
10 KB 24ms
22ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10270
x-xss-protection: 0
server: cafe
etag: 538911934249463863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 09:29:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6603 0
0 39ms
38ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIDdwgcBXh_rKetuD1A10ZZmvYq9A1xWenjW_tmMLm1xDp1JPGtUaKRnElQp_w6OY5wlp5ZbaI50fm7ZOZhoxLUR6gHg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6603 42 KB
16 KB 30ms
29ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b71751f270ad0ccc4a3df02628f8f0bda77a1593499f8729baebe24d1452cc73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 18:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16423
x-xss-protection: 0
server: cafe
etag: 8567620576632772034
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 18:13:28 GMT

GET
H3 200 3454091636829220640
tpc.googlesyndication.com/simgad/ Frame 6603 30 KB
30 KB 36ms
35ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3454091636829220640?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnMj8REOozzqhiifZBWUD7qFrYJoQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3860d63dfab9ece2135b3409555633c607c2c5e5662a5069e337e7ce4271efbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:56:41 GMT
x-content-type-options: nosniff
age: 241499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30365
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 05:49:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 14:56:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6603 0
17 B 52ms
49ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7YdRg9P0YoWdFoqeoPwPzLC8-AWbr87da9DXqdinENiJhZ4LEAEg5pfWJWDJluyKtKTYD6ABqLzjhwLIAQKoAwHIA8kEqgTmAU_QBEvqBVXvQwFOBvBmOGM3eoLEe9HRcL2FI-M9Sg4Z4z8lcYvb5M0jQg1--DTkEloikEDxZSpJWx-exILZmulfhD5raV_r_khzdpF9ymdch2v0CTKrOvVeARAW1E7AKCJiNFuutOQiQqOEtU9DUoOJ9TS3HpcPGZ0fCXoHaU3peA7cDYUnU3hgba98m4Qn-TEdAAJFzBjoog7Pae1mMI5pEzeLJDVaiF15ksTUgS2KbIqCUeQHcTmGUcL6Ei5xADPP-tH398zfvMq259czaqm3-M3Py3Qk0boGDFqFAj5eGxqEuM0hwASY7KrKiQSSBQQIBBgBkgUECAUYBKAGAoAHwMOc-AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAdIIDwiAYRABGAAyAooCOgKAQPIIDmJpZGRlci0yODg0NTM0gAoEyAsB2BMM0BUBgBcBshcICgYIABIAGAA&sigh=his5ICrFgT8&uach_m=[UACH]&pr=10:0.010645&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 10:01:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A6A8 143 B
163 B 20ms
20ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 09:11:42 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A6A8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

36ms
36ms

Document
text/html

2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 10:01:40 GMT
expires: Thu, 11 Aug 2022 10:01:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 10:01:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7E5F 28 KB
28 KB 61ms
21ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mariopartylegacy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 48424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 20:34:36 GMT

GET
H2 200 connectmyusers.php
cdn.connectad.io/ Frame 482E 0
0 164ms
133ms Image
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr=&consent=&us_privacy=&cb=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26%26us_privacy%3D%26f%3Di%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 6603 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41af83d87985bd76f64344d51de99c0f134cc5c022cf0be4abb72d2710d56352

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js Show response
pagead2.googlesyndication.com/bg/ Frame ED40 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13955
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:45:49 GMT

GET
H2

200

setuid
pbs.venatusmedia.com/ Frame 482E
Redirect Chain

https://cm-exchange.toast.com/bi/pixel?cm_mid=1908143852&toast_push&rest=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dnhnace%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%2...
https://pbs.venatusmedia.com/setuid?bidder=nhnace&gdpr=0&uid=QN2HRHYIIRPV432EC6PI7V4XA

86 B
495 B

40ms
39ms

Image
image/png

35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.venatusmedia.com/setuid?bidder=nhnace&gdpr=0&uid=QN2HRHYIIRPV432EC6PI7V4XA
Protocol: H2
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
via: 1.1 google
content-type: image/png
pbs: nam
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

Location: https://pbs.venatusmedia.com/setuid?bidder=nhnace&gdpr=0&uid=QN2HRHYIIRPV432EC6PI7V4XA
Date: Thu, 11 Aug 2022 10:01:41 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"

POST
H/1.1 200
OK vevent
nym1-ib.adnxs.com/ Frame B756 0
844 B 18ms
18ms Ping
text/html 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmariopartylegacy.com%2F&e=wqT_3QKRBvBMEQMAAAMA1gAFAQiDp9OXBhCD-9TvpLX7q3QYhMyYqbjGl6RgKjYJd2fttgvNhT8RjDGwjuOHgj8ZAAAA4HoU-j8hjDGwjuOHgj8pd2cJJMgxAAAAQOF6lD8wgI2qBTimBkDlHkhlUKeiyyVY74NNYABohR14iPwFgAEBigEDVVNEkgEBBvBhmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCH-AC7pAB6gIdaHR0cHM6Ly9tYXJpb3BhcnR5bGVnYWN5LmNvbS-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHQJM3BwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ0eRC9nZW5fMjA0P2lkPWF3YmlkJgUG9GkBX2I9QUtBbWYtQnhOcWdGU3VUR2puY3JReHNFUmc0WFJ6Q21PNGRBM0VxdjdPdWUxOHlVS2FVX08zOXlKY3o1bVF5ZEgwa050Z3BCV2xULXZYTUNHanQ0OVE4T2hKeGVqdVdQTFEmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTODM4MzQzMDU0NzA4MTYwODU3OSIINzg4Mjc4MTUqBDM5NDE6ATDAA6wCyAMA2AOdyS_gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODmoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFmvSHpbfpm_cjwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFg85F-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAFFgkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDE0MDAxMDc2MzgwMLoHDwgAASlEIAAwADi0BEAAyAeI_AXSBw0JCUUAAAVHCNoHBgknaOAHAOoHAggA8AfE_weKCAIQAJUIAACAP5gIAQ..&s=16e6df83afbae3992ee9dd03d32638031499e867&type=pv&jm=1003&px=436&py=261&bw=728&bh=90&sf=1&sid=1089286951195314785&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=11175552&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:41 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: e944073d-12cd-4022-b99f-f1245be36766
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mariopartylegacy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8D86 0
745 B 18ms
17ms Script
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=987524&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=987524

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:41 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 978b55ca-89e3-48e0-9bea-d8101294a619
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C019 42 B
64 B 43ms
42ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDxOqxDdFhDjuuAUI1MXTxohxWq78NUOmlLW8jseU0UCjuyaZ4m9srcbnne6CQyWnUi1LsdjY2jYRBq_Wu0TQZWs5TCJC2sOnP7R-41OVIgbXWVzeQHAJrUmahMU87PCrznFgjHb_SLP_-qGccoObQJvL3ZraOdtzlenN7STO6d5zM500zwCvGsJmqG1Mi7zufM5zyfMmMq-KiY_kOrf5WAGPiNxoaHfE5tb1GJwr8GAcyaPN6l1oPe2-wUPngoR0Kent43jc9-KMpSYrxDOK90eZr7kUtNExwThiIE4vD1_UfxUSZf3rgdeKCUW2sGCHB8TZB5H_IdwKWeaG69-hbNkn5nTjMBv8hTcArXPoMIaxSuDhRNHqaaRLkcfYCvW8uN9zySM7NdiyekgDjSUVTlXZNeU9uv_GgjDY97mirgVovzwZ0GBbn8cu9SR2hrPJuc93GqEKaOO0QgjSIcodEYc3hnHgHh-mfqZijeD6a2JvkAFQeytNijQONuTwo0W_MJa-NCE_otinpLSuMcP-V1BVA0W6r4cqSNK8H0gX-aDC1vUc7S5zOTxwef5I02HdUbPhw6UELcSAx4fgnt5d1QPf1fFCXxL1dyEKQkD-f0FooOpZA41CabWnSC2p2-u5ioLE7jyaBdGUwqcKcrEjozl_vX8GYTYmzhefGi6nVzanEYiOgMyIMfbJ8pGbtUSTP76YngpdtD0FhRf92jHjmRcqD_5R97Je2-u1k1RvUTCUm73Km6xpOTuJsz-Z2vZfodA-OcaW2w5AwPpnYekcoRAzV86NMlBpCeEsCyldUs1tqsAng-wT3E1qf5V5oFlN42IThaft9KrMLw7LyA8BsSsy4BwVpZe5zUbMehFNLdcJGqpJr2I4BnKUKwosMgTtZAlBYsUBp3oWpmWAzjtOmfJXuwhlmaGxLb4AghX_LK0iD69bdGg4RES5guQxSELn-_holgcHco0aSRlKzRx-r2HQJ8W7EesRYaRRPdSfOGd2wp22snyDk1q2fM3qxl4TDTlS0tz2KLNhNtAxC6VaiCNxbp5fN0O2HzuSQyNUMHon3dKnMZYAof6ztdKmHZQzR85RqGf2iCD8FI9yQUjmS7V0mAepT87khPO9cQjedINl5wZDnq_5wVT0&sai=AMfl-YThckCCr0WkYVQrahGXyUIAL53SQi4hhdes-c-i5puGvwotlL5124NW2v71K-pD2f1yvr6InMwm0x8Rc1gs-37oixUuJJb-5Pa8yizeFWz87cDoN6npF-_tjFuDeOQgKkXmF1sZW03W1-XBnA&sig=Cg0ArKJSzDjZxF5ku-gyEAE&id=ampim&o=1100,455&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=395&tls=1396&g=99.92499947547913&h=99.92499947547913&tt=1396&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3997522798

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prbds2s Show response
rtb.gumgum.com/usync/ Frame AC81 0
99 B 24ms
24ms Document
text/plain 54.225.94.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.94.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-94-43.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 0
date: Thu, 11 Aug 2022 10:01:41 GMT
etag: "0d41d8cd98f00b204e9800998ecf8427e"
server: nginx
timing-allow-origin: *

GET
H3 200 connectmyusers.php
cdn.connectad.io/ Frame 482E 0
0 149ms
128ms Image
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr=&consent=&us_privacy=&cb=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26%26us_privacy%3D%26f%3Di%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7E5F 42 B
64 B 47ms
46ms Image
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoHVNO-KrN2r3BWqe05ooyKmwEb5Pkh5U3aYAjQ_H8wwoXY_JqK9ksUJaDM-8mp1VjitTPJi97KnM7_bsBJ83H8jZR5LcJ30KtoZEZYBy6sJxO1L9lZihieJmHhfj1I7Cf3n5RlG5TQ-kvQMPYkX9hWq-jylnfE_oeW3ror2Xg-aafU20UwQY6She-V_wCdv4y5OkjT96mWDSpIX12tIjuaxzHpwo74SCPMjvvxO1znr7p6seYIkddXdkuK7yTbbA-1hOc0G6tu-fzHdc1Vz6KFuyL_YGh8kAvm7TXopat0hmxkSWJEbdioBaI5ItX9Oe7sn-7m-Wu-4o21QzV7NpLW_xZoLW6UTWqJ790GhAqoOWsDB52XXjlpoEmOLALU8r0FnncVoTrf7ETLtQbF5xIEDSDhm-I-Tx79TRvhvXldU2BimybIQaNH8VLnozRPg4gU22W4CCImk7ejpovYQHV91Yya0K6jVqhbMcW5tLIcVjzVPNISq8a29Mum-UtG50LYAXKb8Cwb3-YX7dxORLWU5b61ITnut1wHtoht7LYeS5RzZBdQvItptjdCtKOZiAJR1vCcVs-D3UmXg242fFOul3BRWbRG4a3GZOTop3VebaqJURfCnUvANGhy5trnNp-4uhcskZFpbJvXGislvz492_2IfuhUcfGEXaUSKeNovgAgfa6XhDS8moT3Iv-6c5f_dkuNyTPIe6YsxlHif540wenvIyLy03al2BkpVmTUp-PUyU6qTn1HbBEZlfb4x_5XH70rU3NWcA0XCZbwDjPUJpZAjpQanGs954Bw3c2sAugAbJhrBnqlWjOJ_p2cyh77VeT3ci9LsvHYPnDxvcuaPTR0_1WxzWuS0Ipfvmej1ndihKhe0a3OyyBHQjC9tCQ20e9Gf72M0vpoJHiqjWbu8x4x9LKB2t8LWway9o-IjYJgtFbHn5keLdKKkvEb0DL_j_L1pd2uU8sRmCRW6iPkBH0uF8GUDoMuXAn8EedJc33jcyV498NsxpEJ7hlonNWryQIfkhgIYeY8FuLDK_8ESiWvuXnZLaNcOk4jgoIrPD-8HldHLD7zsauGom807V8k_Dblavm_ePz9sQWbVmiS9D8BME7l7hRaqtTWcPtII2BTXn9Q_NNkOkk&sai=AMfl-YQKpOMLr2D2305_F_njaAqSgvdea1uTLYJ5Zhr3yLh-vZhgX6Q5Lhfnc5tT0rU0bGsxTIwzhWtJdCNmiSDWUsUV9eIMh7w_tIxlN-1Bj6VW4cSLjRhI5e9KIMSLwZFhZtP_qSpnh6vzAg&sig=Cg0ArKJSzA8mdXrpNsxVEAE&cid=CAASFeRoqoAwfj4XppNeWhdUTYluJ_zqiw&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=156&tls=1156&g=100&h=100&tt=1156&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3875135371

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6603 42 B
64 B 87ms
45ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueHMv1Vf05vK53_jyHCZA_CTCIUN-JWb4R6rZ27h339gl2oOga8cpK7jMOz7s_Q88iOfbF_zIXFcmTVtjquKPhXorfJZUizxucO4uP7Fwwjngy1KykNR7mcHlJW1RUtSy3Iy0-ruP9lg&sig=Cg0ArKJSzIOTzHlqYEUtEAE&cid=CAASFeRod7cNn57SitJIPRX_njACuGGXyg&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=4083136531&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660212099852&rpt=544&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid Show response
pbs.venatusmedia.com/ Frame 4274
Redirect Chain

https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26ui...
https://ib.adnxs.com/getuid?https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$UIDbrt54381660212099114682a1
https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=6937898801334461956brt54381660212099114682a1

0
508 B

40ms
40ms

Document
text/html

35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=6937898801334461956brt54381660212099114682a1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html
date: Thu, 11 Aug 2022 10:01:41 GMT
expires: 0
pbs: nam
pragma: no-cache
via: 1.1 google

Redirect headers

AN-X-Request-Uuid: 197301e5-23a5-4aee-8df6-026ea6acc74f
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 11 Aug 2022 10:01:41 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=6937898801334461956brt54381660212099114682a1
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

setuid
pbs.venatusmedia.com/ Frame 482E
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%25%25VGUID%25%25
https://pbs.venatusmedia.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4hzrCZaRw7Zn&ev=1&pid=561205

86 B
707 B

39ms
39ms

Image
image/png

35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.venatusmedia.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4hzrCZaRw7Zn&ev=1&pid=561205
Protocol: H2
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
via: 1.1 google
content-type: image/png
pbs: nam
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
location: https://pbs.venatusmedia.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4hzrCZaRw7Zn&ev=1&pid=561205
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-674f655b67-nwt97
expires: -1

GET
H2

200

setuid
pbs.venatusmedia.com/ Frame 482E
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%25%25VGUID%25%25
https://pbs.venatusmedia.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4hzrCZaRw7Zn&ev=1&pid=561205

86 B
701 B

39ms
39ms

Image
image/png

35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.venatusmedia.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4hzrCZaRw7Zn&ev=1&pid=561205
Protocol: H2
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
via: 1.1 google
content-type: image/png
pbs: nam
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
location: https://pbs.venatusmedia.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=4hzrCZaRw7Zn&ev=1&pid=561205
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-674f655b67-nwt97
expires: -1

GET
H2

200

setuid
pbs.venatusmedia.com/ Frame 482E
Redirect Chain

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%5BUID%5D
https://pbs.venatusmedia.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=16c8a101-681c-4082-9b38-3d266cf85462

86 B
701 B

40ms
40ms

Image
image/png

35.209.198.18
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.venatusmedia.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=16c8a101-681c-4082-9b38-3d266cf85462
Protocol: H2
Server: 35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.198.209.35.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
via: 1.1 google
content-type: image/png
pbs: nam
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:41 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-76
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pbs.venatusmedia.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=16c8a101-681c-4082-9b38-3d266cf85462
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 74ms
24ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmariopartylegacy.com%2F&domain=mariopartylegacy.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://mariopartylegacy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 11 Aug 2022 10:01:41 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1175
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 482E
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmariopartylegacy.com%2F&domain=mariopartylegacy.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=zAvfKXxrd0RqS0U0VTMxMm1ieGNkbnBTL3ZIaDVrRk5tUENNSVJMU1hGYkVveVZqSGRvLzROcy9FMmRGOTBlVnE2UUU3S25SWEZsQ2xScjY2OGY5cXU4VmlGMVpQNXpBaGFETlQ1UzZia3pXcGtxRmUrbkg5TUd2NlA3U3...

382 B
640 B

70ms
25ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zAvfKXxrd0RqS0U0VTMxMm1ieGNkbnBTL3ZIaDVrRk5tUENNSVJMU1hGYkVveVZqSGRvLzROcy9FMmRGOTBlVnE2UUU3S25SWEZsQ2xScjY2OGY5cXU4VmlGMVpQNXpBaGFETlQ1UzZia3pXcGtxRmUrbkg5TUd2NlA3U3M0ZjlhQkowTFFsREY0cllKY09Ea3ZYYzdXYmc1Sk5MVzJsWWtmeW5JMW1nOEdqaGJUYkNVbXQwMW5rVW9mQ2VoUlhrb2ZRZDAvKzBPRUNIWjN6Ymp3SDNrZHkydUJqa3J3YTZIOFpYVEkzS1RHZysrbjVBSTk0aE83eDBkekdGc0ZtSzVwaG9yfA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

24e1ceb699c6e9aee981e3ce3aaffe62ccdab8ce365a5b0c878e9026c5667338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2745
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
location: https://mug.criteo.com/sid?cpp=zAvfKXxrd0RqS0U0VTMxMm1ieGNkbnBTL3ZIaDVrRk5tUENNSVJMU1hGYkVveVZqSGRvLzROcy9FMmRGOTBlVnE2UUU3S25SWEZsQ2xScjY2OGY5cXU4VmlGMVpQNXpBaGFETlQ1UzZia3pXcGtxRmUrbkg5TUd2NlA3U3M0ZjlhQkowTFFsREY0cllKY09Ea3ZYYzdXYmc1Sk5MVzJsWWtmeW5JMW1nOEdqaGJUYkNVbXQwMW5rVW9mQ2VoUlhrb2ZRZDAvKzBPRUNIWjN6Ymp3SDNrZHkydUJqa3J3YTZIOFpYVEkzS1RHZysrbjVBSTk0aE83eDBkekdGc0ZtSzVwaG9yfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mariopartylegacy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1457
content-length: 509
expires: 0

POST
H/1.1 200 258.json Show response
id5-sync.com/g/v2/ Frame 482E 454 B
1 KB 305ms
98ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/258.json

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

81c9d386bf70881a66e6f8a6fdc414b4810f5c9d646d2bdf14a5b99b12eb5a02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://mariopartylegacy.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 482E 109 B
546 B 77ms
24ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 333488f30102b79e9db1c460441745a9dfb27b9480c74f1d8b2f913aefad1c75

Request headers

Referer: https://mariopartylegacy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 10:01:42 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mariopartylegacy.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 10 Sep 2022 10:01:42 GMT

GET envelope
api.rlcdn.com/api/identity/ Frame 482E 0
0

GET
H2

200

match
na-ice.360yield.com/ Frame 482E
Redirect Chain

https://server.cpmstar.com/usersync.aspx?publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=390&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/m...
https://na-ice.360yield.com/match?publisher_dsp_id=390&external_user_id=2-0qox_TpYzHmoQREvah0

43 B
426 B

27ms
26ms

Image
image/gif

35.175.46.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na-ice.360yield.com/match?publisher_dsp_id=390&external_user_id=2-0qox_TpYzHmoQREvah0
Protocol: H2
Server: 35.175.46.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-46-39.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:01:42 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:01:41 GMT
Server: Microsoft-IIS/10.0
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Location: https://na-ice.360yield.com/match?publisher_dsp_id=390&external_user_id=2-0qox_TpYzHmoQREvah0
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 214
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ad.360yield.com/ Frame 482E
Redirect Chain

https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=191&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/m...
https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=191&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dimprove%26expires%3D30%26us...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dimprove%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=4cc6924a-c7e3-53df-8d83-2fc0ef77fc46&ssp=improve&expires=30&user_group=1&gdpr=&gdpr_consent=
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=5e9bf41d-aeb4-4dd9-8da4-ec18ec2daa04

43 B
575 B

27ms
26ms

Image
image/gif

35.175.46.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=5e9bf41d-aeb4-4dd9-8da4-ec18ec2daa04
Protocol: H2
Server: 35.175.46.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-46-39.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:01:43 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location: //ad.360yield.com/match?publisher_dsp_id=191&external_user_id=5e9bf41d-aeb4-4dd9-8da4-ec18ec2daa04
Date: Thu, 11 Aug 2022 10:01:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

204

yahoo
prebid.a-mo.net/setuid/ Frame 482E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2ad90b69-9651-409e-86e0-ac8e4568fb8c
https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2ad90b69-9651-409e-86e0-ac8e4568fb8c&verify=true
https://prebid.a-mo.net/setuid/yahoo?uid=y-HzK0aVBE2uEVboceid6muD.3eu1xmxkiJv6fjoY-~A&gdpr=0&gdpr_consent=

0
112 B

25ms
25ms

Image
text/plain

145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/yahoo?uid=y-HzK0aVBE2uEVboceid6muD.3eu1xmxkiJv6fjoY-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:41 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid/yahoo?uid=y-HzK0aVBE2uEVboceid6muD.3eu1xmxkiJv6fjoY-~A&gdpr=0&gdpr_consent=
date: Thu, 11 Aug 2022 10:01:42 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 482E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
https://prebid.a-mo.net/setuid/magnite?uid=L6OVF26A-1L-LOM1&gdpr=0&us_privacy=1---

0
126 B

25ms
25ms

Image
text/plain

145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=L6OVF26A-1L-LOM1&gdpr=0&us_privacy=1---
Protocol: H2
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:41 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://prebid.a-mo.net/setuid/magnite?uid=L6OVF26A-1L-LOM1&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
Expires: 0

GET
H2

200

match
na-ice.360yield.com/ Frame 482E
Redirect Chain

https://gu.dyntrk.com/adx/id/us.php?dynk=i2mpr0vd1g7&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=370&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.36...
https://gu.dyntrk.com/adx/id/us.php?dynk=i2mpr0vd1g7&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=370&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.36...
https://na-ice.360yield.com/match?publisher_dsp_id=370&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_call_type=redirect&external_user_id=06030002_62f4d3864f44c

43 B
492 B

28ms
27ms

Image
image/gif

35.175.46.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na-ice.360yield.com/match?publisher_dsp_id=370&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_call_type=redirect&external_user_id=06030002_62f4d3864f44c
Protocol: H2
Server: 35.175.46.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-46-39.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:01:42 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

date: Thu, 11 Aug 2022 10:01:42 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://na-ice.360yield.com/match?publisher_dsp_id=370&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_call_type=redirect&external_user_id=06030002_62f4d3864f44c
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

200

cookie
cm.adform.net/ Frame 482E
Redirect Chain

https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D2ad90b69-9651-409e-86e0-ac8e4568fb8c&gdpr=0&gdpr_consent=&us_privacy=1---
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F330%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F330%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2ad90b69-9651-409e-86e0-ac8e4568fb8c%26bidder%...
https://prebid.a-mo.net/cchain/0/330?gdpr=0&gdpr_consent=&us_privacy=1---&A=2ad90b69-9651-409e-86e0-ac8e4568fb8c&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnV...
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F330%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2ad90b69-9651-409e-86e0-ac8e45...

43 B
106 B

390ms
108ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F330%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2ad90b69-9651-409e-86e0-ac8e4568fb8c%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yYWQ5MGI2OS05NjUxLTQwOWUtODZlMC1hYzhlNDU2OGZiOGM%253D%26uid%3D%24UID
Protocol: H2
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:42 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

location: https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F330%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2ad90b69-9651-409e-86e0-ac8e4568fb8c%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yYWQ5MGI2OS05NjUxLTQwOWUtODZlMC1hYzhlNDU2OGZiOGM%253D%26uid%3D%24UID
date: Thu, 11 Aug 2022 10:01:42 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ Frame 482E 43 B
551 B 89ms
32ms Image
image/gif 23.41.168.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?sync=auto&publisher_user_id=80fb75f7-8828-4e16-be8d-9e08b4c0ff2d&publisher_dsp_id=5&publisher_call_type=redirect&publisher_redirecturl=https://na-ice.360yield.com/match
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.211 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-168-211.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master iad-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:01:42 GMT
Server: MT3 4475 c1dc35a master iad-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 11 Aug 2022 10:01:41 GMT

GET
H2

200

match
ad.360yield.com/ Frame 482E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=ODBmYjc1ZjctODgyOC00ZTE2LWJlOGQtOWUwOGI0YzBmZjJk&dsp_callback=0
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEA3IlcXp_bKTLqnrzTnaIUw&google_cver=1

43 B
433 B

84ms
26ms

Image
image/gif

35.175.46.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEA3IlcXp_bKTLqnrzTnaIUw&google_cver=1
Protocol: H2
Server: 35.175.46.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-46-39.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:01:42 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEA3IlcXp_bKTLqnrzTnaIUw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 237ms
24ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 11 Aug 2022 10:01:41 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1104
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 482E 87 KB
28 KB 305ms
45ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:42 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Aug 2022 10:01:42 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1151 15 KB
6 KB 25ms
25ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=mariopartylegacy.com

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

179d24471f149868157b3b0ab265d6cc20c30f0e395d84dc1ca558185d6776ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mariopartylegacy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 10:01:42 GMT
server-processing-duration-in-ticks: 2152
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 482E 87 KB
28 KB 74ms
27ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mariopartylegacy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:01:42 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Aug 2022 10:01:42 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1151
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=mariopartylegacy.com&sn=ChromeSyncframe&so=3&topUrl=mariopartylegacy.com&bundle=ATRtOV9vNmFqY0tvOWZiRmJRUDlhciUyRm9ORGJqaG1xRjNxWFJMWjJieU...
https://mug.criteo.com/sid?cpp=_u4w6HxGb2FsMVFrUnJIcUExOENKQXhCYklrZnZ6UVBHM2g1SzBhYlJCT0d5WDdZckRBa252ZHc2N2V5YURReE83eEl0TU9IcEJpUFZmazFlWE8vU3htTDZDMTN6dG93OElFQXVRSFMxYkkzN2tvQ2ZZNThndEpHbm9RdE...

465 B
654 B

26ms
26ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_u4w6HxGb2FsMVFrUnJIcUExOENKQXhCYklrZnZ6UVBHM2g1SzBhYlJCT0d5WDdZckRBa252ZHc2N2V5YURReE83eEl0TU9IcEJpUFZmazFlWE8vU3htTDZDMTN6dG93OElFQXVRSFMxYkkzN2tvQ2ZZNThndEpHbm9RdExkZE1KVllDS2wwb0FZNUI0SS9KaldoVXlZSXpsK2kvZ1hrNkEyV29wMER1b3FNY1k5RUhmd2VKamhTcFZycGpxYTFyMlgyK3lEYlpxTjZRNFl6dndkK0cvK055VS94MjFHM2IrWWQvUFpIQWp2QVA0OUdOaldUaUVGRkIxQjBDMUhhOUlQcjY3RnkwUkgvdHNTd0YwblBUaDNxU3JSZldSR3JvTnIxUXVSRElRNkpYN2dhOD18&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

cba8aff0bf27b5dc871491d25c33f79bcda532bb7973653d06e8964ba1d93593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:42 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4988
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:01:41 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=_u4w6HxGb2FsMVFrUnJIcUExOENKQXhCYklrZnZ6UVBHM2g1SzBhYlJCT0d5WDdZckRBa252ZHc2N2V5YURReE83eEl0TU9IcEJpUFZmazFlWE8vU3htTDZDMTN6dG93OElFQXVRSFMxYkkzN2tvQ2ZZNThndEpHbm9RdExkZE1KVllDS2wwb0FZNUI0SS9KaldoVXlZSXpsK2kvZ1hrNkEyV29wMER1b3FNY1k5RUhmd2VKamhTcFZycGpxYTFyMlgyK3lEYlpxTjZRNFl6dndkK0cvK055VS94MjFHM2IrWWQvUFpIQWp2QVA0OUdOaldUaUVGRkIxQjBDMUhhOUlQcjY3RnkwUkgvdHNTd0YwblBUaDNxU3JSZldSR3JvTnIxUXVSRElRNkpYN2dhOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1570
content-length: 567
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=2173

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mariopartylegacy.com/	1970-01-20 14:46:12	Name: _ga Value: GA1.2.962445684.1660212098
.mariopartylegacy.com/	1970-01-20 05:11:38	Name: _gid Value: GA1.2.644113614.1660212098
.mariopartylegacy.com/	1970-01-20 05:10:12	Name: _gat_gtag_UA_84394370_1 Value: 1
mariopartylegacy.com/	1970-01-20 05:53:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mariopartylegacy.com/	1970-01-20 05:50:31	Name: sharedid Value: 47221576-9c64-4479-9d42-19335bcb1241
.omnitagjs.com/	1970-01-20 05:53:24	Name: ayl_visitor Value: 04184b1c96a78399a31442baaa0ab5c2
.lijit.com/	1970-01-20 13:55:48	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.rubiconproject.com/	1970-01-20 13:55:48	Name: khaos Value: L6OVF26A-1L-LOM1
.360yield.com/	1970-01-20 07:19:48	Name: tuuid_lu Value: 1660212099
.360yield.com/	1970-01-20 07:19:48	Name: tuuid Value: 80fb75f7-8828-4e16-be8d-9e08b4c0ff2d
.openx.net/	1970-01-20 13:55:48	Name: i Value: 06bdc65a-7192-46c5-a7a6-10bfa919ad66\|1660212098
.adnxs.com/	1970-01-20 07:19:48	Name: uuid2 Value: 6937898801334461956
.emxdgt.com/	1970-01-20 07:19:48	Name: uid Value: 54381660212099114682a1
.a-mo.net/	1970-01-20 13:55:48	Name: amuid2 Value: 2ad90b69-9651-409e-86e0-ac8e4568fb8c
.prebid.a-mo.net/	1970-01-20 13:55:48	Name: sd_amuid2 Value: 2ad90b69-9651-409e-86e0-ac8e4568fb8c
.prebid.a-mo.net/	1970-01-20 13:55:48	Name: __amc Value: 2_1660212098_1660212099
.adnxs.com/	1970-01-20 07:19:48	Name: icu Value: ChgIhKM8EAoYAiACKAIwg6fTlwY4AkACSAIQg6fTlwYYAQ..
.smartadserver.com/	1970-01-20 13:55:48	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 321617=5053561
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 13:55:48	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 13:55:48	Name: pid Value: 492068592363436403
.smartadserver.com/	1970-01-20 05:11:38	Name: sasd2 Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=637958088994994704&o=1
.smartadserver.com/	1970-01-20 05:11:38	Name: sasd Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.mariopartylegacy.com/	1970-01-20 14:31:48	Name: __gpi Value: UID=000008798506d3c8:T=1660212099:RT=1660212099:S=ALNI_MagE2jcs4KeRTn4-y3ALL60TEawsQ
.doubleclick.net/	1970-01-20 14:46:12	Name: IDE Value: AHWqTUnyNmuMDjUulkq2U0aMzWF967hYjKZOLMfdmtb-3LPMroM-svHotd2OFXfzrk4
.mariopartylegacy.com/	1970-01-20 14:31:48	Name: __gads Value: ID=9b8c0cec42078464:T=1660212098:S=ALNI_MaWl94XAxlturb7NnvcljmCyGRa4A
.go.sonobi.com/	1970-01-20 05:53:24	Name: __uis Value: 16c8a101-681c-4082-9b38-3d266cf85462
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8756\|YvTTe
.doubleclick.net/	1970-01-20 05:10:15	Name: DSID Value: NO_DATA
.toast.com/	1970-01-20 14:46:12	Name: BID Value: QN2HRHYIIRPV432EC6PI7V4XA
.contextweb.com/	1970-01-20 13:48:36	Name: V Value: 4hzrCZaRw7Zn
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: a0813ed3edc1a26e
pbs.venatusmedia.com/	1970-01-20 07:19:48	Name: uids Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsic29ub2JpIjp7InVpZCI6IjE2YzhhMTAxLTY4MWMtNDA4Mi05YjM4LTNkMjY2Y2Y4NTQ2MiIsImV4cGlyZXMiOiIyMDIyLTA4LTI1VDEwOjAxOjQxLjgyNDI5NloifSwicHVsc2Vwb2ludCI6eyJ1aWQiOiI0aHpyQ1phUnc3Wm4iLCJleHBpcmVzIjoiMjAyMi0wOC0yNVQxMDowMTo0MS43NTg0NloifSwibmhuYWNlIjp7InVpZCI6IlFOMkhSSFlJSVJQVjQzMkVDNlBJN1Y0WEEiLCJleHBpcmVzIjoiMjAyMi0wOC0yNVQxMDowMTo0MS4yOTE5NTJaIn0sImVteF9kaWdpdGFsIjp7InVpZCI6IjY5Mzc4OTg4MDEzMzQ0NjE5NTZicnQ1NDM4MTY2MDIxMjA5OTExNDY4MmExIiwiZXhwaXJlcyI6IjIwMjItMDgtMjVUMTA6MDE6NDEuNTY1NDMxWiJ9fSwiYmRheSI6IjIwMjItMDgtMTFUMTA6MDE6NDAuMzE3ODQ4WiJ9
mariopartylegacy.com/	1970-01-20 05:10:15	Name: _lr_retry_request Value: true
mariopartylegacy.com/	1970-01-20 05:53:24	Name: _lr_env_src_ats Value: false
.prebid.a-mo.net/	1970-01-20 05:11:38	Name: _sv3_2 Value: 1
.adsrvr.org/	1970-01-20 13:55:48	Name: TDID Value: b725c0e9-adfc-44e2-96c2-1c7bc8911c04
mariopartylegacy.com/	1970-01-20 06:36:36	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22b725c0e9-adfc-44e2-96c2-1c7bc8911c04%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-11T10%3A01%3A42%22%7D
.mathtag.com/	1970-01-20 14:36:07	Name: uuid Value: 6da962f4-d386-4b00-aa67-bd218d993c15
.yahoo.com/	1970-01-20 13:56:09	Name: A3 Value: d=AQABBIbT9GICEJjgf2Uh_cb1X4oemqZe7goFEgEBAQEl9mL-YgAAAAAA_eMAAA&S=AQAAAut4RP7aCb6-4IdvgsGwVH8
.server.cpmstar.com/	1970-01-20 14:46:12	Name: USER_ID Value: %db%ed*%a3%1f%d3%a5%8c%c7%9a%84%11%12%f6%a1
.rubiconproject.com/	1970-01-20 13:55:48	Name: audit Value: 1\|mFVHqHkj5bHPbz7RnVjRgu1WuCoMxA8a+JUixCbOKdphv8Yy5/+mO4dtmc8jOBTyvRotF4iJ/qFOcqJqNU5OLBqjD3we6qaJzG6FmltYou0hIyAGkp/6gE3OYGmoobl7
.bidswitch.net/	1970-01-20 13:55:48	Name: tuuid Value: 5e9bf41d-aeb4-4dd9-8da4-ec18ec2daa04
.bidswitch.net/	1970-01-20 13:55:48	Name: c Value: 1660212102
.bidswitch.net/	1970-01-20 13:55:48	Name: tuuid_lu Value: 1660212102
.dyntrk.com/	1970-01-20 13:55:48	Name: dyn_u Value: 06030002_62f4d3864f44c
.analytics.yahoo.com/	1970-01-20 13:55:48	Name: IDSYNC Value: 196y~26iy
.prebid.a-mo.net/	1970-01-20 05:11:38	Name: _sv3_7 Value: 1
.casalemedia.com/	1970-01-20 13:55:48	Name: CMID Value: YvTThjwJ8TF2cBsQFeD8LgAA
.casalemedia.com/	1970-01-20 07:19:48	Name: CMPS Value: 467
.casalemedia.com/	1970-01-20 07:19:48	Name: CMPRO Value: 467
.prebid.a-mo.net/	1970-01-20 05:11:38	Name: _sv3_9 Value: 1
.casalemedia.com/	1970-01-20 07:19:48	Name: CMTS Value: 146
.prebid.a-mo.net/	1970-01-20 05:11:38	Name: _sv3_8 Value: 1
.id5-sync.com/	1970-01-20 07:19:48	Name: id5 Value: 528283fe-6211-476b-962b-193416e90d12#1660212102467#1
.mariopartylegacy.com/	1970-01-20 14:31:48	Name: cto_bidid Value: JOLZXF9kbEolMkZxJTJGTnlIcWRlMjRxOE5GRW1XbkRFc09FdDNRRFRicUlwYmk2SG5lWUhWdTBIRFBYUldVNlV3ZG1GSTVERW4yaVdwbSUyRjV3dDludlVnWUJVTlNySDNna3JtTVhJeVZPcmc3NjREJTJGU0NnJTNE
.criteo.com/	1970-01-20 14:31:48	Name: uid Value: 57d9014f-0bbb-46f9-9fcd-671947a4976d
.mariopartylegacy.com/	1970-01-20 14:31:48	Name: cto_bundle Value: c8g9rV9vNmFqY0tvOWZiRmJRUDlhciUyRm9ORGZjSmFuTVRLY0E5ejg3UyUyQm9VdzZWZ2Y4dWREdW9wZTJ3JTJCJTJCcHQ2bWFrQkVCVVVHRkFIUURlVk9Ia2VrWFFFMVVrZ1lvelhyQ0hlJTJGUFdNN3FnM0oyaVM1TFBRS1hoSGdjbzNudTl6MHVQa2dqbzZTVzhZRUowaDZqSVE4aWEyNVUlMkYyNHNwRnRPdWE4bkNKc3J1d2g4TDQlM0Q
.betweendigital.com/	1970-01-20 13:55:48	Name: dc Value: was1
.betweendigital.com/	1970-01-20 13:55:48	Name: tuuid Value: 4cc6924a-c7e3-53df-8d83-2fc0ef77fc46
.betweendigital.com/	1970-01-20 13:55:48	Name: ss Value: 1
.betweendigital.com/	1970-01-20 13:55:48	Name: ut Value: YvTThwAAVfBFwl91kirT3TWhHZobenKiQkQByQ==
.360yield.com/	1970-01-20 07:19:48	Name: um Value: !390,nedVzhs56P.k7nCauaFtKTcHwZYkjeBESmATQuLUyPgaGoY=,1667988102!370,1aNsI4HZ171MMPd2YZ7phFmqQU9H1VpSuZWkmuctOgea2o3l,1667988102!191,FFUqVT0PSt1wjxHk0WQCJTVD-7GGxgewjrk9uGKjzKM8ScLDUKsooz.GlMgxH0mG3bE=,1667988103
.360yield.com/	1970-01-20 07:19:48	Name: umeh Value: !390,0,1722420102,-1!370,0,1722420102,-1!191,0,1722420103,-1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://mariopartylegacy.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://mariopartylegacy.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=2173 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cs.emxdgt.com/umcheck?apnxid=6937898801334461956&redirect=https://pbs.venatusmedia.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ/YmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.360yield.com
ads.betweendigital.com
adservice.google.com
ap.lijit.com
api.rlcdn.com
ats.rlcdn.com
bh.contextweb.com
bidder.criteo.com
cdn.adnxs.com
cdn.ampproject.org
cdn.connectad.io
cdn.syndication.twimg.com
cm-exchange.toast.com
cm.adform.net
cm.g.doubleclick.net
cs.emxdgt.com
d1oykxszdrgjgl.cloudfront.net
ea5dc0ce754a568f35231756f7620238.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
free.xjs.lol
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
id5-sync.com
mariopartylegacy.com
match.adsrvr.org
mug.criteo.com
na-ice.360yield.com
nym1-ib.adnxs.com
pagead2.googlesyndication.com
pbs.twimg.com
pbs.venatusmedia.com
pixel.mathtag.com
pixel.rubiconproject.com
platform.twitter.com
prebid.a-mo.net
prg.smartadserver.com
rtb.gumgum.com
script.4dex.io
securepubads.g.doubleclick.net
server.cpmstar.com
ssum.casalemedia.com
static.criteo.net
sync.go.sonobi.com
syndication.twitter.com
tpc.googlesyndication.com
track.venatusmedia.com
ups.analytics.yahoo.com
venatusmedia-d.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
103.243.202.190
104.152.168.8
104.18.19.126
104.244.42.200
108.178.23.114
13.226.39.113
135.148.35.200
138.199.40.58
141.95.98.66
142.250.80.2
142.250.80.98
145.40.89.200
15.197.193.217
151.101.1.108
151.101.65.108
173.223.56.228
178.250.0.165
195.244.31.11
198.148.27.140
198.24.170.50
23.105.12.161
23.41.168.211
2600:9000:210b:3000:0:1651:6140:21
2602:803:c002:200::116
2606:2800:21f:5b71:3e29:d001:be46:4bcc
2606:2800:220:13d:2176:94a:948:148e
2606:2800:220:de:468:2285:c1:4a3
2606:4700:10::6816:2e8e
2606:4700:10::6816:36ce
2606:4700:20::681a:8a9
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:823::2008
2607:f8b0:4006:824::2003
2620:100:a001::4
2620:100:a001::c
2a04:4e42:46::159
34.95.69.49
35.175.46.39
35.209.198.18
35.211.178.172
35.244.159.8
37.157.3.29
44.208.243.83
52.45.33.138
54.154.21.36
54.225.94.43
63.251.86.51
68.67.160.186
68.67.179.155
69.166.1.10
74.119.119.139
8.43.72.98
96.46.186.57
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02d7ec61ba9ff1f911d41e5d3585e8e109d0614b69bba0e6b70484193dba93b3
04e335d4d6e4403b6be6ab4c8b75b2a59c060e00f8b36a2e8626b4de3ff3da3b
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0801d8045c86660a7b29dcf4025273c8ad6dd45d89fd1ea13f608d074b13406f
0812fe1eca87b53058cf954b36e8b6c12fb15da281f92386acf6f0d800a2acbc
095ce7913e543fa079a0e91c892304486f466f5d3c8ea49d50501a1d08ddd72d
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
09c31a631cce7c0a5660a3c202a0bcb0f6e2a4e5aff9b533b68243839fad0d6e
0a2c2dc82b96627abaafb2527020c824af825987cb008f0ca3577e62b3e2883c
0edaf21554e0889aed8de9ec9e662e8247f3fad31fd795914a8822681bea1913
1110ab9b45bb1a2db197f78779e4318e0354d5c60eae1662111ab71f449cdd7d
12b0b58c95b4f68138c0e7bd8ef877fd58af5d204be750dbb975c3ad1cdb43f6
13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37
1473dda63c79518d7170b5c32eeffcd56a60c7b1c3add672f6e0b3a0af5b5163
160f7cfb6f024be09a40b462ca0b3d04b1e5fa1adf0b18b323dfa20255b583fc
1775ff5d45b1e62abda94567eafe1a1c49665d16bde9145e7344a39bfd5abf15
179d24471f149868157b3b0ab265d6cc20c30f0e395d84dc1ca558185d6776ad
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185c0125cf9c057803cea7fb15e7a54fb1f96b6783ce07b369f699a05222e4e2
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee
2047061dc2b49a85098ff5ee1e3423422645b1e9c999f4c7f0fd3f26e363efd3
2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
22ef4342b29ba9a78eed291312a4e0f398f649a0d08f563320882ff35b18d571
24e1ceb699c6e9aee981e3ce3aaffe62ccdab8ce365a5b0c878e9026c5667338
291a322a80d7dbf8b2f378b0ab01747f0ad26830e3033f7ef13cca6641e07941
2af76dc22473bbf2a49ff3caa8cd3d96a9153196eb49c1680471ab77c9748757
2d725844de8c1de7aae652426ce2c75e3b9fe1509afb0ea6bd11b8bec0134372
2e5a3c6860e4f51565416c539d4e41c9f49fe7798665b26667b3c2f8d9b09afd
2ec2fb171e1620562e36b696354c0aeb30f901ac6d5797a01b2301c8645de308
333488f30102b79e9db1c460441745a9dfb27b9480c74f1d8b2f913aefad1c75
353161bc1a5a51ff9bb30407cfa29add8b95dcce2ff3725bc35169f3a3953069
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3860d63dfab9ece2135b3409555633c607c2c5e5662a5069e337e7ce4271efbb
3a458b43ff12f80e48228c3616448c86cfa41f62d2afe7462a4b0cd452e1ec49
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4016e5c000f30547fe4c066aa2afad9f2ca5db3d6717b4d0990fecfd1a301507
4087bec4d792d53309236b3da78efb45affedf853147c99bfbfe2bb785c7326b
411558f9a45b4b5ef2cbe8c2e3787b4dda0d1723483a4547f3984d8d0f0dc0b7
41af83d87985bd76f64344d51de99c0f134cc5c022cf0be4abb72d2710d56352
424332ea0ecacff818cf7de57fd7968c0172f01776ff025a4d2a99540422d3f0
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f8bc68db1f9274972b51b3283af08ff15be71bb41d448eaa9b4f9cee9acee1
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
46f826ce2e6f25a50e5126d4fd8864853c9509b2de9cd4ad2605f364888a31d5
487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b08db1943e625c7da2ec361aa24cb0e3d4bf4adaa0f715e8bde10732b11b360
4c65483f42b44d20cec8adc80e9bffb52b8896c97e5a3225dafa17a80e15b372
4cb32ec64c172379f3b33674d6ad45d1c5bb38601e17b9ee43597ba17a5c5350
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d3cf04ef7b532a3a693e8a401136c6690f774201d67d172acdd2674c6d83157
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
50a851e128d4680cbfa1729eee45b9381a76c7e7ed17f1f0b21d96532d3f546e
5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d
52020354ae529af5b5b75613ac0f409ac978bdf73fdab032163ff58bbdc92bc9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a389705b863e35578972d0a336c9cb65c962a5599314629159c47ba46ddcd0
584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48
5997b2d231bf8e1d62578e8ed7bc0b60e6751c7a87c1762f7e260f65d1bbeb30
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5
5b32009d78e3905b5795e394e00cb3fb5afbb912622323c581bbb856dfb560d5
5e939f7f2ddb20f90b0d03ff858ab310c3573e20abf16dd1f62609d0c06f9789
5f0d0dc37da096042a77e53ce42fdcc6152a6e606f453ab038cedd7dc088ddb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c34b945902ab85a4d8134bcbef2309558cef9b344777023e3acfac754ad430
6225df10b0d2fee3e493d36aca6648a8fc5887715c5e5b8ce19aff674d94f767
627ee2509310793db792efd25325aa4ab2d6aee538cb0ab4f09e59713071c1d4
628492e9ee5248b3ae1bd504a7d60227a2e7a09b953b858784044d7d28844489
63440413f9b013a54631b329d428a96694a8e82c1c67a5f924e29ade9ffc45e0
6624cfdb330a4273c33b550e5ae7440a7ef259e3c074b7b89bd27739bddfeb75
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7764b312c07d567830ddc6306df6a36efbcb395781b9ab7e8c421e9a579856
6e8060b67a9bc601a234fad07a2ffdf1ba56bab8d4fe01fcdece885bce46f0aa
7038f89b5a261a1e67bedb38ce7b0f87622dfe38b5eed91983e4e25992c167af
70d4a4de09fc33f3a7f12ab08eca8507d1af2d3a4f75164a502f86b3e5331959
71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71
7181c93962530c41049c3aff9c3a0f4b0d03685ec63d22a39e3461e5628c09af
71cb0e6452376bbcd2d1b8c20cf508995e44d8fdd6ea5394604f4ccb4bc169ca
732e093b7af9eb20bbae0d854548911684db64a17d4b69f0e31b81a928adb359
739292727f596929d88ff012ea27ffae6d90411d788068303bb9dee554b62f3f
76be95cf10e2dc894e3960e5a50d616b9fd9b3a874fc0cfba65d43c3b94e83dd
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
7aff58f15e92dee4a98d2250738afefebc6c80c0506538e7c8283e20e4d31e0d
7c4388144313c54e5663e0b67d081b450dd51031a5cca8a2fbf11a1df0380663
7cd06ebcc99017e3dac76cf98fb6bb6e987be09d24173d6dd9859852e88f82b7
7d04c37b9569eb7e62bdfadfe28244411b048e8ef741949c7fd3f791d4e18d6c
7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1
7edb913cc2ae8ff20b333bed70a5f70ee8356cd4e0ae04939855a879ab5d5eb0
7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81c9d386bf70881a66e6f8a6fdc414b4810f5c9d646d2bdf14a5b99b12eb5a02
8292e076c85520d9770a2739a10f142c0471931cf0107d528626fa9bc998a0d4
84c7080181f3fb52215b918a242e8234f22cb2591c8bc1c4be5d8324e18f5d7a
84e5902420c80249fae4e0c136ae1c78b9f977210e528d676a0cbd1f276a12e3
855735a62345bd8181c61f5cf427dd5ef9568b9d0d909d9168f2af835dd28e35
85e5961b6381291ee3f9e2928bd5c50e7db3636dcd3812ab6170cd0e06747f9d
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a68f733a4c556d63f4075e483fa51939f0a6de4675336226c1a15077ee92c71
8c3d3c6c0c12b0ebe7d355c3d337e9b5f2115bbfeb99fce7804e391a006cde54
8db9a9301d5b212cfe7c0dd69589439c475aa7438169577ad0c5b9b9608e76f9
8f139114bc9d6f02bac4f8db7962ebf7249d70cd72f7bc5516cc4bc3a0531c2f
906917064249257d133929d88cd256cc0f0a85bfebea2ffe13ee28e749dc2230
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
92b19b5113efbbaf8335fe55e8aff7d74a625a2964ff63f55593100e30bd3a0b
92f1c3973f0fdeed0f764028a1415b11372c3ce61d8c08bdcebde53d66f93cff
96377c5f6377c332cd969538a480e6cfa8cd748caa70c75d7dc36f3c8950f658
96e389bc7e931917946bab3b7f6cb92a9949b7c13386c458f032b53602b0b69a
9755be0c168d11892adcf65aaa09cd3c671a262d4512e393bf542730a6a38aa8
9a2233250a9a47936cc5c622b851955f886c645648fdee92e0671e67a537c9fe
9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4779503132bf2f6ec2a7cd844de7cb3960c30cb18e13f05ee8e98f4f7b77ccd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d86ddc85d9d24bc961831e13ee1287927ca22844500a5fa75c1b5752620a25
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84d93033cfb20c017fcdb465504883f68f8cddef078b205b04b0cd73f0d8405
a96f14050e7aa247f75fa61e33a4920fd79744cb39929750a1ac7c9eff0c0e98
a991cef8e1b302989f94dad4a0e23a70dd561b60d2b41f58ed87228f0051f9c5
abd803fbe6320482e70ba6d23402ea69ac6acb7290bbe8256aeacde85dde5e66
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b71751f270ad0ccc4a3df02628f8f0bda77a1593499f8729baebe24d1452cc73
b884d92a693c2e1689e630dad72d23cb3775d4d9abc1c591f0a9439fa4b0d24f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bec3c4da19909fbb537422ac0d5fec59a01c38d3e64fd533e11be7289b531501
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c0f68a9595fd8ff81f5a765be4da5aa5ce13cbbb8d5f40e25a270bd86978c35b
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3bfdabdfd7ebc9372af709a28ca948d7afad8786ff7b0406bae97a15d3e7223
c3cd7998667673ac989c75a0c062513c34b091a0d3bd8b53b9770ae15f6875f1
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c6f6d25594bb36ece49a086f833453906f388a3aec9a2e8568ba183807fc390b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca0666c9ee95a2648d90b2316cc385c7888d89a30197c2c7f22535c76aa5e957
ca27a95318a6407c7e8bc20127db44112255ec1f91f5d65de1c0996d1444684f
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
cba8aff0bf27b5dc871491d25c33f79bcda532bb7973653d06e8964ba1d93593
cbc45e3be2565f4385e89a79915818b5e275acc444ae89fa3acbc9c53e77990f
ccef8870777e9e4b23cd586009492125f5ee592852fbb95ce9f7c511575cfdde
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
d12b1b045cd56b5331058e7206493681cf4e4ba0cdfc8a9414f7b0f9cd8fe7ce
d24863d9723a995f476ca0a71f78c46d54da68c77a3b8eaf952eefbb4036125f
d297edda9cc0ac8d1ea9ae162e30430673ac07b4d8a536051b27ab2d96037c27
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d4229c13df78b26b4f3bc63f75538c7de6781496432695f852823fc4c00f32ee
d5b7288f327425755badd771bd9807addb77d9a752890906f95eddfed131b627
d631a865c8fe63f8afac3a28d2a09f5df7e1b4760253f570360320dca74327c5
d6c04d0fe419546111d53047abf36448f1b9a917f1064ccd3dfd298321c998e6
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d84628fdcbd80df1ec891a2d39af7837c748eaa2d7369fedd3e39cb902b04573
db0044f180f21209bbf7f729894af77ab70acef154028b16cb1972a388bdfb93
dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f
ded6a344cab6b04f35d5974166b765ea329aa309368373d916658c000e2e1cef
df2de19eced8fe9f51e08c55c34b8abc0d9fb62689c1305bbf97e2571d61d80b
e12d0fdc74504385b158eb92f60fbca2c83c596464e3196182baad52158c18aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60a141d86e1f1d9f5be1cdbfdfb2eec104bbc8b4596ca9ca884308986f112da
e68b554129be821a197ac1f5756b98ffe307e2cd0e497fec1f4bca74cd97e5ae
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
e8594789a17e9bf0e37bcef8d25f4ac8f78d92ee5c2c630e1e22147f2eba83d9
e8dcc8dd399a0ee4d0aa4e532a3538028c007182df71143ce6840757a5d63b46
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e921680b363787cc6f8a38f1e9c47c7c61962501539df2b374fb3d356086d880
eb6c4e6e6a7eefc0f3474ff67bb49b350d80eb652572d5315c6efb6fca99211b
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0136aad6c7311d404432d6a0ade2412a0c3ec17d37a0495ec5d811e2681e297
f0fe95e0d6ee31ba1808af274c8ce037baf1332129b7e616e79197fe0d3a899b
f437983f1cae20e921d0affac3a73d80d1ea8b92578f38144e06f50d42eb13d6
f5ac554b9752de5e06673b4735e078105d1a79eeddc04d1ec7ed66352d9ad9c5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74f09e9fd96d0445dcd5c4ebf50055bd5d782f5ad346174a7d4f389adca17c6
f75e3c0f85562bcec2a5365aac78c458e8b1e6a4ec5803f4761d38fc9f901bcc
f7cf5be6c1bc7fa991a24dd34dcbe8ea2fd1e6beffd703750ec728a58da32e99
f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11
fb6b06bb210b7da274a733722c2138fd72c508ab16837c0806c04fd576b40ed3
fc5b5131523cba943cce9651db751d032f38b9fc629cd3e5044dae0d9d5c5de5
fe4f915ffcb03078459bc08bceb07b6a3158278caa6f4a86c1a01aa229e05e7a
ff11a2ed40708f52065714c89793bb5fce23cb3d742922711f04379726122b78

mariopartylegacy.com Open in urlscan Pro 104.152.168.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

250 Requests

94 %HTTPS

37 %IPv6

47 Domains

66 Subdomains

53 IPs

7 Countries

4975 kBTransfer

8440 kBSize

65 Cookies

5 Outgoing links

Page URL History

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mariopartylegacy.com Open in urlscan Pro
104.152.168.8 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

94 %
HTTPS

37 %
IPv6

47
Domains

66
Subdomains

53
IPs

7
Countries

4975 kB
Transfer

8440 kB
Size

65
Cookies

250 HTTP transactions
13 data transactions