Submitted URL: http://mariopartylegacy.com/
Effective URL: https://mariopartylegacy.com/
Submission: On August 08 via manual from AE — Scanned from CA

Summary

This website contacted 40 IPs in 4 countries across 30 domains to perform 173 HTTP transactions. The main IP is 104.152.168.8, located in Canada and belongs to CROCWEB, CA. The main domain is mariopartylegacy.com.
TLS certificate: Issued by R3 on July 11th 2022. Valid for: 3 months.
This is the only time mariopartylegacy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 49 104.152.168.8 63068 (CROCWEB)
1 108.178.23.114 32475 (SINGLEHOP...)
1 2607:f8b0:400... 15169 (GOOGLE)
24 138.199.40.58 60068 (CDN77 ^_^)
8 2606:2800:220... 15133 (EDGECAST)
2 2607:f8b0:400... 15169 (GOOGLE)
3 104.244.42.8 13414 (TWITTER)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:2800:220... 15133 (EDGECAST)
7 142.250.80.2 15169 (GOOGLE)
1 99.84.126.97 16509 (AMAZON-02)
2 68.67.160.24 29990 (ASN-APPNEX)
7 2606:2800:21f... 15133 (EDGECAST)
26 2a04:4e42:77:... 54113 (FASTLY)
1 2600:9000:216... 16509 (AMAZON-02)
2 2606:2800:21f... 15133 (EDGECAST)
2 34.95.69.49 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.209.198.18 15169 (GOOGLE)
1 104.18.18.126 13335 (CLOUDFLAR...)
2 2602:803:c002... 26667 (RUBICONPR...)
1 34.98.64.218 15169 (GOOGLE)
1 23.92.190.68 10913 (INTERNAP-BLK)
1 74.119.119.129 19750 (AS-CRITEO)
2 44.193.101.182 14618 (AMAZON-AES)
1 145.40.89.200 54825 (PACKET)
1 195.244.31.10 63140 (IGUANA-WO...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.250.80.70 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 52.18.101.137 16509 (AMAZON-02)
1 3.220.57.224 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:216... 16509 (AMAZON-02)
2 52.87.130.38 14618 (AMAZON-AES)
173 40
Apex Domain
Subdomains
Transfer
49 mariopartylegacy.com
mariopartylegacy.com
3 MB
36 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1333
abs.twimg.com — Cisco Umbrella Rank: 1721
pbs.twimg.com — Cisco Umbrella Rank: 650
ton.twimg.com — Cisco Umbrella Rank: 5911
546 KB
21 prvk.io
cdn.prvk.io — Cisco Umbrella Rank: 295744
388 KB
11 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 674
syndication.twitter.com — Cisco Umbrella Rank: 864
232 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
ad.doubleclick.net — Cisco Umbrella Rank: 214
256 KB
6 venatusmedia.com
pbs.venatusmedia.com — Cisco Umbrella Rank: 38667
ctrack.venatusmedia.com — Cisco Umbrella Rank: 409711
64 KB
4 airbrake.io
notifier-configs.airbrake.io — Cisco Umbrella Rank: 9209
api.airbrake.io — Cisco Umbrella Rank: 40945
1 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
e481a865dd2d34b41707abbd7e6a4c27.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
26 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
671 B
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 22977
302 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1825
1 KB
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
2 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2580
24 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1370
15 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
716 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
15 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2743
245 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
43 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4534
638 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1237
801 B
1 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 732
318 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 679
525 B
1 openx.net
venatusmedia-d.openx.net — Cisco Umbrella Rank: 34328
590 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 560
640 B
1 cloudfront.net
d1oykxszdrgjgl.cloudfront.net
41 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1366
35 KB
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 28126
742 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
41 KB
1 xjs.lol
free.xjs.lol — Cisco Umbrella Rank: 288253
2 KB
173 30
Domain Requested by
49 mariopartylegacy.com 1 redirects mariopartylegacy.com
26 pbs.twimg.com
21 cdn.prvk.io d1oykxszdrgjgl.cloudfront.net
cdn.prvk.io
8 platform.twitter.com mariopartylegacy.com
platform.twitter.com
7 abs.twimg.com
7 securepubads.g.doubleclick.net hb.vntsm.com
securepubads.g.doubleclick.net
d1oykxszdrgjgl.cloudfront.net
4 ctrack.venatusmedia.com d1oykxszdrgjgl.cloudfront.net
ctrack.venatusmedia.com
3 syndication.twitter.com platform.twitter.com
3 hb.vntsm.com mariopartylegacy.com
hb.vntsm.com
2 api.airbrake.io cdn.jsdelivr.net
2 notifier-configs.airbrake.io cdn.jsdelivr.net
2 ad.doubleclick.net 1 redirects mariopartylegacy.com
2 tpc.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
2 ice.360yield.com hb.vntsm.com
2 fastlane.rubiconproject.com hb.vntsm.com
2 pbs.venatusmedia.com hb.vntsm.com
2 script.4dex.io hb.vntsm.com
script.4dex.io
2 adservice.google.com d1oykxszdrgjgl.cloudfront.net
2 i.clean.gg d1oykxszdrgjgl.cloudfront.net
2 ton.twimg.com platform.twitter.com
2 ib.adnxs.com hb.vntsm.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 cdn.jsdelivr.net d1oykxszdrgjgl.cloudfront.net
1 api.ipify.org cdn.prvk.io
1 www.googletagservices.com d1oykxszdrgjgl.cloudfront.net
1 googleads.g.doubleclick.net d1oykxszdrgjgl.cloudfront.net
1 www.google.com d1oykxszdrgjgl.cloudfront.net
1 hb-api.omnitagjs.com hb.vntsm.com
1 prebid.a-mo.net hb.vntsm.com
1 bidder.criteo.com hb.vntsm.com
1 ap.lijit.com hb.vntsm.com
1 venatusmedia-d.openx.net hb.vntsm.com
1 htlb.casalemedia.com hb.vntsm.com
1 e481a865dd2d34b41707abbd7e6a4c27.safeframe.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
1 d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
1 cdn.syndication.twimg.com platform.twitter.com
1 hb.vntsm.io hb.vntsm.com
1 www.googletagmanager.com mariopartylegacy.com
1 free.xjs.lol mariopartylegacy.com
173 41

This site contains no links.

Subject Issuer Validity Valid
mariopartylegacy.com
R3
2022-07-11 -
2022-10-09
3 months crt.sh
free.xjs.lol
R3
2022-07-28 -
2022-10-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-14 -
2023-04-08
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-22 -
2023-02-22
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-07 -
2022-10-06
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
i.clean.gg
GTS CA 1D4
2022-08-07 -
2022-11-05
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.venatusmedia.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-14 -
2023-04-12
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.360yield.com
Amazon
2021-09-15 -
2022-10-14
a year crt.sh
*.a-mo.net
R3
2022-06-18 -
2022-09-16
3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
www.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.prvk.io
Sectigo RSA Domain Validation Secure Server CA
2021-09-22 -
2022-09-24
a year crt.sh
ctrack.venatusmedia.com
R3
2022-07-29 -
2022-10-27
3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2022-02-07 -
2023-03-10
a year crt.sh
*.airbrake.io
SSL.com RSA SSL subCA
2021-11-18 -
2022-11-18
a year crt.sh

This page contains 9 frames:

Primary Page: https://mariopartylegacy.com/
Frame ID: 46480B346A053ED5B9A3C3A73B22A353
Requests: 108 HTTP requests in this frame

Frame: https://hb.vntsm.com/v3/live/ad-manager.min.js
Frame ID: BD8DF8F5796C8F5C5705BDBE73DEF9F0
Requests: 19 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fmariopartylegacy.com
Frame ID: 3847B88A36CF9A810060566189B5D16C
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2b1befbea3a1424bb94efd70105dfa52.en.html
Frame ID: 9B029ED95CC6E1BAB8E98A1DC901BB93
Requests: 2 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f914.png
Frame ID: B8EB9CD6258EC630BA64887DB5BB9328
Requests: 41 HTTP requests in this frame

Frame: https://e481a865dd2d34b41707abbd7e6a4c27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 549B0C7936F1BD91C7C51F1D332EBE40
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fpbs.venatusmedia.com%252Fsetuid%253Fbidder%253Demx_digital%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Db%2526uid%253D%2524EMXUID%26b64_redirect%3DaHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ%2FYmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE
Frame ID: 2BC6F14A0B307B3F2C474D330BC49A84
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C7F81688BE53A45550D2A7F03CD0FD0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1DBA40D14508017F606A35072A26035
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://mariopartylegacy.com/ HTTP 301
    https://mariopartylegacy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

173
Requests

98 %
HTTPS

49 %
IPv6

30
Domains

41
Subdomains

40
IPs

4
Countries

4851 kB
Transfer

7833 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mariopartylegacy.com/ HTTP 301
    https://mariopartylegacy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 137
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ/YmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fpbs.venatusmedia.com%252Fsetuid%253Fbidder%253Demx_digital%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Db%2526uid%253D%2524EMXUID%26b64_redirect%3DaHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ%2FYmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE
Request Chain 145
  • https://ad.doubleclick.net/ddm/trackimp/N1072492.3874001MATTERKINDKIDS/B27549550.333499147;dc_trk_aid=526555602;dc_trk_cid=170542929;ord=779591183;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=1;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1072492.3874001MATTERKINDKIDS/B27549550.333499147;dc_pre=CK792ZGNt_kCFUoNaAgdKkkO8g;dc_trk_aid=526555602;dc_trk_cid=170542929;ord=779591183;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=1;tfua=;gdpr=;gdpr_consent=;ltd=

173 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mariopartylegacy.com/
Redirect Chain
  • http://mariopartylegacy.com/
  • https://mariopartylegacy.com/
86 KB
15 KB
Document
General
Full URL
https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
1a9088db892980834b1b6366f22a2a7e163f02ed3621b962006d4496be37168d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 08 Aug 2022 11:07:25 GMT
link
<https://mariopartylegacy.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
x-ua-compatible
IE=edge

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Mon, 08 Aug 2022 11:07:24 GMT
location
https://mariopartylegacy.com/
server
LiteSpeed
pub.min.js
free.xjs.lol/js/
3 KB
2 KB
Script
General
Full URL
https://free.xjs.lol/js/pub.min.js
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 12:11:29 GMT
server
nginx
etag
"614b1d71-60b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubdomains;
content-length
1547
expires
Tue, 09 Aug 2022 11:07:25 GMT
style.min.css
mariopartylegacy.com/wp-includes/css/dist/block-library/
87 KB
11 KB
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Wed, 13 Jul 2022 00:04:29 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10946
expires
Mon, 15 Aug 2022 11:07:25 GMT
unsemantic-grid.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/
12 KB
2 KB
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/unsemantic-grid.min.css?ver=3.1.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 06:37:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1655
expires
Mon, 15 Aug 2022 11:07:25 GMT
style.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/style.min.css?ver=3.1.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
424332ea0ecacff818cf7de57fd7968c0172f01776ff025a4d2a99540422d3f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 06:37:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4860
expires
Mon, 15 Aug 2022 11:07:25 GMT
mobile.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/
4 KB
1005 B
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/mobile.min.css?ver=3.1.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 06:37:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
972
expires
Mon, 15 Aug 2022 11:07:25 GMT
font-icons.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/
3 KB
713 B
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 06:37:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
680
expires
Mon, 15 Aug 2022 11:07:25 GMT
font-awesome.min.css
mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/
30 KB
6 KB
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/font-awesome.min.css?ver=4.7
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
7181c93962530c41049c3aff9c3a0f4b0d03685ec63d22a39e3461e5628c09af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 06:37:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6556
expires
Mon, 15 Aug 2022 11:07:25 GMT
featured-images.min.css
mariopartylegacy.com/wp-content/plugins/gp-premium/blog/functions/css/
3 KB
487 B
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=1.12.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Wed, 16 Dec 2020 18:17:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
431
expires
Mon, 15 Aug 2022 11:07:25 GMT
offside.min.css
mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=1.12.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
628492e9ee5248b3ae1bd504a7d60227a2e7a09b953b858784044d7d28844489

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Wed, 16 Dec 2020 18:17:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1392
expires
Mon, 15 Aug 2022 11:07:25 GMT
icons.min.css
mariopartylegacy.com/wp-content/plugins/gp-premium/general/icons/
273 B
172 B
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-content/plugins/gp-premium/general/icons/icons.min.css?ver=1.12.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
a84d93033cfb20c017fcdb465504883f68f8cddef078b205b04b0cd73f0d8405

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Wed, 16 Dec 2020 18:17:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
140
expires
Mon, 15 Aug 2022 11:07:25 GMT
navigation-branding.min.css
mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/css/
3 KB
616 B
Stylesheet
General
Full URL
https://mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css?ver=1.12.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Wed, 16 Dec 2020 18:17:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
583
expires
Mon, 15 Aug 2022 11:07:25 GMT
jquery.min.js
mariopartylegacy.com/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://mariopartylegacy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Tue, 27 Jul 2021 21:47:29 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30273
expires
Mon, 15 Aug 2022 11:07:25 GMT
jquery-migrate.min.js
mariopartylegacy.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://mariopartylegacy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Wed, 09 Dec 2020 23:16:15 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3995
expires
Mon, 15 Aug 2022 11:07:25 GMT
js
www.googletagmanager.com/gtag/
106 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-84394370-1
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64915189cf6e3e34eb8e680a124a2aea66409d7cc088f1f874c19bb728630207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41873
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Aug 2022 11:07:25 GMT
wp-emoji-release.min.js
mariopartylegacy.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://mariopartylegacy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Fri, 03 Jun 2022 00:38:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4619
expires
Mon, 15 Aug 2022 11:07:25 GMT
cropped-mariopartylegacylogo.png
mariopartylegacy.com/wp-content/uploads/2019/12/
90 KB
90 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2019/12/cropped-mariopartylegacylogo.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
d297edda9cc0ac8d1ea9ae162e30430673ac07b4d8a536051b27ab2d96037c27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Sat, 21 Dec 2019 10:16:26 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
92081
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariopartylegacythin.png
mariopartylegacy.com/wp-content/uploads/2021/02/
26 KB
26 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2021/02/mariopartylegacythin.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
c6f6d25594bb36ece49a086f833453906f388a3aec9a2e8568ba183807fc390b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Sat, 06 Feb 2021 19:44:13 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
26624
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty1.png
mariopartylegacy.com/wp-content/themes/icons/
20 KB
20 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty1.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
84e5902420c80249fae4e0c136ae1c78b9f977210e528d676a0cbd1f276a12e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:34 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20578
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty2.png
mariopartylegacy.com/wp-content/themes/icons/
5 KB
5 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty2.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
6624cfdb330a4273c33b550e5ae7440a7ef259e3c074b7b89bd27739bddfeb75

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:34 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5103
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty3.png
mariopartylegacy.com/wp-content/themes/icons/
5 KB
5 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty3.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
4016e5c000f30547fe4c066aa2afad9f2ca5db3d6717b4d0990fecfd1a301507

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:35 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5269
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty4.png
mariopartylegacy.com/wp-content/themes/icons/
5 KB
5 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty4.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
095ce7913e543fa079a0e91c892304486f466f5d3c8ea49d50501a1d08ddd72d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:35 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5255
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty5.png
mariopartylegacy.com/wp-content/themes/icons/
5 KB
5 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty5.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
c0f68a9595fd8ff81f5a765be4da5aa5ce13cbbb8d5f40e25a270bd86978c35b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:35 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5288
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty6.png
mariopartylegacy.com/wp-content/themes/icons/
5 KB
5 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty6.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
61c34b945902ab85a4d8134bcbef2309558cef9b344777023e3acfac754ad430

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:35 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5177
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty7.png
mariopartylegacy.com/wp-content/themes/icons/
5 KB
5 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty7.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
5e939f7f2ddb20f90b0d03ff858ab310c3573e20abf16dd1f62609d0c06f9789

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:35 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5482
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty8.png
mariopartylegacy.com/wp-content/themes/icons/
5 KB
5 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty8.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
9755be0c168d11892adcf65aaa09cd3c671a262d4512e393bf542730a6a38aa8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:36 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5105
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty9.png
mariopartylegacy.com/wp-content/themes/icons/
2 KB
2 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty9.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
0edaf21554e0889aed8de9ec9e662e8247f3fad31fd795914a8822681bea1913

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:36 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2361
expires
Mon, 15 Aug 2022 11:07:25 GMT
marioparty10.png
mariopartylegacy.com/wp-content/themes/icons/
21 KB
21 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/marioparty10.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
b884d92a693c2e1689e630dad72d23cb3775d4d9abc1c591f0a9439fa4b0d24f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:36 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
21608
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariopartyadvance.png
mariopartylegacy.com/wp-content/themes/icons/
7 KB
7 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/mariopartyadvance.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
92f1c3973f0fdeed0f764028a1415b11372c3ce61d8c08bdcebde53d66f93cff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:36 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6662
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariopartyds.png
mariopartylegacy.com/wp-content/themes/icons/
7 KB
7 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/mariopartyds.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
ded6a344cab6b04f35d5974166b765ea329aa309368373d916658c000e2e1cef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:37 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6948
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariopartyislandtour.png
mariopartylegacy.com/wp-content/themes/icons/
6 KB
6 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/mariopartyislandtour.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
f74f09e9fd96d0445dcd5c4ebf50055bd5d782f5ad346174a7d4f389adca17c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:37 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6192
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariopartystarrush.png
mariopartylegacy.com/wp-content/themes/icons/
23 KB
23 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/mariopartystarrush.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
04e335d4d6e4403b6be6ab4c8b75b2a59c060e00f8b36a2e8626b4de3ff3da3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:37 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23064
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariopartytop.png
mariopartylegacy.com/wp-content/themes/icons/
62 KB
62 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/mariopartytop.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
fe4f915ffcb03078459bc08bceb07b6a3158278caa6f4a86c1a01aa229e05e7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:38 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
63245
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariopartysuper.png
mariopartylegacy.com/wp-content/themes/icons/
7 KB
7 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/mariopartysuper.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
4cb32ec64c172379f3b33674d6ad45d1c5bb38601e17b9ee43597ba17a5c5350

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 26 May 2020 18:18:37 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7636
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariopartysuperstars.png
mariopartylegacy.com/wp-content/themes/icons/
6 KB
7 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/themes/icons/mariopartysuperstars.png
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
5b32009d78e3905b5795e394e00cb3fb5afbb912622323c581bbb856dfb560d5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 15 Jun 2021 18:03:15 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6616
expires
Mon, 15 Aug 2022 11:07:25 GMT
mario-kart-8-deluxe-booster-dlc-wave-2-thumbnail.jpg
mariopartylegacy.com/wp-content/uploads/2022/07/
764 KB
764 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2022/07/mario-kart-8-deluxe-booster-dlc-wave-2-thumbnail.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
8a68f733a4c556d63f4075e483fa51939f0a6de4675336226c1a15077ee92c71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Thu, 28 Jul 2022 16:13:57 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
782319
expires
Mon, 15 Aug 2022 11:07:25 GMT
ad-manager.min.js
hb.vntsm.com/v3/live/ Frame BD8D
990 KB
297 KB
Script
General
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
ab0776532b7dcde5b81aa4ee4f1ec961705f0b3a336f85827c2fb5f6342aa3c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
cdn-edgestorageid
885
access-control-allow-origin
*
cdn-cachedat
08/01/2022 08:25:08
cdn-pullzone
131999
cdn-requestpullsuccess
True
server
BunnyCDN-NY-885
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified
Wed, 27 Jul 2022 12:42:42 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"0520b7da1cb24664e166dc4f0cda5bab"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
cdn-cache
HIT
x-bl
0
cache-control
public, max-age=86400
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid
245ea4bd154c03c142fdf6c6b03552a4
cdn-requestcountrycode
CA
cdn-status
200
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
headerback9.jpg
mariopartylegacy.com/wp-content/uploads/2019/12/
13 KB
13 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2019/12/headerback9.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
732e093b7af9eb20bbae0d854548911684db64a17d4b69f0e31b81a928adb359

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Sat, 21 Dec 2019 10:38:59 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12975
expires
Mon, 15 Aug 2022 11:07:25 GMT
headerback.jpg
mariopartylegacy.com/wp-content/uploads/2019/12/
109 KB
109 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2019/12/headerback.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
7cd06ebcc99017e3dac76cf98fb6bb6e987be09d24173d6dd9859852e88f82b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Sat, 21 Dec 2019 09:32:40 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
111579
expires
Mon, 15 Aug 2022 11:07:25 GMT
headerback6.jpg
mariopartylegacy.com/wp-content/uploads/2019/12/
106 KB
106 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2019/12/headerback6.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
76be95cf10e2dc894e3960e5a50d616b9fd9b3a874fc0cfba65d43c3b94e83dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Sat, 21 Dec 2019 10:39:27 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
108385
expires
Mon, 15 Aug 2022 11:07:25 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D07) /
Resource Hash
71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 11:07:25 GMT
Content-Encoding
gzip
Age
1113
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29203
x-tw-cdn
VZ
Last-Modified
Wed, 03 Aug 2022 21:01:21 GMT
Server
ECS (nyb/1D07)
Etag
"2db8c3ce16d9541818f0d180a9ea89b1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
generatepress.woff2
mariopartylegacy.com/wp-content/themes/generatepress/assets/fonts/
1 KB
1 KB
Font
General
Full URL
https://mariopartylegacy.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer
https://mariopartylegacy.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.1.3
Origin
https://mariopartylegacy.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Fri, 08 Apr 2022 06:37:19 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1264
expires
Mon, 15 Aug 2022 11:07:25 GMT
mario-strikers-battle-league-guide-walkthrough-cheats-secrets-slide-2.jpg
mariopartylegacy.com/wp-content/uploads/2022/07/
266 KB
266 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2022/07/mario-strikers-battle-league-guide-walkthrough-cheats-secrets-slide-2.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
92b19b5113efbbaf8335fe55e8aff7d74a625a2964ff63f55593100e30bd3a0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Wed, 20 Jul 2022 03:36:44 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
271897
expires
Mon, 15 Aug 2022 11:07:25 GMT
mario-kart-64-unlockables-guide-slide.jpg
mariopartylegacy.com/wp-content/uploads/2022/05/
204 KB
204 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2022/05/mario-kart-64-unlockables-guide-slide.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
906917064249257d133929d88cd256cc0f0a85bfebea2ffe13ee28e749dc2230

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Sun, 29 May 2022 10:01:19 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
208881
expires
Mon, 15 Aug 2022 11:07:25 GMT
mario-strikers-battle-league-guide-walkthrough-cheats-secrets-slide.jpg
mariopartylegacy.com/wp-content/uploads/2022/05/
285 KB
285 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2022/05/mario-strikers-battle-league-guide-walkthrough-cheats-secrets-slide.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
5f0d0dc37da096042a77e53ce42fdcc6152a6e606f453ab038cedd7dc088ddb5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 24 May 2022 21:38:16 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
292012
expires
Mon, 15 Aug 2022 11:07:25 GMT
mario-golf-64-guide-walkthrough-cheats-secrets-slide.jpg
mariopartylegacy.com/wp-content/uploads/2022/04/
196 KB
196 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2022/04/mario-golf-64-guide-walkthrough-cheats-secrets-slide.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
63440413f9b013a54631b329d428a96694a8e82c1c67a5f924e29ade9ffc45e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Mon, 11 Apr 2022 21:38:55 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
200759
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariokartboosterslide.jpg
mariopartylegacy.com/wp-content/uploads/2022/02/
244 KB
244 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2022/02/mariokartboosterslide.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
d84628fdcbd80df1ec891a2d39af7837c748eaa2d7369fedd3e39cb902b04573

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 22 Feb 2022 20:35:25 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
249840
expires
Mon, 15 Aug 2022 11:07:25 GMT
mariostrikersslide.jpg
mariopartylegacy.com/wp-content/uploads/2022/02/
217 KB
218 KB
Image
General
Full URL
https://mariopartylegacy.com/wp-content/uploads/2022/02/mariostrikersslide.jpg
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
0812fe1eca87b53058cf954b36e8b6c12fb15da281f92386acf6f0d800a2acbc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Tue, 22 Feb 2022 20:32:30 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
222671
expires
Mon, 15 Aug 2022 11:07:25 GMT
offside.min.js
mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/js/
6 KB
2 KB
Script
General
Full URL
https://mariopartylegacy.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=1.12.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Wed, 16 Dec 2020 18:17:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1919
expires
Mon, 15 Aug 2022 11:07:25 GMT
jquery.cookie.min.js
mariopartylegacy.com/wp-content/plugins/wplegalpages/admin/js/
1 KB
666 B
Script
General
Full URL
https://mariopartylegacy.com/wp-content/plugins/wplegalpages/admin/js/jquery.cookie.min.js?ver=2.9.0
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Tue, 26 Jul 2022 21:52:37 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
622
expires
Mon, 15 Aug 2022 11:07:25 GMT
menu.min.js
mariopartylegacy.com/wp-content/themes/generatepress/assets/js/
7 KB
1 KB
Script
General
Full URL
https://mariopartylegacy.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 06:37:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1509
expires
Mon, 15 Aug 2022 11:07:25 GMT
wprt-script.js
mariopartylegacy.com/wp-content/plugins/wp-responsive-table/assets/frontend/js/
173 B
216 B
Script
General
Full URL
https://mariopartylegacy.com/wp-content/plugins/wp-responsive-table/assets/frontend/js/wprt-script.js?ver=1.2.6
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.152.168.8 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS
server08.hostwhitelabel.com
Software
LiteSpeed /
Resource Hash
6e8060b67a9bc601a234fad07a2ffdf1ba56bab8d4fe01fcdece885bce46f0aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
last-modified
Thu, 06 May 2021 20:41:08 GMT
server
LiteSpeed
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
173
expires
Mon, 15 Aug 2022 11:07:25 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84394370-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
304
date
Mon, 08 Aug 2022 11:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 08 Aug 2022 13:02:21 GMT
widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html
platform.twitter.com/widgets/ Frame 3847
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fmariopartylegacy.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2B) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://mariopartylegacy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
395663
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Mon, 08 Aug 2022 11:07:25 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Wed, 03 Aug 2022 20:59:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D2B)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 3847
514 B
521 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=1985c92fcacf7ef317ea6222ecbefb0492caba56
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fmariopartylegacy.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
bffc52e4169b20304573746cfa49a47bc01cd3f4411a331a1a389260a26747a3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
6
date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 11:07:25 GMT
server
tsa_b
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
29b32544bc7809ad90b5c1e1801966e3ddca8827849c5dd7eee123c34b51944e
content-length
242
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2003746559&t=pageview&_s=1&dl=https%3A%2F%2Fmariopartylegacy.com%2F&ul=en-us&de=UTF-8&dt=Mario%20Party%20Legacy%20-%20The%20ultimate%20Mario%20Party%20resource&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=303138749&gjid=1659247886&cid=1276586406.1659956846&tid=UA-84394370-1&_gid=995756416.1659956846&_r=1&gtm=2ou830&z=527675308
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 11:07:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mariopartylegacy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
58e3a82446e0fb000143f01b.enc
hb.vntsm.com/v2/live/ Frame
0
0
Preflight
General
Full URL
https://hb.vntsm.com/v2/live/58e3a82446e0fb000143f01b.enc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://mariopartylegacy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
CA
cdn-requestid
464145a41d9e3e5700e2050651422685
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-type
application/octet-stream
date
Mon, 08 Aug 2022 11:07:26 GMT
server
BunnyCDN-NY-885
x-bl
0
content.html
hb.vntsm.io/ Frame BD8D
32 B
742 B
Fetch
General
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
cf-cache-status
HIT
age
5558
cf-ray
7377c9cfbe7fca57-YUL
content-length
32
x-amz-id-2
GWAvMt1vcvmiTsEPs+iuMWDZfpCt9jectSfFoZl7U8tWnDolemYhRuVgMMq6IxjYwxQFa9TjfbI=
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
MAEZCD8BB59Z2EJ8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
content-type
text/html
58e3a82446e0fb000143f01b.enc
hb.vntsm.com/v2/live/ Frame BD8D
29 KB
5 KB
XHR
General
Full URL
https://hb.vntsm.com/v2/live/58e3a82446e0fb000143f01b.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
2452de2f3b68eef684752159df8690ef90dfe2be0bacb957abcd6a9e0562e9e7

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
ref_url
aHR0cHM6Ly9tYXJpb3BhcnR5bGVnYWN5LmNvbS8=

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
br
cdn-edgestorageid
885
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cdn-cachedat
08/03/2022 14:16:06
cdn-pullzone
131999
server
BunnyCDN-NY-885
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified
Wed, 03 Aug 2022 14:11:35 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"996f783cdf6f9ae635ce097410532986"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
cdn-cache
HIT
x-bl
0
cache-control
public, max-age=86400
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid
ebc5f3124ff9655880ee11795bc755c5
access-control-allow-credentials
true
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
button.fed83577e235944f1c02f314fdfd94dd.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.fed83577e235944f1c02f314fdfd94dd.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D07) /
Resource Hash
dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 11:07:26 GMT
Content-Encoding
gzip
Age
395664
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2359
x-tw-cdn
VZ
Last-Modified
Wed, 03 Aug 2022 20:59:06 GMT
Server
ECS (nyb/1D07)
Etag
"c1233079fb145bc77c712143fa5dcd65+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
moment~timeline.0077362cedfc3f5894ac8f9171c2dfd9.js
platform.twitter.com/js/
25 KB
8 KB
Script
General
Full URL
https://platform.twitter.com/js/moment~timeline.0077362cedfc3f5894ac8f9171c2dfd9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D23) /
Resource Hash
5997b2d231bf8e1d62578e8ed7bc0b60e6751c7a87c1762f7e260f65d1bbeb30

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 11:07:26 GMT
Content-Encoding
gzip
Age
395664
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
8086
x-tw-cdn
VZ
Last-Modified
Wed, 03 Aug 2022 20:59:06 GMT
Server
ECS (nyb/1D23)
Etag
"de123dc04bbf19def7476a4c0045075f+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.55e8262747461cf415fb59f1ac3ec11e.js
platform.twitter.com/js/
21 KB
7 KB
Script
General
Full URL
https://platform.twitter.com/js/timeline.55e8262747461cf415fb59f1ac3ec11e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D04) /
Resource Hash
7edb913cc2ae8ff20b333bed70a5f70ee8356cd4e0ae04939855a879ab5d5eb0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 11:07:26 GMT
Content-Encoding
gzip
Age
395660
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
6582
x-tw-cdn
VZ
Last-Modified
Wed, 03 Aug 2022 20:59:06 GMT
Server
ECS (nyb/1D04)
Etag
"f99606e4608647fe92f8f2be88fe578f+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
follow_button.2b1befbea3a1424bb94efd70105dfa52.en.html
platform.twitter.com/widgets/ Frame 9B02
40 KB
15 KB
Document
General
Full URL
https://platform.twitter.com/widgets/follow_button.2b1befbea3a1424bb94efd70105dfa52.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D07) /
Resource Hash
e8dcc8dd399a0ee4d0aa4e532a3538028c007182df71143ce6840757a5d63b46

Request headers

Referer
https://mariopartylegacy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
395661
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
15049
Content-Type
text/html; charset=utf-8
Date
Mon, 08 Aug 2022 11:07:26 GMT
Etag
"4226f50dc1d4b20c6bd89627506eabf4+gzip"
Last-Modified
Wed, 03 Aug 2022 20:59:07 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D07)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
jot
syndication.twitter.com/i/
43 B
380 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22MPLNetwork%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1659956846036%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b7df0f50e1ec1%3A1659558317797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=1985c92fcacf7ef317ea6222ecbefb0492caba56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
12
pragma
no-cache
last-modified
Mon, 08 Aug 2022 11:07:26 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
29b32544bc7809ad90b5c1e1801966e3ddca8827849c5dd7eee123c34b51944e
x-transaction
2bc9017abd538213
expires
Tue, 31 Mar 1981 05:00:00 GMT
truncated
/ Frame 9B02
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
profile
cdn.syndication.twimg.com/timeline/
136 KB
10 KB
Script
General
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_MPLNetwork_old&dnt=false&domain=mariopartylegacy.com&lang=en&screen_name=MPLNetwork&suppress_response_codes=true&t=1844396&tz=GMT%2B0000&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_b /
Resource Hash
a6e7afc11240946a02dfb818cac387effbd51da68303c31c278597f8610782d5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename=jsonp.jsonp
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=121
content-length
9376
x-xss-protection
0
access-contol-allow-origin
platform.twitter.com
x-response-time
98
last-modified
Mon, 08 Aug 2022 11:07:26 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
47c03d4e3dc739421a8b7bec78d337ed5ba6c51ed5830fb3d4ed72ee3a7dd3dc
timing-allow-origin
*
x-transaction
dcfa3e9886806610
expires
Mon, 08 Aug 2022 11:12:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
84 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
32c1b5de7ddf2c18f100065db9719cf4a67879dee3f6b14e8c4041f826fa4e62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28637
x-xss-protection
0
server
sffe
etag
"1297 / 636 of 1000 / last-modified: 1659954538"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Aug 2022 11:07:26 GMT
ats.js
ats.rlcdn.com/
109 KB
35 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.126.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-126-97.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 03:36:56 GMT
content-encoding
br
age
27031
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
EWR52-C3
content-type
application/x-javascript
x-amz-cf-id
kCtB7080zOsb_4jkI8v8hQxycYCtlM2aoMLasT4GLlx8Q10tCufvuA==
prebid
ib.adnxs.com/ut/v3/ Frame BD8D
57 B
0
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 11:07:26 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
595a5058-b015-43b4-93ff-91b81dd9f353
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mariopartylegacy.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
57
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1f914.png
abs.twimg.com/emoji/v2/72x72/ Frame B8EB
1 KB
1 KB
Image
General
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f914.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/476A) /
Resource Hash
5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
x-content-type-options
nosniff
age
185629
x-ton-expected-size
1028
x-cache
HIT
content-length
1028
x-response-time
9
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:34 GMT
server
ECAcc (nyb/476A)
etag
"X7St/AzVm+1oZjkmNZWNow=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
c1722585a39f598c36954fcc5a9bd12c48950b8a30667e752339696193623133
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 08 Aug 2023 11:07:26 GMT
1f440.png
abs.twimg.com/emoji/v2/72x72/ Frame B8EB
1 KB
1 KB
Image
General
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f440.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4783) /
Resource Hash
487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
x-content-type-options
nosniff
age
5449943
x-ton-expected-size
1024
x-cache
HIT
content-length
1024
x-response-time
9
surrogate-key
twitter-assets
last-modified
Wed, 11 Apr 2018 17:49:51 GMT
server
ECAcc (nyb/4783)
etag
"Edk5xK45DjvtJuiq8MRwOQ=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
9f0adaf40728c3a34c3f1dadb82e6cd1df788598d93a7a0cc25d410defb37df0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 08 Aug 2023 11:07:26 GMT
1f335.png
abs.twimg.com/emoji/v2/72x72/ Frame B8EB
556 B
724 B
Image
General
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f335.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/1D6E) /
Resource Hash
855735a62345bd8181c61f5cf427dd5ef9568b9d0d909d9168f2af835dd28e35
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
x-content-type-options
nosniff
age
3760923
x-ton-expected-size
556
x-cache
HIT
content-length
556
x-response-time
16
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:29 GMT
server
ECAcc (nyb/1D6E)
etag
"evC22Ovx3NbrqaCGZDKO4Q=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
4561179f6739846d4df544d160c2e25ff3b18a004dacefafb1980604134c9b8a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 08 Aug 2023 11:07:26 GMT
1f3a7.png
abs.twimg.com/emoji/v2/72x72/ Frame B8EB
774 B
939 B
Image
General
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f3a7.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/46D8) /
Resource Hash
96e389bc7e931917946bab3b7f6cb92a9949b7c13386c458f032b53602b0b69a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
x-content-type-options
nosniff
age
5883897
x-ton-expected-size
774
x-cache
HIT
content-length
774
x-response-time
9
surrogate-key
twitter-assets
last-modified
Mon, 17 Sep 2018 19:12:44 GMT
server
ECAcc (nyb/46D8)
etag
"M8914t6j1Wz/j9CzYfwk2g=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
7585d7808f2b4e6a006d15ef0f07940e5bc38243f2f2e34281845421f506496b
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 08 Aug 2023 11:07:26 GMT
1f50a.png
abs.twimg.com/emoji/v2/72x72/ Frame B8EB
655 B
1 KB
Image
General
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f50a.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4775) /
Resource Hash
55a389705b863e35578972d0a336c9cb65c962a5599314629159c47ba46ddcd0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
x-content-type-options
nosniff
age
1242836
x-ton-expected-size
655
x-cache
HIT
content-length
655
x-response-time
13
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:25 GMT
server
ECAcc (nyb/4775)
etag
"9dkTSllwwiGg63GTJTGbew=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
21971c9c228be129309fa4dcf0e60423831a6d1fdbf77b38adc41938c2ac54c0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 08 Aug 2023 11:07:26 GMT
1f3ce.png
abs.twimg.com/emoji/v2/72x72/ Frame B8EB
886 B
1 KB
Image
General
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f3ce.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4758) /
Resource Hash
4087bec4d792d53309236b3da78efb45affedf853147c99bfbfe2bb785c7326b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
x-content-type-options
nosniff
age
1781512
x-ton-expected-size
886
x-cache
HIT
content-length
886
x-response-time
20
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:33 GMT
server
ECAcc (nyb/4758)
etag
"2Mp0/XgYanybJ8u7tZEq/w=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
152fa83e25a8f42ee081daaf515f36aa7208fac4321a439ee7153d853dd2005b
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 08 Aug 2023 11:07:26 GMT
1f368.png
abs.twimg.com/emoji/v2/72x72/ Frame B8EB
912 B
1 KB
Image
General
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f368.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/1D54) /
Resource Hash
85e5961b6381291ee3f9e2928bd5c50e7db3636dcd3812ab6170cd0e06747f9d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
x-content-type-options
nosniff
age
1007178
x-ton-expected-size
912
x-cache
HIT
content-length
912
x-response-time
12
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:30 GMT
server
ECAcc (nyb/1D54)
etag
"MfCqvrst9+yEEw3O9jCPCA=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
ba17dc464f3494b37f69c4562e47c0148f55f7f8cf48d7ee2973fe835b88af7e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 08 Aug 2023 11:07:26 GMT
bbKE3wy5
pbs.twimg.com/card_img/1555225910609006592/ Frame B8EB
8 KB
9 KB
Image
General
Full URL
https://pbs.twimg.com/card_img/1555225910609006592/bbKE3wy5?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76067d937543acc269bf1a86fa218447c5654b493c42c8c3bdbde3ba9257b0e5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Thu, 04 Aug 2022 16:13:26 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
8491
x-served-by
cache-fty21345-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame B8EB
53 KB
12 KB
Stylesheet
General
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 11:07:26 GMT
Content-Encoding
gzip
Age
395664
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Wed, 03 Aug 2022 20:59:04 GMT
Server
ECS (nyb/1D1A)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/
53 KB
53 KB
Image
General
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1A) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 11:07:26 GMT
Content-Encoding
gzip
Age
395664
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Wed, 03 Aug 2022 20:59:04 GMT
Server
ECS (nyb/1D1A)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
script.js
d1oykxszdrgjgl.cloudfront.net/
117 KB
41 KB
Script
General
Full URL
https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:ee00:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bc3da5b33cd26b6981332db2370e598f7eeb751ecfb7c67b7504b2d37956a12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:00:05 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 10:16:11 GMT
server
AmazonS3
age
442
etag
W/"d339c772e2157f3a6cd59f143fafa35e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
uueP-j53xpuSLDl9mRrlkGmWdpkQjIbc5H032XLuOFax_QWvPTMJpw==
LPgLYQyP_normal.jpg
pbs.twimg.com/profile_images/1495969746138787840/ Frame B8EB
2 KB
2 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1495969746138787840/LPgLYQyP_normal.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ec2fb171e1620562e36b696354c0aeb30f901ac6d5797a01b2301c8645de308
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 22 Feb 2022 03:50:35 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2339
x-served-by
cache-fty21330-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
Dec0EaQ-_normal.jpg
pbs.twimg.com/profile_images/1225089995918258176/ Frame B8EB
2 KB
3 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1225089995918258176/Dec0EaQ-_normal.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
65b732f979346682474a811814bfc94d23387f8294875196ad1311a3a9ccbff9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 05 Feb 2020 16:11:10 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2491
x-served-by
cache-fty21358-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZZAUDSVUAErRkY
pbs.twimg.com/tweet_video_thumb/ Frame B8EB
20 KB
20 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/FZZAUDSVUAErRkY?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
71cb0e6452376bbcd2d1b8c20cf508995e44d8fdd6ea5394604f4ccb4bc169ca
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Fri, 05 Aug 2022 10:28:16 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
20568
x-served-by
cache-fty21369-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZdY2IBUYAEDlAy
pbs.twimg.com/tweet_video_thumb/ Frame B8EB
34 KB
34 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/FZdY2IBUYAEDlAy?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f437983f1cae20e921d0affac3a73d80d1ea8b92578f38144e06f50d42eb13d6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Sat, 06 Aug 2022 06:53:56 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
34631
x-served-by
cache-fty21368-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZV_CzLUEAAalsl
pbs.twimg.com/tweet_video_thumb/ Frame B8EB
21 KB
21 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/FZV_CzLUEAAalsl?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8594789a17e9bf0e37bcef8d25f4ac8f78d92ee5c2c630e1e22147f2eba83d9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Thu, 04 Aug 2022 20:23:52 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
21781
x-served-by
cache-fty21357-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZTdg6qUEAECBYV
pbs.twimg.com/tweet_video_thumb/ Frame B8EB
22 KB
22 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/FZTdg6qUEAECBYV?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb6b06bb210b7da274a733722c2138fd72c508ab16837c0806c04fd576b40ed3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Thu, 04 Aug 2022 08:38:08 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
22512
x-served-by
cache-fty21356-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FOD3W1hVgAAsz3p
pbs.twimg.com/tweet_video_thumb/ Frame B8EB
16 KB
16 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/FOD3W1hVgAAsz3p?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09c31a631cce7c0a5660a3c202a0bcb0f6e2a4e5aff9b533b68243839fad0d6e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 15:04:26 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
15985
x-served-by
cache-fty21354-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZKx5JqUYAAp-f-
pbs.twimg.com/tweet_video_thumb/ Frame B8EB
17 KB
18 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/FZKx5JqUYAAp-f-?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7cf5be6c1bc7fa991a24dd34dcbe8ea2fd1e6beffd703750ec728a58da32e99
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 02 Aug 2022 16:10:35 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17805
x-served-by
cache-fty21355-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZI1kNTUUAETA6y
pbs.twimg.com/media/ Frame B8EB
33 KB
34 KB
Image
General
Full URL
https://pbs.twimg.com/media/FZI1kNTUUAETA6y?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4229c13df78b26b4f3bc63f75538c7de6781496432695f852823fc4c00f32ee
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 02 Aug 2022 07:07:23 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
34207
x-served-by
cache-fty21350-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZGGIg6UYAA7V7a
pbs.twimg.com/tweet_video_thumb/ Frame B8EB
9 KB
9 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/FZGGIg6UYAA7V7a?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8f139114bc9d6f02bac4f8db7962ebf7249d70cd72f7bc5516cc4bc3a0531c2f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 18:20:54 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
9165
x-served-by
cache-fty21369-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
uSLbjgg5TnVruyb1
pbs.twimg.com/ext_tw_video_thumb/1554175414964068353/pu/img/ Frame B8EB
12 KB
12 KB
Image
General
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1554175414964068353/pu/img/uSLbjgg5TnVruyb1?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44f8bc68db1f9274972b51b3283af08ff15be71bb41d448eaa9b4f9cee9acee1
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 18:39:08 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
12426
x-served-by
cache-fty13723-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
WVTp4M9F087pe_xN
pbs.twimg.com/ext_tw_video_thumb/1554174739781824512/pu/img/ Frame B8EB
17 KB
17 KB
Image
General
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1554174739781824512/pu/img/WVTp4M9F087pe_xN?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
627ee2509310793db792efd25325aa4ab2d6aee538cb0ab4f09e59713071c1d4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 18:36:27 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17278
x-served-by
cache-fty21336-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZBY0fzVQAA5IzY
pbs.twimg.com/tweet_video_thumb/ Frame B8EB
5 KB
5 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/FZBY0fzVQAA5IzY?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739292727f596929d88ff012ea27ffae6d90411d788068303bb9dee554b62f3f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Sun, 31 Jul 2022 20:24:27 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
4726
x-served-by
cache-fty21374-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FY_AqOuUsAAHl2C
pbs.twimg.com/tweet_video_thumb/ Frame B8EB
27 KB
28 KB
Image
General
Full URL
https://pbs.twimg.com/tweet_video_thumb/FY_AqOuUsAAHl2C?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c4388144313c54e5663e0b67d081b450dd51031a5cca8a2fbf11a1df0380663
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Sun, 31 Jul 2022 09:19:39 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
28082
x-served-by
cache-fty13723-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FY5yfQUUIAA4GBX
pbs.twimg.com/media/ Frame B8EB
31 KB
31 KB
Image
General
Full URL
https://pbs.twimg.com/media/FY5yfQUUIAA4GBX?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09591b6a34e140a991b7be68e2a5697ec2c3c8f39d761294aabda92e5e02d751
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Sat, 30 Jul 2022 08:59:38 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
31782
x-served-by
cache-fty21374-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FY4WO_mXwAM4qq3
pbs.twimg.com/media/ Frame B8EB
74 KB
74 KB
Image
General
Full URL
https://pbs.twimg.com/media/FY4WO_mXwAM4qq3?format=jpg&name=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5241b1f3a130927822313805ebd45fd9903b860883f0a3318fa07ffe85b20c8b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Sat, 30 Jul 2022 02:16:34 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
75733
x-served-by
cache-fty21348-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FY0YJ_tUsAAWhJz
pbs.twimg.com/media/ Frame B8EB
30 KB
30 KB
Image
General
Full URL
https://pbs.twimg.com/media/FY0YJ_tUsAAWhJz?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64bf0c3d233dc7565ee549c782aa77ba609dac74162ab8d300eaa40d2484db0c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Fri, 29 Jul 2022 07:46:29 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
31098
x-served-by
cache-fty13720-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZjN9zeVUAAoQ4B
pbs.twimg.com/media/ Frame B8EB
9 KB
9 KB
Image
General
Full URL
https://pbs.twimg.com/media/FZjN9zeVUAAoQ4B?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1110ab9b45bb1a2db197f78779e4318e0354d5c60eae1662111ab71f449cdd7d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Sun, 07 Aug 2022 10:04:07 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
9173
x-served-by
cache-fty21372-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZjN22kUcAEikNm
pbs.twimg.com/media/ Frame B8EB
8 KB
8 KB
Image
General
Full URL
https://pbs.twimg.com/media/FZjN22kUcAEikNm?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f0136aad6c7311d404432d6a0ade2412a0c3ec17d37a0495ec5d811e2681e297
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Sun, 07 Aug 2022 10:03:39 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
8567
x-served-by
cache-fty21323-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZjN3nJUsAArscJ
pbs.twimg.com/media/ Frame B8EB
7 KB
8 KB
Image
General
Full URL
https://pbs.twimg.com/media/FZjN3nJUsAArscJ?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
52020354ae529af5b5b75613ac0f409ac978bdf73fdab032163ff58bbdc92bc9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Sun, 07 Aug 2022 10:03:42 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
7632
x-served-by
cache-fty21381-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZD51KdVEAAk8TI
pbs.twimg.com/media/ Frame B8EB
15 KB
15 KB
Image
General
Full URL
https://pbs.twimg.com/media/FZD51KdVEAAk8TI?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b08db1943e625c7da2ec361aa24cb0e3d4bf4adaa0f715e8bde10732b11b360
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 08:07:55 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
14938
x-served-by
cache-fty21365-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZD5iU3VUAEJnke
pbs.twimg.com/media/ Frame B8EB
17 KB
17 KB
Image
General
Full URL
https://pbs.twimg.com/media/FZD5iU3VUAEJnke?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d12b1b045cd56b5331058e7206493681cf4e4ba0cdfc8a9414f7b0f9cd8fe7ce
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 08:06:38 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
16992
x-served-by
cache-fty21353-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZD5i-3UIAAX7zb
pbs.twimg.com/media/ Frame B8EB
14 KB
14 KB
Image
General
Full URL
https://pbs.twimg.com/media/FZD5i-3UIAAX7zb?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a96f14050e7aa247f75fa61e33a4920fd79744cb39929750a1ac7c9eff0c0e98
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 08:06:41 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
14189
x-served-by
cache-fty21329-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
FZD5ji3VEAEHHwX
pbs.twimg.com/media/ Frame B8EB
15 KB
15 KB
Image
General
Full URL
https://pbs.twimg.com/media/FZD5ji3VEAEHHwX?format=jpg&name=240x240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0801d8045c86660a7b29dcf4025273c8ad6dd45d89fd1ea13f608d074b13406f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 08:06:43 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
14948
x-served-by
cache-fty21381-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame B8EB
44 KB
7 KB
Stylesheet
General
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c0ec:d236:5e26:ab36:2d30 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/46CB) /
Resource Hash
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344328
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
6
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (nyb/46CB)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
9658cca549ec4251d0e2a096ca656dc99e11e77042edb8fc729937f07db80fe0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Mon, 15 Aug 2022 11:07:26 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/
44 KB
44 KB
Image
General
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:c0ec:d236:5e26:ab36:2d30 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/46CB) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344328
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
6
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (nyb/46CB)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
9658cca549ec4251d0e2a096ca656dc99e11e77042edb8fc729937f07db80fe0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Mon, 15 Aug 2022 11:07:26 GMT
truncated
/ Frame B8EB
512 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame B8EB
825 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame B8EB
572 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame B8EB
644 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame B8EB
739 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame B8EB
607 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
pubads_impl_2022080201.js
securepubads.g.doubleclick.net/gpt/
380 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080201.js?cb=31068784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
f7a89d8edb260b58ede989d3b499765be906f60509dfce9ed08e9f9f4408036a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 10:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132754
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 03 Aug 2023 10:43:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
111 B
112 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mariopartylegacy.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
8292e076c85520d9770a2739a10f142c0471931cf0107d528626fa9bc998a0d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0
expires
Mon, 08 Aug 2022 11:07:26 GMT
1a
i.clean.gg/
0
15 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mariopartylegacy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 08 Aug 2022 11:07:26 GMT
server
nginx/1.21.6
via
1.1 google
bbKE3wy5
pbs.twimg.com/card_img/1555225910609006592/ Frame B8EB
8 KB
8 KB
Image
General
Full URL
https://pbs.twimg.com/card_img/1555225910609006592/bbKE3wy5?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76067d937543acc269bf1a86fa218447c5654b493c42c8c3bdbde3ba9257b0e5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Thu, 04 Aug 2022 16:13:26 GMT
date
Mon, 08 Aug 2022 11:07:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
8491
x-served-by
cache-fty21345-FTY, cache-iad-kiad7000149-IAD, cache-tw-ZZZ1
jot
syndication.twitter.com/i/
43 B
123 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22MPLNetwork%22%2C%22widget_data_source%22%3A%22profile%3AMPLNetwork%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1659956846555%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b7df0f50e1ec1%3A1659558317797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=1985c92fcacf7ef317ea6222ecbefb0492caba56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
11
pragma
no-cache
last-modified
Mon, 08 Aug 2022 11:07:26 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
29b32544bc7809ad90b5c1e1801966e3ddca8827849c5dd7eee123c34b51944e
x-transaction
f92270e7a2a0040b
expires
Tue, 31 Mar 1981 05:00:00 GMT
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mariopartylegacy.com
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
29 KB
15 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2593348460633786&correlator=1100738987086787&eid=31064690%2C31068590%2C31068741%2C31068784%2C31068366%2C42531606%2C42531607%2C31067825%2C31068520&output=ldjh&gdfp_req=1&vrg=2022080201&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22756711119%2CVM_58e3a82446e0fb000143f01b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&ifi=1&adks=1634366647&sfv=1-0-38&fsapi=false&prev_scp=hb_pb%3D0.11%26hb_adid%3D58e3a83746e0fb000143f024-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3D77ccc1d5-v6.6.0_fr%26pg_ld_id%3D4a80c64446cc261b0bdc08c1b1e6010d%26mo%3Dscan%26ac_id%3D58e3a7fb46e0fb0001b2d13e%26si_id%3D58e3a82446e0fb000143f01b%26pl_id%3D58e3a83746e0fb000143f024%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-08-03%252014%253A11%253A33%26ta_si%3D728x90%26rt_sh%3D0.6%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26to_sp%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1659956846619&lmt=1659956846&dlt=1659956845465&idt=1106&adxs=436&adys=306&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmariopartylegacy.com%2F&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=4&ohw=1600&rtgs=1&max_w=970&max_h=250&min_w=728&min_h=90&ga_vid=1276586406.1659956846&ga_sid=1659956847&ga_hid=2003746559&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080201.js?cb=31068784
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
ed5de26e000ce68355e8de722c4bbd66964bc12b021001521b1fa2b42ea27c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15126
x-xss-protection
0
google-lineitem-id
6059393025
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138397665556
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mariopartylegacy.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080201.js?cb=31068784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7f1221205371bc4a07c46ca87b14bf621ec2a0873641d4acdde22c39edadfe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10622
x-xss-protection
0
container.html
e481a865dd2d34b41707abbd7e6a4c27.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 549B
6 KB
4 KB
Document
General
Full URL
https://e481a865dd2d34b41707abbd7e6a4c27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mariopartylegacy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 11:07:26 GMT
expires
Tue, 08 Aug 2023 11:07:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
localstore.js
script.4dex.io/ Frame BD8D
483 B
941 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2671654
x-amz-request-id
tx86f8e995592547ee95ab9-00629f4bc7
x-amz-id-2
tx86f8e995592547ee95ab9-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXTv1kuqzYMoG4WpNb0g1TklBSxKY2aZh3D2m4GVEKnVmKxkZsesdnpfvYxx5m6v8MRf6MA4Xqn67Exn4XwVu7vJtoTaoJ7pMz52mXeiCxeHMFwPZT%2FzDNs%2BJEPyDOQucfUmbwUJCGa3nyct"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
7377c9d3faa47138-YUL
cookie_sync
pbs.venatusmedia.com/ Frame BD8D
4 KB
922 B
XHR
General
Full URL
https://pbs.venatusmedia.com/cookie_sync
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.198.209.35.bc.googleusercontent.com
Software
/
Resource Hash
4c65483f42b44d20cec8adc80e9bffb52b8896c97e5a3225dafa17a80e15b372

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://mariopartylegacy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbs
nam
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
687
via
1.1 google
expires
0
auction
pbs.venatusmedia.com/openrtb2/ Frame BD8D
406 B
395 B
XHR
General
Full URL
https://pbs.venatusmedia.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.209.198.18 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.198.209.35.bc.googleusercontent.com
Software
/
Resource Hash
e77fe73d8650787c341220c14f16b4524b641fad87535ecbd450166dedb0f9a1

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-prebid
pbs-java/1.79.0
content-type
application/json
access-control-allow-origin
https://mariopartylegacy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbs
nam
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307
via
1.1 google
expires
0
cygnus
htlb.casalemedia.com/ Frame BD8D
37 B
640 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=171567&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22146dcc6dcae5a5a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2215a975afe12f7fb%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22300x100%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2216397e2ffb8f1f4%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22171567%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2271f95189-5c9a-4b83-80fc-e65c53ed3529%22%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8fc5822554bde5b9a50bacee52f9e403200488ca0a995624e208a04267ee0c

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1b4jjI96vEBk7RStco2ibPND1IGw1vUrHt2NVDvwQ7rYKTi4Z7Hcb5NZZNkjWMeHgZbh0fHgD%2F1szhgeibwupTcRRGZSqdjf21kOEcQQFdeHd210Op%2BVeuWigUUCyi%2FvB0B5kVh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://mariopartylegacy.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7377c9d44e24a216-YYZ
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BD8D
310 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160038&zone_id=767292&size_id=19&alt_size_ids=43%2C44%2C117&rp_schain=1.0,1!venatus.com,58e3a82446e0fb000143f01b,1,,,&eid_pubcid.org=71f95189-5c9a-4b83-80fc-e65c53ed3529%5E1&rf=https%3A%2F%2Fmariopartylegacy.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=8094f68f-2f25-41d1-bb5b-b0f8698e42ff&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23705942048486084
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d27d1d5cebe4f2f1f96e3ac4bc7e70c9304eb9064b0683524d4b182411e092d9

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 11:07:26 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mariopartylegacy.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
310
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BD8D
283 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160038&zone_id=767292&size_id=15&rp_schain=1.0,1!venatus.com,58e3a82446e0fb000143f01b,1,,,&eid_pubcid.org=71f95189-5c9a-4b83-80fc-e65c53ed3529%5E1&rf=https%3A%2F%2Fmariopartylegacy.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=05dfffaf-a78b-4f33-9ab0-5f82ad616a7b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9610324813885669
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8f6d71bd07bd89a8790b1ddfd9b59696c6b6adc258038b480727d1e95cbcb791

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 11:07:26 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mariopartylegacy.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
venatusmedia-d.openx.net/w/1.0/ Frame BD8D
171 B
590 B
XHR
General
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmariopartylegacy.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=05dfffaf-a78b-4f33-9ab0-5f82ad616a7b&nocache=1659956846691&pubcid=b4bb63c3-864b-49a6-8451-6f5b3ef2c69a&schain=1.0%2C1!venatus.com%2C58e3a82446e0fb000143f01b%2C1%2C%2C%2C&aus=300x250&divids=1003-58e3a84046e0fb000143f026-1&aucs=&auid=538731336
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
902cb088f0d97108454cf74c499a2b77c17019a7f3fa0164cbff419771c1435a

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mariopartylegacy.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame BD8D
24 B
525 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e69770edeb08f5433f1837a66c5a0e5095476d3d08a2d05ab9154a79df026b40

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 08 Aug 2022 11:07:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mariopartylegacy.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame BD8D
19 B
716 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 11:07:26 GMT
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
32cf8437-4066-42b2-abce-ab4fe0fa180a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mariopartylegacy.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame BD8D
18 B
318 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=54689881210
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Aug 2022 11:07:25 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mariopartylegacy.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
hb
ice.360yield.com/ Frame BD8D
99 B
520 B
XHR
General
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223920fff02db288f%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2271f95189-5c9a-4b83-80fc-e65c53ed3529%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22319b807b3257d6d%22%2C%22pid%22%3A%2222440556%22%2C%22tid%22%3A%228094f68f-2f25-41d1-bb5b-b0f8698e42ff%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.101.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-101-182.compute-1.amazonaws.com
Software
/
Resource Hash
72dd31f6e0e5591ff16a62eea25fdb348ebfaf86408b0009ff857bbdb925cb31

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mariopartylegacy.com
date
Mon, 08 Aug 2022 11:07:26 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
99
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ Frame BD8D
99 B
519 B
XHR
General
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22404b5395cf5b782%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fmariopartylegacy.com%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2258e3a82446e0fb000143f01b%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2271f95189-5c9a-4b83-80fc-e65c53ed3529%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232bcf08fc5609b4%22%2C%22pid%22%3A%2222440556%22%2C%22tid%22%3A%2205dfffaf-a78b-4f33-9ab0-5f82ad616a7b%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.101.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-101-182.compute-1.amazonaws.com
Software
/
Resource Hash
a572b69703d0e535fce95bd0040ef9a1b853422e566476b9f9feefc271c64de5

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mariopartylegacy.com
date
Mon, 08 Aug 2022 11:07:26 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
99
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
c
prebid.a-mo.net/a/ Frame BD8D
361 B
801 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
08dcad0774af115322765383f8c1d0ed7646d116a3a04dbe77bc2e1d474afbdd

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mariopartylegacy.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
145
content-length
233
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame BD8D
180 B
638 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fmariopartylegacy.com%2F&SafeFrame=true&CanonicalUrl=https%3A%2F%2Fmariopartylegacy.com%2F&PublisherDomain=https%3A%2F%2Fmariopartylegacy.com
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
ac7f72d6819d5345b2eeeb0bfd43cdb65e84fcc30ac42d5792bc96d21a188b7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
5
vary
Accept-Encoding
content-length
180
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mariopartylegacy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
adagio.js
script.4dex.io/ Frame BD8D
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2670575
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx018c9ad15ea74d8893432-00629f4bf5
x-amz-id-2
tx018c9ad15ea74d8893432-00629f4bf5
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXgoRfGvYcJkXZzhQag%2BcTZthQePr9G509AKMgjCwPMwKB0uLkdhtQm2o2qDNT2zk8xXJFU7X5f5Xj7DiEP%2FW5rfqgi0P0jYOEdpfb4YXYnKXanT0zPuRMBsq%2FOKRmGb1SESbo1pInLDarLM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
7377c9d44f017148-YUL
access-control-allow-headers
Authorization
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 11:07:26 GMT
bounce
ib.adnxs.com/ Frame 2BC6
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26ui...
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fpbs.venatusmedia.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fpbs.venatusmedia.com%252Fsetuid%253Fbidder%253Demx_digital%2526gdpr%...
0
0

runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C7F
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mariopartylegacy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
41445
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Aug 2022 23:36:41 GMT
expires
Mon, 07 Aug 2023 23:36:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C1DB
783 B
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_6ZNNaX_rv2bTBmy-MyuIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mariopartylegacy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-_6ZNNaX_rv2bTBmy-MyuIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 11:07:26 GMT
expires
Mon, 08 Aug 2022 11:07:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 5C7F
0
0

integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mariopartylegacy.com
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
99 KB
36 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2593348460633786&correlator=3358223362845308&eid=31064690%2C31068590%2C31068741%2C31068784%2C31068366%2C42531606%2C42531607%2C31067825%2C31068520&output=ldjh&gdfp_req=1&vrg=2022080201&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22756711119%2CVM_58e3a82446e0fb000143f01b&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C320x50%7C300x100%7C320x100&ifi=2&adks=1211667048&sfv=1-0-38&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D609525109ddea76a9b42dab2-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3D77ccc1d5-v6.6.0_fr%26pg_ld_id%3D4a80c64446cc261b0bdc08c1b1e6010d%26mo%3Dscan%26ac_id%3D58e3a7fb46e0fb0001b2d13e%26si_id%3D58e3a82446e0fb000143f01b%26pl_id%3D609525109ddea76a9b42dab2%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-08-03%252014%253A11%253A33%26ta_si%3D300x50%26rt_sh%3D0.6%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1659956846946&lmt=1659956846&dlt=1659956845465&idt=1106&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmariopartylegacy.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=132&ohw=1600&rtgs=1&max_w=320&max_h=100&min_w=300&min_h=50&ga_vid=1276586406.1659956846&ga_sid=1659956847&ga_hid=2003746559&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080201.js?cb=31068784
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
569397fdf7588b4a463b8c8db047c0e6bb7fb4d3c4fb29fb3ae91535c6940c71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36931
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mariopartylegacy.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
126 KB
45 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2593348460633786&correlator=977312973419186&eid=31064690%2C31068590%2C31068741%2C31068784%2C31068366%2C42531606%2C42531607%2C31067825%2C31068520&output=ldjh&gdfp_req=1&vrg=2022080201&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22756711119%2CVM_58e3a82446e0fb000143f01b&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3997522798&sfv=1-0-38&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D58e3a84046e0fb000143f026-1003%26hb_iv%3D1%26sv%3D1%26re_ve%3D77ccc1d5-v6.6.0_fr%26pg_ld_id%3D4a80c64446cc261b0bdc08c1b1e6010d%26mo%3Dscan%26ac_id%3D58e3a7fb46e0fb0001b2d13e%26si_id%3D58e3a82446e0fb000143f01b%26pl_id%3D58e3a84046e0fb000143f026%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-08-03%252014%253A11%253A33%26ta_si%3D300x250%26rt_sh%3D0.6%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1659956846949&lmt=1659956846&dlt=1659956845465&idt=1106&adxs=1100&adys=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fmariopartylegacy.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&rtgs=1&max_w=300&max_h=250&min_w=300&min_h=250&ga_vid=1276586406.1659956846&ga_sid=1659956847&ga_hid=2003746559&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080201.js?cb=31068784
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a55186a61047e6e0873c26d6256331f3fdbefe4d5b669dc678876aa6963d01f8
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2836735283095424985/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2836735283095424985/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSi1ZGNt_kCFUODgwgd1X4Enw&gqi=&layout=/sadbundle/%24csp%253Der3%24/2836735283095424985/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2836735283095424985/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2836735283095424985/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSi1ZGNt_kCFUODgwgd1X4Enw&gqi=&layout=/sadbundle/%24csp%253Der3%24/2836735283095424985/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45934
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Mon, 08 Aug 2022 11:07:27 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mariopartylegacy.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/
42 B
760 B
Fetch
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DeJa23jRNEA0qz_zdBKNq25CRByd9DbYD1GQqS-160wWrbOiXkma3RM8AOBrMK1XqjlxrSQRMgA9LRn31H36M-LoygByP_2ifSGEBv4ZKPN1-zEWnHJ_gF-H1xrnVXEGJ6EiOd8nQO49dZjfrbQWA8g7Q_0A&cry=1&dbm_d=AKAmf-BmuzN5Y9DRvpFCA0eLYL_-LT6FcZu9xUZdd-QgDwG3vfyCyuxZXIqoizEjgVA0wYKbbqYhKrw2imUuwSZyofJEEZqFEh2-3rVSSZaqVD5_I7mHPTxornqSuPeXJYmfThUqZUwiPGiXMTo3OXiTtUPVBikXBo0mgx2YMb1RjBtBTmAQOXkjDIrDb3-kOv_qxVvG6TdLCOamL9xzjPe-2pF_8gejbsn6vcJi48hZ2WHlP-I9he1I3MxWW-34Hdr6cJxq0kzSnhEFH1jq06-r_g_m2jSwwwdMxjAhsQFT4LICiGKqCaAewAXcbUkdnwJvRyIu-5YRrWEY4hhJoihBjSJKzkNwCn1YJLBRyTS48ZFBeExAFHWzmOOXElfEVelCgyu9A1qdarw4ihD2PEsEUGP5eoSfdwMHB6NgNP7KJGjrxBN7osRHj8V5aErLMBk6fiBe6d48N9DGgS473k4OvizL15UpGiclQc4zWMt1PJXTYxxhxIHndN_s1IgAKehnRD1RDlFa14InkANe1C1iqQ7HUBBewXm2CuDghXSSxpmaykDCrfhDn5KBOiyk_l9NPDiEHfJuB3eEIG1NH_fxaqpAqdcYcdwsFhE1ruX0dkKTHyAbkQHo1kmSnocPqTBgwAyYRjDZcgccjHx6wjgH2kh3F20PtYZh8HT3wrKuJgVyJALQam3XqTf0X8BIS9G3a9D9XhlvAd-a5rCJvR4HIRMiUOf0iqPXxH9_1wAKYCfWXVaTrS-W6Bo-42nKMucXizeW1gMXmvVvp3-6Cwvx3T2STCSfBojJMfWXwzFBiSi_frHXHUplNBro_zJLG5oofRgjA_9vY7f652BnU6UQRzp6Q5xHAtApQmVSXhXb_rtfn4nO-kRpTzsQd4A2FWXWJXiFh5IpOaBlt_YqlT8YdN1RRscCvhq9jnFuoA6QpbVf8qtCJztcEhiIQ0O77URbJHII27E4hp0JxX7f2qx4_0FnN43p_6b0wIGJOTGN4zk6R6wY4S9Tr5uBW0XIg7rvR8TQokVXDDWSKRQC58EU0x5qdffoMoBTwf4i1t_Xs8bNll796WO5jIJGtbfmPTSCYjgkeLg_6M4nE2zdtNLWadmLrcJeYMsxxk3qPYqXaftGl7pUuHJG5x-hcsUPWDwIa0Rr9gYFRelNono_Kqu7YNg5BODe58q7X3Wf4LfHYkYVvW9nxT43LyBY9gFvst46S-ZogvDnZ-VvanXwulRA6apmkm9cNPktkyuC071kFYoAVTj1MRgNTRTXMTbOs1CxPdCPZuxealn91uQRA79pldcihP-ifBBCN3ekvTJCN7bQ6cyP41-A7REuzGUanojFOl-RC_9U4XXwRuGPlCTkkWwoTgzTW6XjzHyez1vXyxllX_zZj9X4rXu8sxK7bUGBV-lmnVVkCq74FNePBPzH0foByAx09RzvNvbk9yntMxnAdP8XyvA9JMVjFJWq-zWhnFvYg_t8rDTfPUROe3XIIZ2xXeoeni-UlhbDZPUpqOu4P8aB9yjBFzxQzonYNQCwkJh0cIK5tw5QwlbiqkTy3CPX0jEYjvOw2xCDk_w-CG80jiWUb2zRby4fAxNkPN4BwOwGId0ozcZv5c96gR0Kd9eKax3BOea4WvOWVownUSO9UfTd6drbiWicMyryqZo4TWWDO3_4KUigVl5FvWD_KnEfMl59L7Mqf7mApXsZQvfPPF5DcXcMxYKR8dZVWH4gzJPsl0281fekpsnAMpvK8ToMGr1jygEgBGgxxPNppbbIiKAaPTg47yNUGmqsxgvZ-VnifJS9GegKdo3-IHPrroV2vOvhQpu6h3q3R1snmW6_Yh8Jn6ApS6Lnz1i7gn45ElPYPL14fim8SBTSHPYILJNCjlOxIyAu4bjEuafRLGb-bE0oKlJ07i5RErjN6e9DcdeFYgDsrbjYhmbytLwuGG3AB9OiOj57tNLSLz0UBEaDqTJP637Dx1yoN1oCTBM6WPpxECWy5qBM8zCt3IfAx_MkUM2szmQNcl1x4BxWyLnDrXX0ZZyEvccFhShCLodQSuObHJtYMMwiPJ74NwEnTcXyOBdPpxtTIZzA2Ef85NTayysffn474aw02D5lGyiZCJxVPOEsvPNtSwgxkobs8n9OKioHSAX3kB9N_njNfLcc8n8ElkUdRez1UGrv70xrSJzVAUw841H5v7Hbxl68IOn_-icXZm-83rmH9Jnj8cBaxLCdk0w6MBtwNmfSmCDI8MBx2iKNY1PAiIAgXfjcua0xrVFJjrPcqvOSyK9hnjS93WsvomfAR6YSd7lE9btxHcsHzyW-b82us62Z3A3m3x_Z1d5HC2zB3K4wbpgHTZgrA2H8JqDMk3fi3ZaLGiH8uII2IO90odUEwXgNnmsvZRLzH5phG4NVnwN6eOgs_gC_nzqqjtMnz_ogHB6g2GKipxs_PlZW4yLwWJoAQcy-DgW6gWJRrk4gu7y-yKBjIDzrnSFgW1NTvd5MOFO2WnUbdiBrddXR13Wdyu2y0zHx7S2CQWSbU1Cld9-7Ra8wgp6KYHUJ6FV1obihxIQ4T96BEYi0mHdwIoCbt7IoqRR1nk0PgmaBykhbt2p-VpHtytfN3qeVu0nZ1B7NzPNrBM5sF5FeY9EDAoJvGp8lPFiVYRhfKCLWAW8dHR0xaPHJ0so3XSytM7Oo_4S6i2X3Nixr4KRF1bd23kg38luWg-n6810onnNbf4J40McaK0jBB7VjdSU_ZfSlDESflT0NBJfABvMxE6Y77u5fX-brNqOgOvM0KetLGQkFl-VdUrYFvxoiJSixPKkp_YYj11LyDBB8opdyInV1W0eUK-WIIWilg5LGmLckkrjPXIihg21g9dYY_z6rnUHw3QVwM47BgGN0oAZE777WIE_KX9v-pieC1h10HfMCwUdlRtkVo3hpBph0k1F2U-JNeNLrf8HSVFp53jkxtW3vSXDsKx0CZZTxMgilFcH72r2u3vRhi8d76Kw07jNwwQ-B05tiGna68vC5TxY6Ih5tTQlKb8pEQJOsbAtDY4uxeCmSwFtbmBpdfKzniPW3qqSVp4HwWI7j7LQ5hQAkJJpej5ggofluuBIMmR94Oh7QujcTSgiOll1whEMmhv1ig4GAyCzF0bbuuIx9ZOhSMn-TZ0RAHjkSIUCXHc4zu12GQi6h0pdL20jT-TBCD-MF7Z4Dit8Vatn3jwAAMFnCw7tZPO0PFOXgYymmVd6NjC3fsnyBjhvYNSZ9IM842N42x1qEeHbJjS-0YRSMDqoi08gve08k-ZIY1yHrSTzLVh8VA1e1TsFOaFH_qnV-KvYoP-UiPhMsj2A4p_tEH72ySd62JSkgEdRxr9Ft8I-yjvP6vSxeD29ZWoMgFq1WVpUeIDfccIlGbdVLdUqcVQtwI4CtVeR1mGhfER1R8Ac3Lp018Y59m0AivIIdVCqeLxzGM0Gfvxg8F39q6BhpTG_N7MfCqwiHPCzouEK8qn7v4mfSUmcpG_-ZzFBCeQb1GtvWESpU1nk5ZQNRzs9ViWAJmNlZkboMXsRPT6W9pm1kBQjp5nrAUNWg8R-PneJsAgp1EaYmcErCbkgC716_GBU93LhIVtWkjAQt5UZB04-On8_y3MYPyoc9i0qE2Yr04DZN8cBNubR9Nq4o79UecC3Aze13LobvTSTuz81nD1a-ZKr3TDWwsvMGZAkmwHPBC1OBO18JowCqPo_iZG7TGyElOf2XuhlHZzHXOC3mHys7mwcBSl06KSZCNjuhOBiyiVvCbtHJd4cxUBZLX3H-ACfmbCc3ktYstjbHPc9rXAjRxzNXemznLX6vHIanWvMXhoHyroeCjX08Ua6btWetDhMjFDnw1PR5XabJf2_iKl2QQIWijrv-ipl8XIXNKHbfIJMQMC445SYmMaSlMd-2lzVgvNgZCxGeXbutohgmuHub-evfPsi6M9n8ZVDNAtNC0ydlDl3Z-V_tgn3nSuizmvmXuQMLIPYLKHX-bSY8gNMoGTbbR8AR5FtrLJ4z0XGl1Fvbl8a8b9VvPM4Lg2PYPoVEx-Yf1BZvo0GoRtoql8_QftRW2tSVfqIYfDpKowo2KXmVoOB78n1gUF0xKYtI_xZXATH3&cid=CAASJ-RomPPb1H5gxXBH1_FfANiJoWj9t_WampKFM__V3uQ-PpsZBuRYAg
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 11:07:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27549550.333499147;dc_pre=CK792ZGNt_kCFUoNaAgdKkkO8g;dc_trk_aid=526555602;dc_trk_cid=170542929;ord=779591183;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=1;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1072492.3874001MATTERKINDKIDS/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1072492.3874001MATTERKINDKIDS/B27549550.333499147;dc_trk_aid=526555602;dc_trk_cid=170542929;ord=779591183;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
  • https://ad.doubleclick.net/ddm/trackimp/N1072492.3874001MATTERKINDKIDS/B27549550.333499147;dc_pre=CK792ZGNt_kCFUoNaAgdKkkO8g;dc_trk_aid=526555602;dc_trk_cid=170542929;ord=779591183;dc_lat=;dc_rdid=...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1072492.3874001MATTERKINDKIDS/B27549550.333499147;dc_pre=CK792ZGNt_kCFUoNaAgdKkkO8g;dc_trk_aid=526555602;dc_trk_cid=170542929;ord=779591183;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=1;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: mariopartylegacy.com
URL: https://mariopartylegacy.com/
Protocol
H3
Server
142.250.80.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 11:07:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Aug 2022 11:07:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1072492.3874001MATTERKINDKIDS/B27549550.333499147;dc_pre=CK792ZGNt_kCFUoNaAgdKkkO8g;dc_trk_aid=526555602;dc_trk_cid=170542929;ord=779591183;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=1;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
creative.min.js
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/
156 KB
39 KB
Script
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/creative.min.js?v=779591183
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
2e65036ce0ba40406d607487576ff9bab54e3e423966e1f379667669de45bd8c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-request-id
H4GS5MXDSR6AVRNY
access-control-expose-headers
X-Geo
x-amz-id-2
pyHt7BWqBO53g+aDMmO0WbzCfCaxNQ210wJhjOIELqUoZk1aBZH/LtY0u5JnpMZhIu2xupji34A=
cdn-cachedat
07/07/2022 20:45:09
cdn-pullzone
388121
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"7c3a160b6fe6b8c07811b271792df959"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
KuvWqIaA0RGz6Gy80BSxrbwkNXdeoh76
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
f279d293562a200cb4180cce348c11b6
content-type
application/javascript
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
rx_lidar.js
www.googletagservices.com/activeview/js/current/
139 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43822
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659527892023609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 11:07:27 GMT
truncated
/
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d982a6679a78666367a93383469b8105b19dc1bd1489a94f73357590e8d81bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
mariopartylegacy.com.json
cdn.prvk.io/prvk-websites/ Frame
0
0
Preflight
General
Full URL
https://cdn.prvk.io/prvk-websites/mariopartylegacy.com.json?v=1659956847237
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://mariopartylegacy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
cache-control
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Geo
access-control-max-age
3000
cache-control
public, max-age=3600
cdn-cachedat
08/08/2022 11:07:27
cdn-edgestorageid
885
cdn-proxyver
1.02
cdn-pullzone
388121
cdn-requestcountrycode
CA
cdn-requestid
ab1db84da4e816d5d2fda20d3fe9a0d5
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-length
0
date
Mon, 08 Aug 2022 11:07:27 GMT
geo
CA
server
BunnyCDN-NY-885
x-amz-id-2
aMpN85rs/MFsgJnFLfEkG4I+glTm9ZNdwajH7RLsXSwL6BDZHdU2q/z+iZqNLjm6EIIC++mUkeU=
x-amz-request-id
FWD3TWQ9AKNF26WG
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOL_PGWrpXV0eT8rsmDVIgosvYNQ4_5tf9MvW1DZR8_NH1f5NbaxbtwwEVXbY6mzZ0oLsPqRtXvnLCaHJK7DNEK-kiTlzccj0Jv0XdFuAtSyS3BnqnbMk_aGXClppodhW8wgYlJCYjavPJgzu8szbhu5mAE8I3z2I7ozCKK7pt6XXgEQ59HGXTA8lEcJ2Rvw7ppax7Jr6tZQ7eOC6PJH1wf-4QQK0LOzdJv0XTEtmOndSrKKwWPaNGucxlAOxEVD0WM99bf75dj43kygMPPJ-aSkZcw4INJMc8_JwrEou8pkmrobwCVgR-nRsPagsii_vbur-x0Uz-omDPdeyrE59OLEK8AtTgxME7yBStPWuMROfU&sai=AMfl-YRhrd5bKFzLmBlDkEyC7NnUPT1DlHg4OXgv3rWv6MiCoLYdjXQQy6VtZSd2WR3MzjWOQ5gmR3_Pll94nhQUzztNpJdpAKu1B7ZPye2bwp0sH_24AzLSSyuKIewrNgA&sig=Cg0ArKJSzEqei97qb5xaEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 11:07:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 08 Aug 2022 11:07:27 GMT
matomo.js
ctrack.venatusmedia.com/
62 KB
62 KB
Script
General
Full URL
https://ctrack.venatusmedia.com/matomo.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.18.101.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-101-137.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
0ce713b6cef25179719f242dcfa4ed9e985f1443257722299df2768deeb5ab6e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
public
date
Mon, 08 Aug 2022 11:07:27 GMT
last-modified
Fri, 08 Oct 2021 14:44:50 GMT
server
nginx/1.20.1
etag
"61605962-f8bb"
content-type
application/javascript
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
63675
expires
Mon, 08 Aug 2022 12:07:27 GMT
/
api.ipify.org/
14 B
245 B
XHR
General
Full URL
https://api.ipify.org/?format=text
Requested by
Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/creative.min.js?v=779591183
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.220.57.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-57-224.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
2c381d93603f3780affb837e00934d0b7a3f82e655e99b5be3b6d30c24cd382d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 11:07:27 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
text/plain
Access-Control-Allow-Origin
https://mariopartylegacy.com
Connection
keep-alive
Content-Length
14
video-js.css
cdn.prvk.io/prvk-live/
44 KB
12 KB
Stylesheet
General
Full URL
https://cdn.prvk.io/prvk-live/video-js.css
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
9bc87e8ad9a1ff327cda2832b011e74ea1a9d3329d8073be9bcd162cc1e858ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-request-id
6NMWS8SFBEA43YTQ
access-control-expose-headers
X-Geo
x-amz-id-2
EZCr5aeNwuh6uqfqugZAdgqAjd/x/f635qSRSHHq5kz2sbLLtQAz/6w2wl8e1nArmb0sHrRwHuI=
cdn-cachedat
05/26/2022 08:12:25
cdn-pullzone
388121
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
geo
CA
server
BunnyCDN-NY-885
access-control-allow-origin
*
last-modified
Tue, 18 May 2021 16:32:33 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"13cc2ed05f4f7b5730bffafc2b2e4eb3"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
MHEkSz3pyskER7W__1UJuuRHRL10DJ66
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
64738fbab3a1aec5d6f6d810f39a3385
content-type
text/css
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
video.min.js
cdn.prvk.io/prvk-live/
545 KB
164 KB
Script
General
Full URL
https://cdn.prvk.io/prvk-live/video.min.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
a652d0e0a55a12ab819d2fd546e57671dfa60413f0414e0d906f14af9d339121

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-request-id
6NMH0ADT4A2KCG41
access-control-expose-headers
X-Geo
x-amz-id-2
7zGt7j2amwVXcpk8c0er5151cNe5r5vwNkXkXUR9V+S2UZ5UFOS82RafkN1lIl6RCzJyLC0+Vdw=
cdn-cachedat
05/26/2022 08:12:25
cdn-pullzone
388121
geo
CA
server
BunnyCDN-NY-885
last-modified
Fri, 06 Aug 2021 11:59:50 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"78f5adb75e7d3d4bee6d3a963cdc57f7"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
HssWnHG2NwV7eXrAecIkNevJjZngXoRX
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
f14af100b6ec82c63ad938f24fec8215
content-type
text/javascript
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
filteredips.txt
cdn.prvk.io/airbraker/
30 B
743 B
XHR
General
Full URL
https://cdn.prvk.io/airbraker/filteredips.txt?v=1659956847236
Requested by
Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/creative.min.js?v=779591183
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
8ee4b6a336e353ae9fdea9bbfb54913cfafaee61d2f744deeef8502aad01f1c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
JH6CDDB4KFZV5459
access-control-expose-headers
X-Geo
x-amz-id-2
7ShqabWTe5X4W4uASE9h0mLC52CpQ+bJUDOvDQx5yfQuDsiERDwy7SLvYv7WS7a/cLMiYWhgsBM=
cdn-cachedat
05/26/2022 08:09:11
cdn-pullzone
388121
content-length
30
geo
CA
server
BunnyCDN-NY-885
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 09:28:36 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"4243904a1d36fbf8f8de4a8a838b114a"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
x-amz-version-id
XlUwnIdEUSEOiOBY8rlRGZXoIv4a1ef.
cdn-requestid
92f380f7177f623fc7f36ec7747fbdb0
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
mariopartylegacy.com.json
cdn.prvk.io/prvk-websites/
387 B
941 B
XHR
General
Full URL
https://cdn.prvk.io/prvk-websites/mariopartylegacy.com.json?v=1659956847237
Requested by
Host: cdn.prvk.io
URL: https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/creative.min.js?v=779591183
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
fb27066048d81b2fe2b7f51021334decc0d5c8229331d981f5fb38e21fe01b7f

Request headers

Cache-Control
no-cache
Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
br
vary
Accept-Encoding
cdn-edgestorageid
885
x-amz-request-id
2Q2YXEV27CYFZKXT
access-control-expose-headers
X-Geo
x-amz-id-2
wp0VX4uHbNT10bP1eGd5MhB0o5l9r29htLzSEzXyeHplK5yue7IJ8zfbf+QP0uP/6QyX5p68EMw=
cdn-cachedat
08/05/2022 16:21:38
cdn-pullzone
388121
geo
CA
server
BunnyCDN-NY-885
access-control-allow-origin
*
last-modified
Fri, 05 Aug 2022 15:12:25 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6e316b9c77f2fbb2aa1e648987204a7e"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
0udzqABcHnlqaO2dPmt3gs_OfsnYxZQL
cdn-cache
STALE
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=3600
access-control-allow-credentials
true
cdn-requestid
798e00bd4a2104781c53fc3f30692100
content-type
application/json
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10840.jpg
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
9 KB
10 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10840.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
21366e9daf3b289865d8fea5f458ae1f517879d85e4da2e57c4146def6467b4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
FGXA4XJQE6M52X1X
access-control-expose-headers
X-Geo
x-amz-id-2
XpgEKKS8O26z8Rpzkk7Uki2Vf/Pho2SYx9JNVJI0mMbEOXIwAFqsL5rRkKEuqdNSlQ2ijkimmds=
cdn-cachedat
07/07/2022 20:45:14
cdn-pullzone
388121
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
9451
geo
CA
server
BunnyCDN-NY-885
access-control-allow-origin
*
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"9811e7e663e79ce6b3cbb6f00d69533f"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
x-amz-version-id
EpwxdH.t6FG_Flr58ynqg_iBlghNSgug
cdn-requestid
017ae7ab663f98047aeae12307946ad5
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10841.jpg
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
17 KB
18 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10841.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
4ec2cf6bf974e2b933a8f2deb2da26f05eb2c4654c3c62ebfa76f0956ea8d68b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
FGXAWDT0Y7TMZYF3
access-control-expose-headers
X-Geo
x-amz-id-2
T+B4/fSrQIQ8TmtvAXSid0Pi4WUPioDCCK3khPJbLwHmAovcg37AgON/5SP0CDr7kzd6wJHBK+o=
cdn-cachedat
07/07/2022 20:45:15
cdn-pullzone
388121
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
17595
geo
CA
server
BunnyCDN-NY-885
access-control-allow-origin
*
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"8408850265bc9d6a7e184544f2777b67"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
x-amz-version-id
toeC3.jTQJoXbCd00LhQrgp3zM4n_LAl
cdn-requestid
b5609fb968bef471e34c82da81d6b495
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10842.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
24 KB
25 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10842.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
d7cb15674371519528936052f2105a288e9c37da137e514919b2a2b9f7cb4bff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
XMBEKNHKEMR1HH5D
access-control-expose-headers
X-Geo
x-amz-id-2
mQxc9sdMuGifW1UXgBOV0wjsleIjw9DN6vQ3Q39rfUaAC4KusiL9u1BQG4KCL0MgkeUFuU7FE0Q=
cdn-cachedat
07/07/2022 20:45:15
cdn-pullzone
388121
content-length
24570
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"26ac86130499b705ba0c108fa905faef"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
VXhl9_P9CHzIXSEboO3KV83PKCQ0mgvm
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
9f17f4fa93310985ada31d6f0a76546e
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10843.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
92 KB
92 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10843.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
3b0002cafebd7bab637d5dfcb789cc8b8435d437f26316c5a36e16d7db7addd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
9M6PY7TJK434VX5B
access-control-expose-headers
X-Geo
x-amz-id-2
v2/CV6Fi0N0xAoJNi82ejzo1rYLOr9tH3mf98heQ17r4Rs6+cZK81OMq7gVISp60gmwfZ4GqELs=
cdn-cachedat
07/07/2022 20:45:17
cdn-pullzone
388121
content-length
93835
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"a641ec6c5b8b438b9ca5baa0c4215b32"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
Ma8g23Kree2eEI6CZ9IsaCrDQs.jrUNZ
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
9d2bf1af97f11b78ba17db0093954353
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10844.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
2 KB
2 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10844.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
64c7096f4777b08884bccf9c10ca18d722e892e98b3270d31184a17cd514e3d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
9M6Q23DF611RX7JX
access-control-expose-headers
X-Geo
x-amz-id-2
7IoKSjpPtaTPddETNnhuTl0MlzBSTZvdC07CO80e8rHOpIrPFAViCQLoMHCLEHmC+AF5hto9l4k=
cdn-cachedat
07/07/2022 20:45:17
cdn-pullzone
388121
content-length
1697
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"848890a906325532cd6b7ff0d6bb2762"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
jQB7Z_ZWxUKykvt89PsGAJ26zb45iyBj
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
eaa333822c92e8192a485a7884e1b224
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10845.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
2 KB
2 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10845.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
42f08a16dc4448c01d55702d919ca60d87a73149f9ed356c06750b1e38821bba

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
9M6SXF2GGQT4T6YA
access-control-expose-headers
X-Geo
x-amz-id-2
INPYJ4wR0aEqUM/5K9w/0iCn+gEIPtGYHF8qWUgwlATff0eM3yK11LxvR5eWwM63YQEn8VbDz4s=
cdn-cachedat
07/07/2022 20:45:17
cdn-pullzone
388121
content-length
1654
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"665b3e9031bd990ff0646b015172a8fc"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
8gau_vxTtGEV7jY54CaSWb05nOyp8E.0
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
7b4afd7f59e6fc8123fc7860a56c56be
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10846.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
247 B
914 B
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10846.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
4dacb8db8d50ebb93ad55a14385e4b48f0ec41e27aa7013f4d35ce7d2fdd5771

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
V0BJRK55751PFS2K
access-control-expose-headers
X-Geo
x-amz-id-2
gJHlGbg+kyClhmy/dQq2OjUKraXK/AHOJbBg42KZxiWmcO0SCxDW6SaROxBRh/Ifoc52RV5fcNA=
cdn-cachedat
07/07/2022 20:45:18
cdn-pullzone
388121
content-length
247
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"bc849cf602e6a340ae64cd4dcdff97c8"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
SGy0w0lLLjmIjunlBw1O1qcvMGz2z9JH
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
51566a5bbb01b930d06b2c556e8a37c2
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10847.jpg
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
9 KB
10 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10847.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
21366e9daf3b289865d8fea5f458ae1f517879d85e4da2e57c4146def6467b4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
JT8PEETCNAP2QMVH
access-control-expose-headers
X-Geo
x-amz-id-2
MZ/h0v36UMYB8qNCqNuzY1Ug9M9K8yw9kuA2QlxOqD6uh4BWnCI3Pv95Nm6y70XnTePMX46p2g8=
cdn-cachedat
06/30/2022 05:02:11
cdn-pullzone
388121
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
9451
geo
CA
server
BunnyCDN-NY-885
access-control-allow-origin
*
last-modified
Fri, 24 Jun 2022 16:33:27 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"9811e7e663e79ce6b3cbb6f00d69533f"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
x-amz-version-id
_2MHmNQbv82eFKZbZm3YJR3GWlHR_Wre
cdn-requestid
6158a4aa9446c835e8216a892ab7defd
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10852.svg
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
699 B
1 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10852.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
cef70c0ea5d079d130f2d7b33e0f85a3d15ab278d5dd2b5be2f31eb3a28d4731

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-request-id
V0BGAEPX8FJ2GN6A
access-control-expose-headers
X-Geo
x-amz-id-2
KmKXGaQ+kxkHmkOu3l03ugbWReMb1b3mYyVdO2rM3lNf3NUTq70SYswV6OGJU5MNCEEfZJL1Z7o=
cdn-cachedat
07/07/2022 20:45:18
cdn-pullzone
388121
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"0e190011d76e6e21098a575597c8ec6c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
VHusoTWPcEktKspWBfEkE0Rrtq3HnB0b
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
536ce60a4b17c0f7714d38a3c6e986d9
content-type
image/svg+xml
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10853.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
184 B
852 B
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10853.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
c05f4e77155f14dd740a09a7414f1be64776ae5c0c9ebb99261237ca39f0bd78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
0QN6TXVE0WYN8NRF
access-control-expose-headers
X-Geo
x-amz-id-2
WCljCZ5Su7md8jJ5iYtmuJ3O6XCHtbk+VQjZHLneLofqlvc46O2PKOd7o9XTLK1leu0FxOw/iqY=
cdn-cachedat
07/07/2022 20:45:19
cdn-pullzone
388121
content-length
184
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"45e0af28efadc075c2d14c8731a22266"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
F3WACsTXfi9Z8SiZKte68bu8CGz5Kdhg
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
7b82075c253d433a87c531213a7665dc
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10854.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
873 B
2 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10854.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
d3e4c87818d1d4b85d8c255e51aa048808fc40b6583991cdaa9636fa25b581e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
8PG98VE6GMW3QSYS
access-control-expose-headers
X-Geo
x-amz-id-2
g9rOQYfBAJ9rUgRJy58ugfwluFWTOE3x2Md8HNM/legzmxxY1tiWxDX0qtyYWkTSuEpgxg3cuVpEeAKMd4Z10A==
cdn-cachedat
07/17/2022 09:25:11
cdn-pullzone
388121
content-length
873
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"c1fa804767942c74dc592d4ce81a16d4"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
gM6kuAPgO7H8vQM1Db0ULb1t5k_s7dEA
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
8cddeb0cd9ab5e786547eb907aa0e308
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10855.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
839 B
1 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10855.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
b226b7baf999aa15afd3d662cb87e6fe7cd2b9beaee999b02421370642f8ce32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
0QNAQWXEXWE5V7Z5
access-control-expose-headers
X-Geo
x-amz-id-2
BDZU0c3Awe0GZB7YXXAesOVnn4Qlw8Y60rKpV2mR4f/3OUhTAotuKWZl6R35/cEWfBa6gbemU6o=
cdn-cachedat
07/07/2022 20:45:19
cdn-pullzone
388121
content-length
839
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"d75a30ad2bfe7e6e91f144f053e336fc"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
clj655kh6HWX3QOfLLp7ui8grrtdudcv
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
ad8e7a513bee3f4eff1a0c64c0651ddf
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10856.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
1 KB
2 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10856.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
570c60cd7e85a15bc9f0ebaccd11fc797f9fef791a6bd9946daced6d95ce9d4e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
0QNANEZHV2E8SEEP
access-control-expose-headers
X-Geo
x-amz-id-2
RUeTR4AXzLOqSzFmbmKj2o//72qusgXLtTrl0yRhTRCrjtgypk32rBXFraxs1pJw+lJZ2Pt7XzI=
cdn-cachedat
07/07/2022 20:45:19
cdn-pullzone
388121
content-length
1212
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"5aac7749d03b94e2a35c985d4d039850"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
xXZB.uxfH0dlB48gy1rZKun1axwa4cvN
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
8052b9b1d0cc63b0d5b09de8c7a49e2b
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10857.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
1 KB
2 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10857.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
b822027e302833893540cfbb889a264a38cdc2dae1bb3fd69b2ac77c6d9731e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
0QN00KP57JKABNYK
access-control-expose-headers
X-Geo
x-amz-id-2
SXN5ZVa8o5rQ/ScIz4zGAWTNB/giVERdpPlfI1YPNqnPrHqwopfNSxFcs0yerCtcg0GrUtHmMkU=
cdn-cachedat
07/07/2022 20:45:20
cdn-pullzone
388121
content-length
1182
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"f94f2ec234246cf696738c9b4ae982fd"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
5Nl5VStDdfjr6CQXinjHqaWr1qh5cHeb
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
55ae908f3edee15828242da7a52e4f54
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
project-asset-10858.png
cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/
1 KB
2 KB
Image
General
Full URL
https://cdn.prvk.io/studio/US-100170-NINTENDO-US/1263/assets/project-asset-10858.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
0881286a7949dc9b5d1b2ecc2e4f6de23468d7ecac17eed369e6e66e1ed1b6cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
cdn-edgestorageid
885
x-amz-request-id
HNVEG7QWAFFEKCRN
access-control-expose-headers
X-Geo
x-amz-id-2
Y11PQDNfWExxs10wuRqCZt38bPdvmPVJz8ptAj4p9whTe9NZDJwXXkdeoN7ZswdjJDEE4NGL5ms=
cdn-cachedat
07/07/2022 20:45:20
cdn-pullzone
388121
content-length
1170
geo
CA
server
BunnyCDN-NY-885
last-modified
Wed, 06 Jul 2022 08:08:07 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"11dea6bd7405d9b1bb00288b9843acdc"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
XMFcs.79INDaCPys9_ImoE9J_nC0MTMK
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
6c75e39af3cead3e071796bbdb580959
accept-ranges
bytes
content-type
image/png
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
browser
cdn.jsdelivr.net/npm/@airbrake/
46 KB
15 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@airbrake/browser
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edd1f7284a930d372603c97b394f201f29bcde7877f7739530182219a06a8d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mariopartylegacy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36775
x-jsd-version
2.1.7
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19139-FRA, cache-yyz4524-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"b7b7-YWJFRl7GBwR+0T06Fg/rq3oO9b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eT%2FbcNF9dg6RUUXuWi8BftzHh88YQnWl16MBZJt%2FKteXGMRMKYDPkHFjDE65dh6wzqPI3EAqi0VeWFAykaWFpGku%2FK4KKhjXLBmiFbsmwYhkn0PfkcigzSKSABVsUt2T69blR6yaMI3NH5jbyUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7377c9d82c747154-YUL
config.json
notifier-configs.airbrake.io/2020-06-18/config/391876/
220 B
592 B
XHR
General
Full URL
https://notifier-configs.airbrake.io/2020-06-18/config/391876/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.7&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&language=JavaScript
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@airbrake/browser
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:6800:3:9a1f:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49ee8bce73325fa29612499715385a37cc9709b5b69e610c4fe1bb794c73bf17

Request headers

accept
application/json
cache-control
no-cache,no-store
Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 05:03:25 GMT
via
1.1 413e6428a627e53beb32746ed7229af2.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jan 2022 12:12:22 GMT
server
AmazonS3
age
21843
etag
"e679c9ea6c22dea6c41b31e1ad256586"
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR52-C3
accept-ranges
bytes
content-length
220
x-amz-cf-id
4gI_CQ1yWqSUA-vUEFX5QnHsrmW1xz_gx3AYjeKHkzFmtSDMjlGR0g==
config.json
notifier-configs.airbrake.io/2020-06-18/config/391876/ Frame
0
0
Preflight
General
Full URL
https://notifier-configs.airbrake.io/2020-06-18/config/391876/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.7&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&language=JavaScript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:6800:3:9a1f:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://mariopartylegacy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
cache-control
access-control-allow-methods
GET
access-control-allow-origin
*
content-length
0
date
Mon, 08 Aug 2022 11:07:28 GMT
server
AmazonS3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 413e6428a627e53beb32746ed7229af2.cloudfront.net (CloudFront)
x-amz-cf-id
Up7GSbZzfGzTSzf5rDOdu-Tyi4oHuM5wi-DT2lctVbP3RNEpEJDBcQ==
x-amz-cf-pop
EWR52-C3
x-cache
Miss from cloudfront
notices
api.airbrake.io/api/v3/projects/391876/
91 B
419 B
XHR
General
Full URL
https://api.airbrake.io/api/v3/projects/391876/notices?key=8059adba5625ccce7845e05be32414ee
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@airbrake/browser
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.87.130.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-130-38.compute-1.amazonaws.com
Software
/
Resource Hash
f6d70034fb0a6b080d0c28b6b9705fdd8cda03fb0fdd08f3a108ab407beb6f3f

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

date
Mon, 08 Aug 2022 11:07:28 GMT
x-ratelimit-remaining
9999
access-control-allow-methods
OPTIONS,GET,PUT,POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Delay
x-ratelimit-delay
33
x-ratelimit-limit
10000
access-control-allow-headers
Accept,Origin,Content-Type,X-Requested-With
content-length
91
notices
api.airbrake.io/api/v3/projects/391876/
91 B
420 B
XHR
General
Full URL
https://api.airbrake.io/api/v3/projects/391876/notices?key=8059adba5625ccce7845e05be32414ee
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@airbrake/browser
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.87.130.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-130-38.compute-1.amazonaws.com
Software
/
Resource Hash
f6d70034fb0a6b080d0c28b6b9705fdd8cda03fb0fdd08f3a108ab407beb6f3f

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

date
Mon, 08 Aug 2022 11:07:28 GMT
x-ratelimit-remaining
9998
access-control-allow-methods
OPTIONS,GET,PUT,POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Delay
x-ratelimit-delay
33
x-ratelimit-limit
10000
access-control-allow-headers
Accept,Origin,Content-Type,X-Requested-With
content-length
91
matomo.php
ctrack.venatusmedia.com/
0
212 B
Ping
General
Full URL
https://ctrack.venatusmedia.com/matomo.php?action_name=&idsite=1&rec=1&r=516427&h=11&m=7&s=27&url=https%3A%2F%2Fmariopartylegacy.com%2F&_id=&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension4=https%3A%2F%2Fmariopartylegacy.com%2F&pv_id=gC0t8L&new_visit=1&pf_net=25&pf_srv=628&pf_tfr=78&pf_dm1=202&pf_dm2=332&pf_onl=0
Requested by
Host: ctrack.venatusmedia.com
URL: https://ctrack.venatusmedia.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.18.101.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-101-137.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 08 Aug 2022 11:07:27 GMT
content-encoding
none
referrer-policy
origin
server
nginx/1.20.1
vary
Origin
access-control-allow-origin
https://mariopartylegacy.com
access-control-allow-credentials
true
x-content-type-options
nosniff
x-xss-protection
1; mode=block
matomo.php
ctrack.venatusmedia.com/
0
212 B
Ping
General
Full URL
https://ctrack.venatusmedia.com/matomo.php?e_c=Creative%20Events&e_a=Script%20Loaded&ca=1&idsite=1&rec=1&r=580828&h=11&m=7&s=27&url=https%3A%2F%2Fmariopartylegacy.com%2F&_id=&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension4=https%3A%2F%2Fmariopartylegacy.com%2F&cvar=%7B%221%22%3A%5B%22Creative%20Name%22%2C%22US-100170-NINTENDO-US%22%5D%2C%224%22%3A%5B%22Website%22%2C%22mariopartylegacy.com%22%5D%7D&pv_id=gC0t8L
Requested by
Host: ctrack.venatusmedia.com
URL: https://ctrack.venatusmedia.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.18.101.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-101-137.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 08 Aug 2022 11:07:28 GMT
content-encoding
none
referrer-policy
origin
server
nginx/1.20.1
vary
Origin
access-control-allow-origin
https://mariopartylegacy.com
access-control-allow-credentials
true
x-content-type-options
nosniff
x-xss-protection
1; mode=block
matomo.php
ctrack.venatusmedia.com/
0
212 B
Ping
General
Full URL
https://ctrack.venatusmedia.com/matomo.php?e_c=Creative%20Events&e_a=Assets%20Loaded&ca=1&idsite=1&rec=1&r=575115&h=11&m=7&s=27&url=https%3A%2F%2Fmariopartylegacy.com%2F&_id=&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension4=https%3A%2F%2Fmariopartylegacy.com%2F&cvar=%7B%221%22%3A%5B%22Creative%20Name%22%2C%22US-100170-NINTENDO-US%22%5D%2C%224%22%3A%5B%22Website%22%2C%22mariopartylegacy.com%22%5D%7D&pv_id=gC0t8L
Requested by
Host: ctrack.venatusmedia.com
URL: https://ctrack.venatusmedia.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.18.101.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-101-137.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mariopartylegacy.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 08 Aug 2022 11:07:28 GMT
content-encoding
none
referrer-policy
origin
server
nginx/1.20.1
vary
Origin
access-control-allow-origin
https://mariopartylegacy.com
access-control-allow-credentials
true
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ib.adnxs.com
URL
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fpbs.venatusmedia.com%252Fsetuid%253Fbidder%253Demx_digital%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Db%2526uid%253D%2524EMXUID%26b64_redirect%3DaHR0cHM6Ly9wYnMudmVuYXR1c21lZGlhLmNvbS9zZXR1aWQ%2FYmlkZGVyPWVteF9kaWdpdGFsJmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1iJnVpZD0kRU1YVUlE
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| pm_tag string| pm_pid object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| twemoji object| wp object| offSide object| generateOffside object| closeElements object| slideoutLinks function| closeOffsideOnAction function| offside object| generatepressMenu object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __twttrll object| twttr object| __twttr object| gaplugins object| gaGlobal object| gaData number| __VM_COUNT function| $___render object| ADAGIO object| __VM object| googletag object| ats object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| _ADAGIO boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu object| nodes number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| vdrmDestroySkin object| _paq object| vttjs function| WebVTT function| videojs object| Airbrake object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

20 Cookies

Domain/Path Name / Value
.mariopartylegacy.com/ Name: _ga
Value: GA1.2.1276586406.1659956846
.mariopartylegacy.com/ Name: _gid
Value: GA1.2.995756416.1659956846
.mariopartylegacy.com/ Name: _gat_gtag_UA_84394370_1
Value: 1
mariopartylegacy.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mariopartylegacy.com/ Name: sharedid
Value: 71f95189-5c9a-4b83-80fc-e65c53ed3529
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.omnitagjs.com/ Name: ayl_visitor
Value: 86db0cf70863bc9821b8309c53ba4d75
.360yield.com/ Name: tuuid_lu
Value: 1659956846
.360yield.com/ Name: tuuid
Value: 9de3b15e-6f89-4d73-9b20-50ee4b14c2d9
.openx.net/ Name: i
Value: b4bb63c3-864b-49a6-8451-6f5b3ef2c69a|1659956846
.rubiconproject.com/ Name: khaos
Value: L6KNG4DZ-1J-9RR4
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEHld8eHy3b5O1WuCoMxA8a+JUixCbOKdq1qvqujlplhPPM7PX28U4sQuGi/0UuLAbETP2ciGOwXMBQn6AvuCLFYOb1prmjgTJQ37+e9GRocQ==
.prebid.a-mo.net/ Name: __amc
Value: 1_1659956846_1659956846
.a-mo.net/ Name: amuid2
Value: e8b6c96f-1072-4c88-8ec2-a2d4dab56370
.prebid.a-mo.net/ Name: sd_amuid2
Value: e8b6c96f-1072-4c88-8ec2-a2d4dab56370
.emxdgt.com/ Name: uid
Value: 53571659956846922829bc
.adnxs.com/ Name: uuid2
Value: 564237405372265290
.doubleclick.net/ Name: IDE
Value: AHWqTUkhRvV1XIJ7w7anHJSEq0YgLkFMoKrSEUHPtgq3hf_TmPx-oKqDURXyTjpvTgs
.mariopartylegacy.com/ Name: __gads
Value: ID=28a18f93136e891d:T=1659956846:S=ALNI_MYzMqOZ5niQrA1Jy1AzXBkF1VnFGA
.mariopartylegacy.com/ Name: __gpi
Value: UID=00000854b55cb454:T=1659956846:RT=1659956846:S=ALNI_MZY1IG6UK72ldQuNpm8I6HFQdw-FQ

4 Console Messages

Source Level URL
Text
javascript warning URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://api.airbrake.io/api/v3/projects/391876/notices?key=8059adba5625ccce7845e05be32414ee
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://api.airbrake.io/api/v3/projects/391876/notices?key=8059adba5625ccce7845e05be32414ee
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
ad.doubleclick.net
adservice.google.com
ap.lijit.com
api.airbrake.io
api.ipify.org
ats.rlcdn.com
bidder.criteo.com
cdn.jsdelivr.net
cdn.prvk.io
cdn.syndication.twimg.com
ctrack.venatusmedia.com
d1oykxszdrgjgl.cloudfront.net
e481a865dd2d34b41707abbd7e6a4c27.safeframe.googlesyndication.com
fastlane.rubiconproject.com
free.xjs.lol
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
mariopartylegacy.com
notifier-configs.airbrake.io
pagead2.googlesyndication.com
pbs.twimg.com
pbs.venatusmedia.com
platform.twitter.com
prebid.a-mo.net
script.4dex.io
securepubads.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
venatusmedia-d.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ib.adnxs.com
pagead2.googlesyndication.com
104.152.168.8
104.18.18.126
104.244.42.8
108.178.23.114
138.199.40.58
142.250.80.2
142.250.80.70
145.40.89.200
195.244.31.10
23.92.190.68
2600:9000:2162:6800:3:9a1f:ef40:93a1
2600:9000:2162:ee00:0:1651:6140:21
2602:803:c002:200::52
2606:2800:21f:5b71:3e29:d001:be46:4bcc
2606:2800:21f:c0ec:d236:5e26:ab36:2d30
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:2800:220:1410:489:141e:20bb:12f6
2606:4700:10::ac43:2483
2606:4700:20::681a:8a9
2606:4700::6810:5514
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80d::2008
2607:f8b0:4006:816::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2004
2a04:4e42:77::159
3.220.57.224
34.95.69.49
34.98.64.218
35.209.198.18
44.193.101.182
52.18.101.137
52.87.130.38
68.67.160.24
74.119.119.129
99.84.126.97
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e335d4d6e4403b6be6ab4c8b75b2a59c060e00f8b36a2e8626b4de3ff3da3b
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0801d8045c86660a7b29dcf4025273c8ad6dd45d89fd1ea13f608d074b13406f
0812fe1eca87b53058cf954b36e8b6c12fb15da281f92386acf6f0d800a2acbc
0881286a7949dc9b5d1b2ecc2e4f6de23468d7ecac17eed369e6e66e1ed1b6cb
08dcad0774af115322765383f8c1d0ed7646d116a3a04dbe77bc2e1d474afbdd
09591b6a34e140a991b7be68e2a5697ec2c3c8f39d761294aabda92e5e02d751
095ce7913e543fa079a0e91c892304486f466f5d3c8ea49d50501a1d08ddd72d
09c31a631cce7c0a5660a3c202a0bcb0f6e2a4e5aff9b533b68243839fad0d6e
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ce713b6cef25179719f242dcfa4ed9e985f1443257722299df2768deeb5ab6e
0edaf21554e0889aed8de9ec9e662e8247f3fad31fd795914a8822681bea1913
1110ab9b45bb1a2db197f78779e4318e0354d5c60eae1662111ab71f449cdd7d
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1a9088db892980834b1b6366f22a2a7e163f02ed3621b962006d4496be37168d
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee
21366e9daf3b289865d8fea5f458ae1f517879d85e4da2e57c4146def6467b4d
2207fcd49173cc015e51613f5e57b0adac1621a5b0aaa026b297da18be7ef1a4
2452de2f3b68eef684752159df8690ef90dfe2be0bacb957abcd6a9e0562e9e7
2c381d93603f3780affb837e00934d0b7a3f82e655e99b5be3b6d30c24cd382d
2e65036ce0ba40406d607487576ff9bab54e3e423966e1f379667669de45bd8c
2ec2fb171e1620562e36b696354c0aeb30f901ac6d5797a01b2301c8645de308
32c1b5de7ddf2c18f100065db9719cf4a67879dee3f6b14e8c4041f826fa4e62
3b0002cafebd7bab637d5dfcb789cc8b8435d437f26316c5a36e16d7db7addd0
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4016e5c000f30547fe4c066aa2afad9f2ca5db3d6717b4d0990fecfd1a301507
4087bec4d792d53309236b3da78efb45affedf853147c99bfbfe2bb785c7326b
424332ea0ecacff818cf7de57fd7968c0172f01776ff025a4d2a99540422d3f0
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
42f08a16dc4448c01d55702d919ca60d87a73149f9ed356c06750b1e38821bba
44f8bc68db1f9274972b51b3283af08ff15be71bb41d448eaa9b4f9cee9acee1
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a
49ee8bce73325fa29612499715385a37cc9709b5b69e610c4fe1bb794c73bf17
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b08db1943e625c7da2ec361aa24cb0e3d4bf4adaa0f715e8bde10732b11b360
4c65483f42b44d20cec8adc80e9bffb52b8896c97e5a3225dafa17a80e15b372
4cb32ec64c172379f3b33674d6ad45d1c5bb38601e17b9ee43597ba17a5c5350
4dacb8db8d50ebb93ad55a14385e4b48f0ec41e27aa7013f4d35ce7d2fdd5771
4ec2cf6bf974e2b933a8f2deb2da26f05eb2c4654c3c62ebfa76f0956ea8d68b
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d
52020354ae529af5b5b75613ac0f409ac978bdf73fdab032163ff58bbdc92bc9
5241b1f3a130927822313805ebd45fd9903b860883f0a3318fa07ffe85b20c8b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a389705b863e35578972d0a336c9cb65c962a5599314629159c47ba46ddcd0
569397fdf7588b4a463b8c8db047c0e6bb7fb4d3c4fb29fb3ae91535c6940c71
570c60cd7e85a15bc9f0ebaccd11fc797f9fef791a6bd9946daced6d95ce9d4e
584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48
5997b2d231bf8e1d62578e8ed7bc0b60e6751c7a87c1762f7e260f65d1bbeb30
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5
5b32009d78e3905b5795e394e00cb3fb5afbb912622323c581bbb856dfb560d5
5e939f7f2ddb20f90b0d03ff858ab310c3573e20abf16dd1f62609d0c06f9789
5f0d0dc37da096042a77e53ce42fdcc6152a6e606f453ab038cedd7dc088ddb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c34b945902ab85a4d8134bcbef2309558cef9b344777023e3acfac754ad430
627ee2509310793db792efd25325aa4ab2d6aee538cb0ab4f09e59713071c1d4
628492e9ee5248b3ae1bd504a7d60227a2e7a09b953b858784044d7d28844489
63440413f9b013a54631b329d428a96694a8e82c1c67a5f924e29ade9ffc45e0
64915189cf6e3e34eb8e680a124a2aea66409d7cc088f1f874c19bb728630207
64bf0c3d233dc7565ee549c782aa77ba609dac74162ab8d300eaa40d2484db0c
64c7096f4777b08884bccf9c10ca18d722e892e98b3270d31184a17cd514e3d7
65b732f979346682474a811814bfc94d23387f8294875196ad1311a3a9ccbff9
6624cfdb330a4273c33b550e5ae7440a7ef259e3c074b7b89bd27739bddfeb75
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8060b67a9bc601a234fad07a2ffdf1ba56bab8d4fe01fcdece885bce46f0aa
71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71
7181c93962530c41049c3aff9c3a0f4b0d03685ec63d22a39e3461e5628c09af
71cb0e6452376bbcd2d1b8c20cf508995e44d8fdd6ea5394604f4ccb4bc169ca
72dd31f6e0e5591ff16a62eea25fdb348ebfaf86408b0009ff857bbdb925cb31
732e093b7af9eb20bbae0d854548911684db64a17d4b69f0e31b81a928adb359
739292727f596929d88ff012ea27ffae6d90411d788068303bb9dee554b62f3f
76067d937543acc269bf1a86fa218447c5654b493c42c8c3bdbde3ba9257b0e5
76be95cf10e2dc894e3960e5a50d616b9fd9b3a874fc0cfba65d43c3b94e83dd
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
7c4388144313c54e5663e0b67d081b450dd51031a5cca8a2fbf11a1df0380663
7cd06ebcc99017e3dac76cf98fb6bb6e987be09d24173d6dd9859852e88f82b7
7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1
7edb913cc2ae8ff20b333bed70a5f70ee8356cd4e0ae04939855a879ab5d5eb0
7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8
8292e076c85520d9770a2739a10f142c0471931cf0107d528626fa9bc998a0d4
84e5902420c80249fae4e0c136ae1c78b9f977210e528d676a0cbd1f276a12e3
855735a62345bd8181c61f5cf427dd5ef9568b9d0d909d9168f2af835dd28e35
85e5961b6381291ee3f9e2928bd5c50e7db3636dcd3812ab6170cd0e06747f9d
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a68f733a4c556d63f4075e483fa51939f0a6de4675336226c1a15077ee92c71
8bc3da5b33cd26b6981332db2370e598f7eeb751ecfb7c67b7504b2d37956a12
8ee4b6a336e353ae9fdea9bbfb54913cfafaee61d2f744deeef8502aad01f1c7
8f139114bc9d6f02bac4f8db7962ebf7249d70cd72f7bc5516cc4bc3a0531c2f
8f6d71bd07bd89a8790b1ddfd9b59696c6b6adc258038b480727d1e95cbcb791
902cb088f0d97108454cf74c499a2b77c17019a7f3fa0164cbff419771c1435a
906917064249257d133929d88cd256cc0f0a85bfebea2ffe13ee28e749dc2230
92b19b5113efbbaf8335fe55e8aff7d74a625a2964ff63f55593100e30bd3a0b
92f1c3973f0fdeed0f764028a1415b11372c3ce61d8c08bdcebde53d66f93cff
96e389bc7e931917946bab3b7f6cb92a9949b7c13386c458f032b53602b0b69a
9755be0c168d11892adcf65aaa09cd3c671a262d4512e393bf542730a6a38aa8
9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38
9bc87e8ad9a1ff327cda2832b011e74ea1a9d3329d8073be9bcd162cc1e858ee
9d982a6679a78666367a93383469b8105b19dc1bd1489a94f73357590e8d81bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a55186a61047e6e0873c26d6256331f3fdbefe4d5b669dc678876aa6963d01f8
a572b69703d0e535fce95bd0040ef9a1b853422e566476b9f9feefc271c64de5
a652d0e0a55a12ab819d2fd546e57671dfa60413f0414e0d906f14af9d339121
a6e7afc11240946a02dfb818cac387effbd51da68303c31c278597f8610782d5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84d93033cfb20c017fcdb465504883f68f8cddef078b205b04b0cd73f0d8405
a96f14050e7aa247f75fa61e33a4920fd79744cb39929750a1ac7c9eff0c0e98
ab0776532b7dcde5b81aa4ee4f1ec961705f0b3a336f85827c2fb5f6342aa3c8
ac7f72d6819d5345b2eeeb0bfd43cdb65e84fcc30ac42d5792bc96d21a188b7f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b226b7baf999aa15afd3d662cb87e6fe7cd2b9beaee999b02421370642f8ce32
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b822027e302833893540cfbb889a264a38cdc2dae1bb3fd69b2ac77c6d9731e4
b884d92a693c2e1689e630dad72d23cb3775d4d9abc1c591f0a9439fa4b0d24f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf8fc5822554bde5b9a50bacee52f9e403200488ca0a995624e208a04267ee0c
bffc52e4169b20304573746cfa49a47bc01cd3f4411a331a1a389260a26747a3
c05f4e77155f14dd740a09a7414f1be64776ae5c0c9ebb99261237ca39f0bd78
c0f68a9595fd8ff81f5a765be4da5aa5ce13cbbb8d5f40e25a270bd86978c35b
c6f6d25594bb36ece49a086f833453906f388a3aec9a2e8568ba183807fc390b
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cef70c0ea5d079d130f2d7b33e0f85a3d15ab278d5dd2b5be2f31eb3a28d4731
d12b1b045cd56b5331058e7206493681cf4e4ba0cdfc8a9414f7b0f9cd8fe7ce
d27d1d5cebe4f2f1f96e3ac4bc7e70c9304eb9064b0683524d4b182411e092d9
d297edda9cc0ac8d1ea9ae162e30430673ac07b4d8a536051b27ab2d96037c27
d3e4c87818d1d4b85d8c255e51aa048808fc40b6583991cdaa9636fa25b581e4
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d4229c13df78b26b4f3bc63f75538c7de6781496432695f852823fc4c00f32ee
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7cb15674371519528936052f2105a288e9c37da137e514919b2a2b9f7cb4bff
d84628fdcbd80df1ec891a2d39af7837c748eaa2d7369fedd3e39cb902b04573
dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f
ded6a344cab6b04f35d5974166b765ea329aa309368373d916658c000e2e1cef
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69770edeb08f5433f1837a66c5a0e5095476d3d08a2d05ab9154a79df026b40
e77fe73d8650787c341220c14f16b4524b641fad87535ecbd450166dedb0f9a1
e7f1221205371bc4a07c46ca87b14bf621ec2a0873641d4acdde22c39edadfe8
e8594789a17e9bf0e37bcef8d25f4ac8f78d92ee5c2c630e1e22147f2eba83d9
e8dcc8dd399a0ee4d0aa4e532a3538028c007182df71143ce6840757a5d63b46
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed5de26e000ce68355e8de722c4bbd66964bc12b021001521b1fa2b42ea27c78
edd1f7284a930d372603c97b394f201f29bcde7877f7739530182219a06a8d09
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0136aad6c7311d404432d6a0ade2412a0c3ec17d37a0495ec5d811e2681e297
f437983f1cae20e921d0affac3a73d80d1ea8b92578f38144e06f50d42eb13d6
f6d70034fb0a6b080d0c28b6b9705fdd8cda03fb0fdd08f3a108ab407beb6f3f
f74f09e9fd96d0445dcd5c4ebf50055bd5d782f5ad346174a7d4f389adca17c6
f7a89d8edb260b58ede989d3b499765be906f60509dfce9ed08e9f9f4408036a
f7cf5be6c1bc7fa991a24dd34dcbe8ea2fd1e6beffd703750ec728a58da32e99
fb27066048d81b2fe2b7f51021334decc0d5c8229331d981f5fb38e21fe01b7f
fb6b06bb210b7da274a733722c2138fd72c508ab16837c0806c04fd576b40ed3
fe4f915ffcb03078459bc08bceb07b6a3158278caa6f4a86c1a01aa229e05e7a