urlscan.io logo urlscan.io
SecurityTrails logo

romsfun.com Open in urlscan Pro
172.67.75.236  Public Scan

Go To Rescan Add Verdict Report
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Submission: On March 04 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 16 domains to perform 157 HTTP transactions. The main IP is 172.67.75.236, located in United States and belongs to CLOUDFLARENET, US. The main domain is romsfun.com. The Cisco Umbrella rank of the primary domain is 604164.
TLS certificate: Issued by GTS CA 1P5 on February 22nd 2024. Valid for: 3 months.
This is the only time romsfun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 172.67.75.236 13335 (CLOUDFLAR...)
2 142.250.80.104 15169 (GOOGLE)
37 142.251.40.130 15169 (GOOGLE)
1 173.0.146.24 7979 (SERVERS-COM)
4 157.90.33.68 24940 (HETZNER-AS)
3 142.251.40.238 15169 (GOOGLE)
4 17 142.250.65.226 15169 (GOOGLE)
6 142.250.80.67 15169 (GOOGLE)
3 142.250.176.202 15169 (GOOGLE)
30 142.250.72.97 15169 (GOOGLE)
1 142.251.40.163 15169 (GOOGLE)
1 2 142.251.41.4 15169 (GOOGLE)
2 142.251.32.98 15169 (GOOGLE)
11 142.250.64.78 15169 (GOOGLE)
4 142.250.80.66 15169 (GOOGLE)
4 142.251.40.230 15169 (GOOGLE)
10 142.251.35.166 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
3 4 68.67.161.182 29990 (ASN-APPNEX)
4 142.250.80.98 15169 (GOOGLE)
157 21
19    172.67.75.236 (United States)

ASN13335 (CLOUDFLARENET, US)
romsfun.com
2    142.250.80.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f8.1e100.net
www.googletagmanager.com
37    142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
pagead2.googlesyndication.com
1    173.0.146.24 (United States)

ASN7979 (SERVERS-COM, US)
gk.achatecogida.com
4    157.90.33.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub1.1push.io
push-sdk.com
uidsync.net
3    142.251.40.238 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f14.1e100.net
www.google-analytics.com
17    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
6    142.250.80.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f3.1e100.net
www.gstatic.com
3    142.250.176.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f10.1e100.net
fonts.googleapis.com
30    142.250.72.97 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f1.1e100.net
tpc.googlesyndication.com
1    142.251.40.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net
fonts.gstatic.com
2    142.251.41.4 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f4.1e100.net
www.google.com
2    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
www.googleadservices.com
11    142.250.64.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f14.1e100.net
fundingchoicesmessages.google.com
4    142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
www.googletagservices.com
4    142.251.40.230 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net
ad.doubleclick.net
10    142.251.35.166 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f6.1e100.net
s0.2mdn.net
4    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    68.67.161.182 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
67 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
1 MB
25 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
ad.doubleclick.net — Cisco Umbrella Rank: 158
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 562
229 KB
19 romsfun.com
romsfun.com — Cisco Umbrella Rank: 604164
384 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647
71 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 321
435 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
73 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 256
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 316
63 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 124
2 uidsync.net
uidsync.net — Cisco Umbrella Rank: 51980
706 B
2 push-sdk.com
push-sdk.com — Cisco Umbrella Rank: 48863
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
153 KB
1 achatecogida.com
gk.achatecogida.com
1 KB
157 16
Domain Requested by
37 pagead2.googlesyndication.com romsfun.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
s0.2mdn.net
30 tpc.googlesyndication.com googleads.g.doubleclick.net
romsfun.com
tpc.googlesyndication.com
ad.doubleclick.net
pagead2.googlesyndication.com
19 romsfun.com 1 redirects romsfun.com
13 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
romsfun.com
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
10 s0.2mdn.net googleads.g.doubleclick.net
ad.doubleclick.net
s0.2mdn.net
6 www.gstatic.com googleads.g.doubleclick.net
romsfun.com
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 ad.doubleclick.net romsfun.com
www.googletagservices.com
4 www.googletagservices.com romsfun.com
www.googletagservices.com
3 fonts.googleapis.com googleads.g.doubleclick.net
romsfun.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googleadservices.com romsfun.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 uidsync.net push-sdk.com
2 push-sdk.com romsfun.com
push-sdk.com
2 www.googletagmanager.com romsfun.com
www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 gk.achatecogida.com romsfun.com
157 22

This site contains links to these domains. Also see Links.

Domain
modder.me
liteapks.com
Subject Issuer Validity Valid
romsfun.com
GTS CA 1P5		 2024-02-22 -
2024-05-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
gk.achatecogida.com
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
push-sdk.com
R3		 2024-02-15 -
2024-05-15		 3 months crt.sh
uidsync.net
Sectigo RSA Domain Validation Secure Server CA		 2023-12-30 -
2025-01-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 25 frames:

Primary Page: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Frame ID: 7B0879153C282149868D0A8B910102EA
Requests: 43 HTTP requests in this frame

Frame: https://romsfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Frame ID: BF55ADF9557C45A046811F1B5570B216
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 967A06C0CE1758FA49BDFF41D3128300
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&adk=1812271804&adf=3025194257&lmt=1709475918&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995216&bpp=3&bdt=744&idt=327&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4229961217723&frm=20&pv=2&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=349
Frame ID: D8C8855CD8979592504E74149A20199D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Frame ID: A700D519DFAAFAADF365CD7C5B605221
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D78397988D116C8E54B27762461C2875
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
Frame ID: A074FC09314A3722E03EF96363DB193C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 7BB182B46514DDA2A6E9DE178E08D010
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: F2FD7FBD6B08FAEE932EE2868D04681B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: D29EA82D04A25303BE9F3AE1B00DD7A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 3201DEABCF4D0307170421A49F280EA9
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: BE0C1377A112401E71F02104E420535B
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: AA4A01656AE9633E015AFB8A34BC5C3A
Requests: 10 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 437547F66182693CCD55D47A615F0121
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGMThv_cBMAE&v=APEucNVN1GhMIVZPZUPTEfPAXv6FY3o1IwSXpeIGaOO9oX4e9iuwl7GvBLs9yf_TUHVb_2Sd0nGM4zSBacngDLQitnf6k2pkpA
Frame ID: 72D1AB7308F579D34AE0A778CA38D8FF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
Frame ID: BEF2798B50BACC510411C9CAFEA5E9F0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2A9811AA23355DEF720B92164ECB7473
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=2857856867;ord=17ctrk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCMPhf--_lZcWmJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9DjZnX4FX9htFhzSSaR2YiXp0hEBZKogmTLaOKe2fFkCNiXr9DxNSgYzC50W6gLRFlepXaVuNygIB64mNJF71bNxIGwYZZRdWF6Ohx37Roo_QNJe3oR4oUpCKCKo6trCkCjgP1Z1TOJMlr6DVFKp_RS4XBbVHU0o8-D4ZKjqa8C0HxbAVaGd3K4W7-LzxYg3prpzMDEy5c0HrWHlJ_YzWFWI45KNdh99ywanpGnb44KTnlWb4kEsPQ4oM1JEsGsiurMYjK9yXQB1AK4V8PQ7cLWWABdj2j54bTtDYXRaAI2oIkXNQxXsOx7PwqCv7yh1st5goOk1_BPfbkgMPbIfojo8sAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBAKChCg_PuUk-Xa-BESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIhZDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgIDavD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_3G50p5nAgEIeOdE7SKBnwxArEyxA%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=189;prcl=s
Frame ID: 8FF58C3378920AFA0F9C01DD25C85634
Requests: 8 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if8swcCTIt9OP8JwHabRPVzKNZpFmRKHmQg4YqaXSUl3cUJUXR2imfVGiLpyxMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBEKCxDAxoC2ruPW0I0BEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIhpDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgLv4fD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_0UX9VWj57DxqNZWAsRCay9Unu4Ow%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=190;prcl=s
Frame ID: 0E0E6DF7C0DA34560667F7B3E6342ABA
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 089BCA24925DB533776F55E11249EFEC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 243502D86A8E44B5CBF432AF67D2D065
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
Frame ID: C0A31308108CD174233CFD06294F66BE
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
Frame ID: 786BF9CA906DDAAF0615ED4260FA3174
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 599DB34756CBD275E92FF744E5C4B2F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D1EB240C36D0A3AB6123BDD58CC5969
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download The Legend of Zelda: Majora’s Mask 3D ROM & CIA - Nintendo 3DS Game

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

157
Requests

96 %
HTTPS

0 %
IPv6

16
Domains

22
Subdomains

21
IPs

2
Countries

2560 kB
Transfer

6740 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://romsfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://romsfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Request Chain 44
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 45
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CS8RS--_lZbv8JaGTzLUP8MGL2AapifTvdePT54SoEpD6xtSRDhABIKLskiZg_aCZgegDoAHS_peZA8gBAagDAcgDywSqBP0BT9BQKHyTYfyXJ-NYXvf-bzik7lEnp2-zOxCjt5-tI1yGlSlarOe31z_TnrOAZ5U0EZEB3b1enuFiPdw7qd5PKN5b4lZ0Y4gyEBwQJDRP-Evc4_N7t88Sgr4dK52orPX49UOU_lWtewzWJp_CDKnjLoIgUprPYjZn1X-Ui1dIBo41HnbvfvZ1wSqjQS8Oa-LKU_WD_1H-cZfBXnApjQQEeiTPmj9UlU9Tg5HlCMnG1932W115jpv5QayGgv2TvOkNuRU8IFh1sCUJuPWZNxMos3pRYZd5JkA65JxaELV2X0L8FMI-mgli_JAetLuS4joqfez3C9CsTjkt41iOncAEnLiF4swEiAXY76zsTZIFBAgEGAGSBQQIBRgEgAeWgehmqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQhq1B0ggkCIBhEAEYHzICigI6CYBAgMCAgICAKEi9_cE6WPjK5Ij92oQDmgkpaHR0cHM6Ly9wY2FwcC5zdG9yZS8_YXA9YWR3JmFzPWdfcG1fY2FfaW6ACgHICwHaDBAKChDwwPLe1NrtjScSAgED2BMM0BUBmBYBgBcBshccChoIABIUcHViLTU5MTg5NzM5MTEzNjg3ODQYAA&sigh=_HWRFXNM0No&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqelidB7-vEBzzkJt-Pci4XUaGWCC1SiCt05AK28squEti_L_kKuRkmgKQBUZgKfN3dEdSWJAOlHuw8XiURK6aMf416bu4QgrpVgoYAQ&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x76a60b1746170b60000000000000000%22,%222%22:%220x52377a90c9f2dd080000000000000000%22,%223%22:%220xc484eafb4679eceb0000000000000000%22,%224%22:%220x8f9b4fa3029633780000000000000000%22,%225%22:%220xd6d45b3abb5019d20000000000000000%22},%22debug_key%22:%2212911641542237229715%22,%22debug_reporting%22:true,%22destination%22:%22https://pcapp.store%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22858128210%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212394342477184375505%22}&andc=true
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANskxHhapoLBSLphOG3P5s&google_cver=1
Request Chain 96
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeXv-dHM6EcAAC03ACqCQgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANskxHhapoLBSLphOG3P5s&google_cver=1
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEICNONa3dACLtoBD7c2ZUIk&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEICNONa3dACLtoBD7c2ZUIk%26google_cver%3D1
Request Chain 98
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTM0MDczMTQzNDk1MDE1Mw%3D%3D

157 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request the-legend-of-zelda-majoras-mask-3d-42754
romsfun.com/download/ 		44 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f98c98f1008b44be34b5c0b21e8e6c5fcb6fc8ea64f181a61909315f81a698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
85f3137bcb9b54d3-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 15:59:54 GMT
last-modified
Sun, 03 Mar 2024 14:25:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSgtLybYXXf6iNMLCcf0xZN87roGLLlJ8iJc1pLAtFhujewP%2BFOskpruUv2tPMoM6YFXw6pwmEV7KKzTcgwFC4ffYhnqHMQ7IcJlujHV0E8TBRV4giqXqeRr6Zoj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.css
romsfun.com/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/wp-includes/css/dist/block-library/style.css?ver=6.2.4
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
411892
cf-polished
origSize=104503
pragma
public
cf-bgj
minify
last-modified
Thu, 30 Mar 2023 19:28:40 GMT
server
cloudflare
etag
W/"6425e2e8-19837"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2B9N%2Fd3h%2FAPX%2Bg3YcWLiyH%2BDw4J0bKq2L8matLkNPhMIKnPIQGozmauSBZT3obo5ghvpXilPmJHCaDq2kIHlgNIjHJabfJbU%2FCd9TjsCAlabfowRL4403YYx1Obl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
85f3137d7e1f54d3-YYZ
expires
Fri, 29 Mar 2024 21:35:02 GMT
classic-themes.css
romsfun.com/wp-includes/css/ 		257 B
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/wp-includes/css/classic-themes.css?ver=6.2.4
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
425244
cf-polished
origSize=729
pragma
public
cf-bgj
minify
last-modified
Thu, 30 Mar 2023 19:28:40 GMT
server
cloudflare
etag
W/"6425e2e8-2d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4Jhu3CaR%2BoPwH3p868xNcUB9kQiBroY6qsqQ5NvU2W%2BTargObFr2qU0cRV17pgU11jn2F8uUhofy2cHe8kkUHITUlnuUdqqg6jzzkFq1oeY6Mf9B%2FsML%2BvaU5Y6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
85f3137d8e2254d3-YYZ
expires
Fri, 29 Mar 2024 17:52:30 GMT
bootstrap.min.css
romsfun.com/wp-content/themes/romsfun/css/ 		165 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/wp-content/themes/romsfun/css/bootstrap.min.css?ver=1.5
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1af6f48ed850aaf28e93595d93ad9a1df6a8ca49b312b949295acd356a87c42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
public
date
Mon, 04 Mar 2024 15:59:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 06:56:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
425244
etag
W/"65570e84-2953d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C699k8kW0a4MKBi4sePJbF70cYbpGeBUXG1g5elWr2CXw7Meg4MladNBT%2Fil7PSHpjsCn%2FNlaXVauFmSl2xQmCauZtelGa4HvCWJVjDxCBqiMToRqkP%2BJzZOs%2Bpg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
85f3137d8e2354d3-YYZ
expires
Fri, 29 Mar 2024 17:52:30 GMT
style.css
romsfun.com/wp-content/themes/romsfun/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/wp-content/themes/romsfun/style.css?ver=1.5
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6c3ad3689ef34118c6bedae55c05d8f8b60ab6d8fbcb476d514d66ae7dd0f6c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
411892
cf-polished
origSize=20512
pragma
public
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 16:57:41 GMT
server
cloudflare
etag
W/"65846e85-5020"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgW9uKjYHzXnP3iCfcgTubLs%2FTHwAI5WV9IDI2UFx9s5a62uLwqOqoZTfEzybHTi4skHYDxnSJ5YlVUcuJjYHkNUta1yU9rv53PzenCjtoPKdCgx%2FGpXzxvQz3ba"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
85f3137d8e2554d3-YYZ
expires
Fri, 29 Mar 2024 21:35:02 GMT
jquery.js
romsfun.com/wp-includes/js/jquery/ 		142 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/wp-includes/js/jquery/jquery.js?ver=3.6.4
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416344
cf-polished
origSize=292478
pragma
public
cf-bgj
minify
last-modified
Thu, 30 Mar 2023 19:28:40 GMT
server
cloudflare
etag
W/"6425e2e8-4767e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5qgLMwpUUWKzIrXeK9It3joMGr%2FRRuRL51lT69kW2faFVihIlt0eo4tN8aHKD%2FE6sQuhih0xEHxQmQVQBnmWPi22aioCkR6Y8D1vTyA4cJBLqzIU2qL%2F3RStbyv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
85f3137d8e2654d3-YYZ
expires
Fri, 29 Mar 2024 20:20:50 GMT
jquery-migrate.js
romsfun.com/wp-includes/js/jquery/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.0
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
425242
cf-polished
origSize=30789
pragma
public
cf-bgj
minify
last-modified
Thu, 30 Mar 2023 19:28:40 GMT
server
cloudflare
etag
W/"6425e2e8-7845"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJRjX2d9drwv3CxeDOuHmug%2F0zV9dvNVdAsfWc5XEl%2FRdeuLlUBXMxVke3SqPIuSBnrzhu0JOIjfTFpY9vEhy45ZuTR3J0GE02CtUPg2gZ2N%2F0sPDSOJdw1KFvY2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
85f3137d8e2754d3-YYZ
expires
Fri, 29 Mar 2024 17:52:32 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-89527130-9
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
00635c82556b38d46a22746a0272d0ef191d0ff6e5bdf7280105d347aecd0e3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71784
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Mar 2024 15:59:55 GMT
LOGO.png
romsfun.com/wp-content/uploads/2023/08/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://romsfun.com/wp-content/uploads/2023/08/LOGO.png
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ae41cf3d75e4cf8eaf59c856e80f2d65ac0cbc0f3bbf1534ce865dce64309d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337260
cf-polished
origFmt=png, origSize=3353
content-disposition
inline; filename="LOGO.webp"
content-length
1694
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Fri, 25 Aug 2023 20:00:32 GMT
server
cloudflare
etag
"64e90860-d19"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQSQym0gcsuHECc2rljsyiU1JpiWUM%2F9T3fd3FV2nttKyt4b0C%2BkNnjwlWPxz8w3Xfk9HjKckJiM7qKvvio0uqXBjZF51pEW9uijKQfMFhsBColrTNOXb3gRAFDl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
85f3137d8e2854d3-YYZ
expires
Sat, 30 Mar 2024 18:18:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
651ff70440e19a171c75ca856fc4e1d315627988af6129748b36c07ddbe85cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
Origin
https://romsfun.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51399
x-xss-protection
0
server
cafe
etag
5699445915780664984
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 04 Mar 2024 15:59:55 GMT
44075
gk.achatecogida.com/rgZ98uRjWork/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gk.achatecogida.com/rgZ98uRjWork/44075
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
173.0.146.24 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 15:59:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://romsfun.com
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
bootstrap.min.js
romsfun.com/wp-content/themes/romsfun/js/ 		162 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/wp-content/themes/romsfun/js/bootstrap.min.js?ver=1.5
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a090a9b8bbb0f86926f094f4f1543ba2a48b776baff36d6429f8a9639d741a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
public
date
Mon, 04 Mar 2024 15:59:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 06:56:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
425242
etag
W/"65570e84-289d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZtT2bL6GvArMXofQwv1ifOza5j5e2u0AKGbdkdMDUyCMWWKUIcDtYrX%2B2NRUAZLMIGp%2FiS4epWopvZ5aqxBTUwd2tmFVsRWGMk%2FsHgEd2Pk9h5ZoRAe%2FEh0MHT7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
85f3137d8e2a54d3-YYZ
expires
Fri, 29 Mar 2024 17:52:32 GMT
site.js
romsfun.com/wp-content/themes/romsfun/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/wp-content/themes/romsfun/js/site.js?ver=1.5
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3f5004d73e0fd91f6ec8bd3e9017a3ac49774c7af908da74daac5afe57cf3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
419766
cf-polished
origSize=9269
pragma
public
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 06:56:04 GMT
server
cloudflare
etag
W/"65570e84-2435"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDFBb2tZ86JjIC6tTHuMSwdIyDTz1S37flOKYEL5Y4P3nbzpYnwzZmT43k1aDcodTuLDoWlMShw0EOuJszO9SlEDwBY5mThqhuQK8L%2B8YIGKs%2BSCKIxQEoO649hM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
85f313807a8154d3-YYZ
expires
Fri, 29 Mar 2024 19:23:48 GMT
sdk.js
push-sdk.com/f/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://push-sdk.com/f/sdk.js?z=989323
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub1.1push.io
Software
nginx /
Resource Hash
00cc1d6f8359763349a09d2c5b32b6d1de9b0642a6838c22ee34e9b329447da5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
content-encoding
gzip
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate
server
nginx
content-length
14884
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
Super-Monkey-Ball-3D-3ds-300x267.jpg
romsfun.com/wp-content/uploads/2019/11/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://romsfun.com/wp-content/uploads/2019/11/Super-Monkey-Ball-3D-3ds-300x267.jpg
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1adbcaf7611325f71a5bd92543481e92fe997668280786bdeacadff5cff44b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
424815
cf-polished
origSize=26146, status=webp_bigger
content-length
26138
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sat, 30 Oct 2021 19:56:25 GMT
server
cloudflare
etag
"617da369-6622"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB%2Fc0xhyDBSh3INfRCOh0sP%2FB91GoCIgQWsDrNj7qZ4%2BmiHHRFm73A6X1L30EMHrdS%2FKjlOVxMve9jqnxZKZ2wVlUH8mmPQLB3cR7Or8zdQXQFf4y9nPUd3yVUx9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
85f31380db4054d3-YYZ
expires
Fri, 29 Mar 2024 17:59:40 GMT
A-DC-Comics-Adventure-3ds-300x266.png
romsfun.com/wp-content/uploads/2019/11/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://romsfun.com/wp-content/uploads/2019/11/A-DC-Comics-Adventure-3ds-300x266.png
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1d44cdd22a100613e81b5f3d0cb5ab21376e199b4948e7a9c470c8a5b9f55b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
405822
cf-polished
origFmt=png, origSize=44893
content-disposition
inline; filename="A-DC-Comics-Adventure-3ds-300x266.webp"
content-length
42358
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sat, 30 Oct 2021 19:58:01 GMT
server
cloudflare
etag
"617da3c9-af5d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFSOUnyNbExUezk8F3VOedkECfVm7lAgf5uB7fSa9W2pjnZ63Ji7xadTBwhXiaHLSZEKovHiU99qkoDRpc8ez1zulb1OC1%2Byi8kE%2B3KMlzK2kYONxpJGKZm3bYA4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
85f31380db4954d3-YYZ
expires
Fri, 29 Mar 2024 23:16:13 GMT
uPeKrke-300x136.png
romsfun.com/wp-content/uploads/2023/10/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://romsfun.com/wp-content/uploads/2023/10/uPeKrke-300x136.png
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e71ad1828d9a36e7280c7fdb551b1c21480db8ecab5b59d8619b8669e88cc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
394954
cf-polished
origFmt=png, origSize=71742
content-disposition
inline; filename="uPeKrke-300x136.webp"
content-length
52326
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sun, 08 Oct 2023 08:49:21 GMT
server
cloudflare
etag
"65226d11-1183e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7FcPuIvvxksjlkgTayylnVqyasUfS7kt7mX00fMX%2FhwQKWdYh8bgcchPIMDORpe0uZNzlg8TvIsYlCRWmlWtRTKd0u3I8vwDQNyDykfLC%2BxVhs1sDE8kHNtPGQf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
85f31380db4c54d3-YYZ
expires
Sat, 30 Mar 2024 02:17:21 GMT
Phoenix-Wright-Ace-Attorney-3ds-300x268.png
romsfun.com/wp-content/uploads/2019/11/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://romsfun.com/wp-content/uploads/2019/11/Phoenix-Wright-Ace-Attorney-3ds-300x268.png
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e165f606257cb391e869a314341eeab48913b3f6871b8de063e15b6b169532f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337312
cf-polished
origFmt=png, origSize=36041
content-disposition
inline; filename="Phoenix-Wright-Ace-Attorney-3ds-300x268.webp"
content-length
33492
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sat, 30 Oct 2021 19:57:01 GMT
server
cloudflare
etag
"617da38d-8cc9"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALydg4qIc4dI8rmyEahcwt%2FYVpDVzqNwlTpDFV6ts%2BN4mMx85Ct2qcza8AxJ%2FXXqfhB0HXEKVbEY0vhi5UCpNRM6pje%2FhL8q03M7%2FjMl1FuLm6PVljfLCEefJpla"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
85f31380db5054d3-YYZ
expires
Sat, 30 Mar 2024 18:18:02 GMT
Etrian-Odyssey-Untold-The-Millennium-Girl-300x257.png
romsfun.com/wp-content/uploads/2019/11/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://romsfun.com/wp-content/uploads/2019/11/Etrian-Odyssey-Untold-The-Millennium-Girl-300x257.png
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8834e3ba46a17a042a0b7f58364b530cfa0b38f2808aa0fca17ef631d30bbf27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
411486
cf-polished
origFmt=png, origSize=35372
content-disposition
inline; filename="Etrian-Odyssey-Untold-The-Millennium-Girl-300x257.webp"
content-length
32266
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sat, 30 Oct 2021 19:46:16 GMT
server
cloudflare
etag
"617da108-8a2c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FqvqIh8vAX70HfiF6C3n2Ag%2Bai%2FHp%2FocwpgL1shL4d5pZb9px1FOgpsFGpt88y7y%2BedngMnMeRL56MVudWLliMceKfp2bTZnUE5RxaQEhpfIsArqEwbK47Ww4UT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
85f31380db5154d3-YYZ
expires
Fri, 29 Mar 2024 21:41:49 GMT
The-Chase-Begins-3ds-300x262.png
romsfun.com/wp-content/uploads/2019/11/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://romsfun.com/wp-content/uploads/2019/11/The-Chase-Begins-3ds-300x262.png
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b09efb8aa9423a2c9a42ab7f266effd2129f532d8f491450f6fe00925403f38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
419680
cf-polished
origFmt=png, origSize=39283
content-disposition
inline; filename="The-Chase-Begins-3ds-300x262.webp"
content-length
36632
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Sat, 30 Oct 2021 19:55:38 GMT
server
cloudflare
etag
"617da33a-9973"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFbzAiEjLZ4zqRAdTX984GVyg7qnsLBLsGtuj3dYo1tqr2QBzhO8Mk9HeQFLfDdYKNY2IcW11dtblv07ejmndH%2F688ilf5%2BZIIXSCjIa7nBqeVCWOgJIlx28agBy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
85f31380db5454d3-YYZ
expires
Fri, 29 Mar 2024 19:25:15 GMT
main.js
romsfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/ Frame BF55
Redirect Chain
  • https://romsfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://romsfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22223631ac9e8b247b66e291f629756905b2a44de2e8d9f83bb7d7d2b5f2ea0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bedJ8lOyz%2Bhh2fcx%2FOsGFu9glsegyPMlY0CfrYTR5tRYCydGt79jUccCrytf35h37djlBLr1AQQ4iYOP36Vl0CTvju5XSqyvwFFA3ga0nGOj2ApqqwaXEO8XzcdR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85f313813bbc54d3-YYZ

Redirect headers

date
Mon, 04 Mar 2024 15:59:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUIfWCAg9IgBTITxiNwCaRc418Mfrb2Mya6XR2kT1VcL%2Fy%2B7OpR2zt7bYbthtQciFX3j3UMIrWjMEyKzb79DXOe2cXlSg2Q0z%2Btq33reIty7JyYZTGOZSx%2BAzLDM"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
85f313811b9154d3-YYZ
85f3137bcb9b54d3
romsfun.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame BF55 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://romsfun.com/cdn-cgi/challenge-platform/h/g/jsd/r/85f3137bcb9b54d3
Requested by
Host: romsfun.com
URL: https://romsfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
85f31381ecbc54d3-YYZ
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weAp0AHdswRPg41phYNn9mp3Sw0gVmlo8WVgUOomT3ac%2FECeGJmpXXBpQ067mC%2Fre59pOwh6xJB4%2BYAAZw92yPBwgp0s5oSDDe34wg60T%2By3e%2Bu5ZPLwHxopGUeU"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		232 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CXR95QZ9B0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89527130-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0d88cb482955b2ae3785845ff5ba79f03856a71bf96d956f5059ef4e3db9233c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84341
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Mar 2024 15:59:55 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89527130-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Mar 2024 14:06:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6792
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 04 Mar 2024 16:06:43 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ee037d8a21e982c352a8f2687300d4cb90961fc846172c5b08885056f1cd4f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140894
x-xss-protection
0
server
cafe
etag
5470199961912560593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 15:59:55 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame 967A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
43901
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 03:48:14 GMT
etag
5035419970550746386
expires
Mon, 18 Mar 2024 03:48:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
168 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CXR95QZ9B0&gtm=45je42t1v9124653601za220&_p=1709567994975&gcd=13l3l3l3l1&npa=0&dma=0&cid=744576921.1709567995&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1709567995&sct=1&seg=0&dl=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&dt=Download%20The%20Legend%20of%20Zelda%3A%20Majora%E2%80%99s%20Mask%203D%20ROM%20%26%20CIA%20-%20Nintendo%203DS%20Game&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1150
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CXR95QZ9B0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://romsfun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=665041169&t=pageview&_s=1&dl=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&ul=en-us&de=UTF-8&dt=Download%20The%20Legend%20of%20Zelda%3A%20Majora%E2%80%99s%20Mask%203D%20ROM%20%26%20CIA%20-%20Nintendo%203DS%20Game&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=602561806&gjid=292654634&cid=744576921.1709567995&tid=UA-89527130-9&_gid=231556962.1709567995&_r=1&gtm=457e42t1za220&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1861307731
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://romsfun.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://romsfun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D8C8 		487 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&adk=1812271804&adf=3025194257&lmt=1709475918&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995216&bpp=3&bdt=744&idt=327&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4229961217723&frm=20&pv=2&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
255737da99067f5c3514d77ef41da765f9e85d3028e50120d4670d3313023791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
105109
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:59:57 GMT
expires
Mon, 04 Mar 2024 15:59:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A700 		124 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
568b5754961df1a0f2a68406380b1fe28743aff85c6b3f76dabc0db1fcda1eb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42778
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:59:56 GMT
expires
Mon, 04 Mar 2024 15:59:56 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
event
push-sdk.com/ 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://push-sdk.com/event?z=989323
Requested by
Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=989323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub1.1push.io
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://romsfun.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:56 GMT
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://romsfun.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
sync
uidsync.net/ 		62 B
706 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=MfSGjKyoe3DJDbSSCl3LU6
Requested by
Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=989323
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub1.1push.io
Software
nginx /
Resource Hash
2425d8b6d3ffef2aca4ab55e854b139244a0b812c57701baedd3c86929eb1252

Request headers

Referer
https://romsfun.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://romsfun.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
62
expires
Tue, 11 Jan 1994 00:00:00 GMT
sync
uidsync.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=MfSGjKyoe3DJDbSSCl3LU6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub1.1push.io
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://romsfun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://romsfun.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date
Mon, 04 Mar 2024 15:59:57 GMT
expires
Tue, 11 Jan 1994 00:00:00 GMT
pragma
no-cache
server
nginx
a557c05b701b7d3041e507ef957cdd82.js
www.gstatic.com/mysidia/ Frame A700 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a557c05b701b7d3041e507ef957cdd82.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3757
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 06:25:58 GMT
28ac136d23e320f0ea96c52bdea5c3fe.js
www.gstatic.com/mysidia/ Frame A700 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/28ac136d23e320f0ea96c52bdea5c3fe.js?tag=text/vanilla_highlight_ms_cta_adjustment
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
837931d8e29264b164889ae52f00fb11c2d89404f45f97906e5c4e78bf7c3c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4621
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 18:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 28 May 2024 09:09:17 GMT
css
fonts.googleapis.com/ Frame A700 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 15:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:37:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 15:59:56 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame A700 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:25:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
56083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Mar 2024 00:25:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame A700 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 20:06:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
71586
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 20:06:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame A700 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 17:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
79239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 17:59:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame A700 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 20:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
69858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 20:35:38 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A700 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:57:12 GMT
eea50308dcf9de2b0c0fe89d3b5a5e83.js
www.gstatic.com/mysidia/ Frame A700 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
292321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15206
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 06:47:55 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D783 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:55:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A700 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2a10177a344db880402f7ac9cd365ec2fa664d0d97c93ef54048bccd54c6f70

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A700 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:51:34 GMT
x-content-type-options
nosniff
age
457703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 08:51:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D783
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:59:57 GMT
expires
Mon, 04 Mar 2024 15:59:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:59:57 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame A700
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CS8RS--_lZbv8JaGTzLUP8MGL2AapifTvdePT54SoEpD6xtSRDhABIKLskiZg_aCZgegDoAHS_peZA8gBAagDAcgDywSqBP0BT9BQKHyTYfyXJ-NYXvf-bzik7lEnp2-zOxCjt5-tI1yGlSl...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x76a60b1746170b60000000000000000%22,%222%22:%220x52377a90c9f2dd080000000000000000%22,%223%22:%220xc484eaf...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x76a60b1746170b60000000000000000%22,%222%22:%220x52377a90c9f2dd080000000000000000%22,%223%22:%220xc484eafb4679eceb0000000000000000%22,%224%22:%220x8f9b4fa3029633780000000000000000%22,%225%22:%220xd6d45b3abb5019d20000000000000000%22},%22debug_key%22:%2212911641542237229715%22,%22debug_reporting%22:true,%22destination%22:%22https://pcapp.store%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22858128210%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212394342477184375505%22}&andc=true
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:57 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x76a60b1746170b60000000000000000","2":"0x52377a90c9f2dd080000000000000000","3":"0xc484eafb4679eceb0000000000000000","4":"0x8f9b4fa3029633780000000000000000","5":"0xd6d45b3abb5019d20000000000000000"},"debug_key":"12911641542237229715","debug_reporting":true,"destination":"https://pcapp.store","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["858128210"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"12394342477184375505"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 15:59:57 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 15:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x76a60b1746170b60000000000000000","2":"0x52377a90c9f2dd080000000000000000","3":"0xc484eafb4679eceb0000000000000000","4":"0x8f9b4fa3029633780000000000000000","5":"0xd6d45b3abb5019d20000000000000000"},"debug_key":"12911641542237229715","debug_reporting":true,"destination":"https://pcapp.store","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["858128210"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"12394342477184375505"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
pagead2.googlesyndication.com/bg/ Frame A074 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5918973911368784&output=html&h=280&slotname=2655373911&adk=168499534&adf=4188053725&pi=t.ma~as.2655373911&w=1110&fwrn=4&fwrnh=100&lmt=1709475918&rafmt=1&format=1110x280&url=https%3A%2F%2Fromsfun.com%2Fdownload%2Fthe-legend-of-zelda-majoras-mask-3d-42754&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709567995219&bpp=2&bdt=747&idt=359&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4229961217723&frm=20&pv=1&ga_vid=744576921.1709567995&ga_sid=1709567996&ga_hid=665041169&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95324161%2C95325784%2C95326437&oid=2&pvsid=113803897568305&tmod=721269319&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
3ea63ff6200af33c2e3336075436f8b40178b04fb7b77849252ed5bde6f9c5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:01:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
457098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20143
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 09:01:39 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
987d560888d1353cea1a8efdd87913732c88b7cbb73942c197a44a8ef2aed320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57339
x-xss-protection
0
server
cafe
etag
3978960801793608647
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 15:59:57 GMT
ca-pub-5918973911368784
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5918973911368784?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
b21bf8cd38ab8e8369ecedc7f888bc80f669f167103740351d9a340e7d68a287
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7Giu_1almh8yhdWp8mkD8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-7Giu_1almh8yhdWp8mkD8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTD8ff-9PVsAiuuzpvNCAAIOi2m"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x76a60b1746170b60000000000000000%22,%222%22:%220x52377a90c9f2dd080000000000000000%22,%223%22:%220xc484eafb4679eceb0000000000000000%22,%224%22:%220x8f9b4fa3029633780000000000000000%22,%225%22:%220xd6d45b3abb5019d20000000000000000%22},%22debug_key%22:%2212911641542237229715%22,%22debug_reporting%22:true,%22destination%22:%22https://pcapp.store%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22858128210%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212394342477184375505%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 15:59:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 7BB1 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
78177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 18:17:00 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 18:17:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame F2FD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
78177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 18:17:00 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 18:17:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame D29E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
78177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 18:17:00 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 18:17:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 3201 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
78177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 18:17:00 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 18:17:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWfjx9mNdf8MIAlpl6TxkqgD7d8j_n4a-3iwlk65ULr2tiUdlzJhkpKz_BZ10UDgAb5YTAhASNaGHi5WFAywbD1mbY8s2LauH01CDW75KcvgAPo1IaK2XPuorwTddW7-phTXtgwAw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWfjx9mNdf8MIAlpl6TxkqgD7d8j_n4a-3iwlk65ULr2tiUdlzJhkpKz_BZ10UDgAb5YTAhASNaGHi5WFAywbD1mbY8s2LauH01CDW75KcvgAPo1IaK2XPuorwTddW7-phTXtgwAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTY3OTk3LDQ0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yb21zZnVuLmNvbS9kb3dubG9hZC90aGUtbGVnZW5kLW9mLXplbGRhLW1ham9yYXMtbWFzay0zZC00Mjc1NCIsbnVsbCxbWzgsInZ6ck52SFEtY3lvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
a328289a559acfad426bad8d264671b79908da8b3d3b6ccdf1b5d589c52d0043
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b2W2OnWQgYDc8KeYIgJvjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-b2W2OnWQgYDc8KeYIgJvjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw1pBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ5-tLJgkg1gDiHT4eLHzrprOqALHu-umsoUAc83w6awoQO6XPYA0CYp_6GawxQCzEw_H3_vT1bAIrdsx6yggAPpQy0Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 7BB1 		5 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 15:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:27:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 15:59:57 GMT
css
fonts.googleapis.com/ Frame BE0C 		6 KB
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 15:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:27:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 15:59:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BE0C 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:25:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
56084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Mar 2024 00:25:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame BE0C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 20:06:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
71587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 20:06:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BE0C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 17:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
79240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 17:59:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BE0C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 20:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
69859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 20:35:38 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BE0C 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:57:12 GMT
eea50308dcf9de2b0c0fe89d3b5a5e83.js
www.gstatic.com/mysidia/ Frame BE0C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
292322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15206
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 06:47:55 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 7BB1 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:11:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
78480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6454
x-xss-protection
0
server
cafe
etag
7487576354850247333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:11:57 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7BB1 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:01:33 GMT
x-content-type-options
nosniff
age
457104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 27 Feb 2025 09:01:33 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7BB1 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:01:30 GMT
x-content-type-options
nosniff
age
457107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 27 Feb 2025 09:01:30 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 7BB1 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 22:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
63906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9093
x-xss-protection
0
server
cafe
etag
981128176822753981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 22:14:51 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame AA4A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Mar 2024 16:22:13 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame AA4A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
dd31c0b46a521b86cf4e7987d86f0a32882f41398aed74e469a2f3ecb94cc92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
78451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14270
x-xss-protection
0
server
cafe
etag
943477232628213006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:12:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame AA4A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 17:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
79240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 17:59:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame AA4A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 20:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
69859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 20:35:38 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AA4A 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:57:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame AA4A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 20:06:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
71587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 20:06:50 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 4375 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Mar 2024 16:22:13 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 4375 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
dd31c0b46a521b86cf4e7987d86f0a32882f41398aed74e469a2f3ecb94cc92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
78451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14270
x-xss-protection
0
server
cafe
etag
943477232628213006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:12:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 4375 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 17:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
79240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 17:59:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 4375 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 20:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
69859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 20:35:38 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4375 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:57:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 4375 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 20:06:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
71587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 20:06:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 72D1 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGMThv_cBMAE&v=APEucNVN1GhMIVZPZUPTEfPAXv6FY3o1IwSXpeIGaOO9oX4e9iuwl7GvBLs9yf_TUHVb_2Sd0nGM4zSBacngDLQitnf6k2pkpA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:59:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 3201 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 17:59:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
79214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 17:59:43 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 3201 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
78998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:03:19 GMT
view
ad.doubleclick.net/pcs/ Frame 3201 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssW5zPZwwkpiukZx_Tf50usEElo3219azzYMjAD2EhEtF90Mj5QyNSYWJfXhBRUEhYvYnuRc4Na_TDHIKhgLt47b8Rv8SzVKZFvv1Ud_Yc-TM77jpLaqisYoQKuLVZYtLlnGEiyN0920n0WLudtNsJMkL9MSHZQE-PnzOLawWPXRH-KeznyovwTC87Kyl0Dj4WTsLkuzbrAfYyPVRa4CLjzv63EDv-x2sdpyZH96y7rJKwSniVjcB4NOlEuHAXlFIPsJn6OhZ4lGW4u_eTomOd57I0Uhnw81RoL1rhUm4FAazJpWnG8kR-ArRYTPDoKeq7oDuXhZvIUkaoUR39iKVFjntmUtxUQExoGV4H3qmBZ91D9p_Gi-pqj56f_XNT5G118JC0YxBgTWsP4jB9bn644zfFB3IhQvJan0EZc4gs1sEb-4hMFq4Kej8V6Z-UCsGZTL3X_scpxeCHw3_h_HbJZtNFvNTO4fMpIqnc95u_GeQs76OZFzrbDDSCAG0JCow4HHWvIlBIqNqsGkcQu1hQZJGaKx4hq6mAgNRDDf197Kyq3ey_pghUBtTcdXMnbsJtrRzLidg-5pKX4Pbm-praLHI_pHHgCOs8v9-Zzk_ofXRvryKrZGwsjpzAjMC1ritEZNbBunO55PMGeRFyYq45C3vqaiCHJIGNaQNgK0YrBY930f1PY3VvgvHOpfbCmv6pmlB7I30lgV--ZLnoPdHT6LQz3nVeAqdJzwIvr-klij13jPmMnPvNyMHXk86-MosrSeI6Cdod267MttMd_xidJ4f6OdAYXmpCkxsgxE1NllVgEMiD8ElWT-0-8wHyV_Ojl3iHd3dRBRyWQtragUfshLKq1KiWSpvZZ4oSTSSCyWGxtzMLh2XBqtazAbkY1J4AfKZjtDG5ygOvf5Xi2HJQw5W61pQV1vawFoLEVjeIbnw-4Cu4f_SEZSP07FAMesFTSsH6HMC60x-jzENJvbYmCh9wY5EBVahuqbdGtMmGKuiUuaNzM8n1eDR-t8TrdNilCFp7ZOb_58xG_RFglv3DrnToE3GZiuBOIdoyy9Xfljgb6DinCRtxnp1Kvaq0YP1TEXMH1h427eywsJiNzIeeFj7CPB4rdLzqRnsKKzEU3IuxYQXLQm4tbiIihbrBKcOa7dybSJ_II30BC76zF_I-eqD88zFAstlGIskXQd9rqqT9FrKx-Ln_e4eMV7feCgReHKO1EIEGseTxdoo-zqSuNFjDd02MrhvblfST1SBr4_hMDfYRcXwXlRRn97EdrAasievMJqlTriaUpIkLZMjSvBS7shPxwXrvVbFdHbPqPvm5gRlJMJKcSYMv_Y50&sai=AMfl-YS7X5b0ifNvc0pSv9l1r_D4RPFMLpGSG1cP7AiAguXtI-rBW2QbfJx2cKqWs1aYW8E-zcMPnTpCa2K1r17cF_q1N8Dm19Q7C7Us6U29tNxzhFyiZYk1gr5OzGbBnz0Iios3ejyyxKIyXGImc6yjWET3BUzSgJmcny_EfPDgWh-d3f9UBiJpKU7iUPGA514o9gUysVeYq5hjVqQg3r8j4Zaw4w-gLODH4HuLhUaqxRI6MzBlzBGN_ldYuuo3ztkd121A1Z-BNGZNQ1DbfGAzCwub3CVK086wmI1EeL8egJYUPDvk5Cvo6GJnqGSugcLR9buC0jNtrcC2VkddFe-beH3xVUeGDehw7tSwvN8S4kxyAWMQaRSv_CjokFD7-50T_Ey01Xarw4C8sCyq5mWX8g5RbvGMOVNwqurBWDaO5zNuYFdWe4yfcuiD7lxnWy1hEECxBs7GWQSqTUKisRkE-7MDHXs7MXyCBO-7i4cTFuEj9KsV-WhLZ6sQ_Jk8smeQ-c6G1Kor_9m_ng&sig=Cg0ArKJSzP8CetNsbDc4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jaXJxdWVkdXNvbGVpbC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240228.74046&arae=0&ftch=1&adurl=
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 15:59:57 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Mar 2024 15:59:57 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3201 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 19:42:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
418622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 19:42:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 3201 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 17:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
79240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 17:59:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 3201 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 20:35:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
69859
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 20:35:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3201 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BrmIChOFZSWXYAwAg-0kvzk7C13Eg_bo_EPcoGTd6w-VZ346GLvnW_kSHDyHqAHidCQJwEBL-uJXMqAjNefl4wOhtrvciY3ryibyHimEudHfxzSKU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3201 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:57:12 GMT
14041437713353707378
s0.2mdn.net/simgad/ Frame 3201 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14041437713353707378
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
dec7454d1171f978522747043fa76b38fc2426df7fdde8f8834da863a8a38767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Thu, 27 Feb 2025 09:05:41 GMT
date
Wed, 28 Feb 2024 09:05:41 GMT
x-content-type-options
nosniff
age
456856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67047
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 04:19:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
AGSKWxWGTWP-zf6IV7rd5i31uMVyJWqOaveOOL8fhtxASrfvyRrgixxFFJKbyLHKWWZaMl4aAzdMRzZ6rBgUgkhcKqwSv5EoxEd-G36lCIlHpDTzi6JnOvVwJwRb8r7bnXC2GayXCtvM_g==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWGTWP-zf6IV7rd5i31uMVyJWqOaveOOL8fhtxASrfvyRrgixxFFJKbyLHKWWZaMl4aAzdMRzZ6rBgUgkhcKqwSv5EoxEd-G36lCIlHpDTzi6JnOvVwJwRb8r7bnXC2GayXCtvM_g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTY3OTk3LDYwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcm9tc2Z1bi5jb20vZG93bmxvYWQvdGhlLWxlZ2VuZC1vZi16ZWxkYS1tYWpvcmFzLW1hc2stM2QtNDI3NTQiLG51bGwsW1s4LCJ2enJOdkhRLWN5byJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
7f4cf46b5503a47335ca25271b047f4610c4ded1e55e642c6097f470ecb2d25f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z4efPvGNwN2RSB2oDG6gxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-z4efPvGNwN2RSB2oDG6gxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw15BiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ5-tLJgkg1gDiHT4eLHzrprOqALHu-umsoUAc83w6awoQO6XPYA0CYp_6GawxQCzEw_H3_vT1bAI7brzcyAQAQcIzIQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame AA4A 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 08:52:21 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame 4375 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 08:52:21 GMT
PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
pagead2.googlesyndication.com/bg/ Frame BEF2 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
3ea63ff6200af33c2e3336075436f8b40178b04fb7b77849252ed5bde6f9c5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:01:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
457098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20143
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 09:01:39 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2A98 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
457655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Feb 2024 08:52:22 GMT
expires
Thu, 27 Feb 2025 08:52:22 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3201 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70efb94cb6b7661eb4ebf83b5f923107cfce203f9edc70e2716538dc26fb7cfc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 72D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANskxHhapoLBSLphOG3P5s&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANskxHhapoLBSLphOG3P5s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGMThv_cBMAE&v=APEucNVN1GhMIVZPZUPTEfPAXv6FY3o1IwSXpeIGaOO9oX4e9iuwl7GvBLs9yf_TUHVb_2Sd0nGM4zSBacngDLQitnf6k2pkpA
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mToJksO4f4ggzUyhq8J1it0hARui9UVshy7qAA%2B8%2BO0HC5nvsHhQBTnr0W4wtwiRzzCb3kobZE6%2FHutgYGYQI2MmER6f05fChaMIKzyt83PprIUJjAPqssZ0HNleG%2B4e8iHDMBaym%2FIXAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85f313924a5139ff-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANskxHhapoLBSLphOG3P5s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 72D1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeXv-dHM6EcAAC03ACqCQgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANskxHhapoLBSLphOG3P5s&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANskxHhapoLBSLphOG3P5s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGMThv_cBMAE&v=APEucNVN1GhMIVZPZUPTEfPAXv6FY3o1IwSXpeIGaOO9oX4e9iuwl7GvBLs9yf_TUHVb_2Sd0nGM4zSBacngDLQitnf6k2pkpA
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkE2RvEOVyNDXjvbIMgHFE0kF1oWcuN2qf7AjeTYYGYJeUlB6SZp3E0yxjGBjYOahL0m7vVdiS1DXaont8UI0DHikpLAR61%2FzP8dY9oo7XBogOjTfcw%2BriXOTVb9wK35zYLgTgEx%2Bz8v9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85f3139318d354af-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANskxHhapoLBSLphOG3P5s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 72D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEICNONa3dACLtoBD7c2ZUIk&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEICNONa3dACLtoBD7c2ZUIk%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEICNONa3dACLtoBD7c2ZUIk%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGMThv_cBMAE&v=APEucNVN1GhMIVZPZUPTEfPAXv6FY3o1IwSXpeIGaOO9oX4e9iuwl7GvBLs9yf_TUHVb_2Sd0nGM4zSBacngDLQitnf6k2pkpA
Protocol
H2
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
an-x-request-uuid
f1a33e37-cb87-4e64-986b-c2d9b008c694
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.15.210; 86.48.15.210; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
an-x-request-uuid
f2433abc-28c1-44c8-8d5d-5093e93446a1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEICNONa3dACLtoBD7c2ZUIk%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.210; 86.48.15.210; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 72D1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTM0MDczMTQzNDk1MDE1Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTM0MDczMTQzNDk1MDE1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObZu_YDEKS-mI8EGMThv_cBMAE&v=APEucNVN1GhMIVZPZUPTEfPAXv6FY3o1IwSXpeIGaOO9oX4e9iuwl7GvBLs9yf_TUHVb_2Sd0nGM4zSBacngDLQitnf6k2pkpA
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:57 GMT
an-x-request-uuid
84d4d66e-88e9-4983-8d9f-405be850278b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTM0MDczMTQzNDk1MDE1Mw%3D%3D
x-proxy-origin
86.48.15.210; 86.48.15.210; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 3201 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssW5zPZwwkpiukZx_Tf50usEElo3219azzYMjAD2EhEtF90Mj5QyNSYWJfXhBRUEhYvYnuRc4Na_TDHIKhgLt47b8Rv8SzVKZFvv1Ud_Yc-TM77jpLaqisYoQKuLVZYtLlnGEiyN0920n0WLudtNsJMkL9MSHZQE-PnzOLawWPXRH-KeznyovwTC87Kyl0Dj4WTsLkuzbrAfYyPVRa4CLjzv63EDv-x2sdpyZH96y7rJKwSniVjcB4NOlEuHAXlFIPsJn6OhZ4lGW4u_eTomOd57I0Uhnw81RoL1rhUm4FAazJpWnG8kR-ArRYTPDoKeq7oDuXhZvIUkaoUR39iKVFjntmUtxUQExoGV4H3qmBZ91D9p_Gi-pqj56f_XNT5G118JC0YxBgTWsP4jB9bn644zfFB3IhQvJan0EZc4gs1sEb-4hMFq4Kej8V6Z-UCsGZTL3X_scpxeCHw3_h_HbJZtNFvNTO4fMpIqnc95u_GeQs76OZFzrbDDSCAG0JCow4HHWvIlBIqNqsGkcQu1hQZJGaKx4hq6mAgNRDDf197Kyq3ey_pghUBtTcdXMnbsJtrRzLidg-5pKX4Pbm-praLHI_pHHgCOs8v9-Zzk_ofXRvryKrZGwsjpzAjMC1ritEZNbBunO55PMGeRFyYq45C3vqaiCHJIGNaQNgK0YrBY930f1PY3VvgvHOpfbCmv6pmlB7I30lgV--ZLnoPdHT6LQz3nVeAqdJzwIvr-klij13jPmMnPvNyMHXk86-MosrSeI6Cdod267MttMd_xidJ4f6OdAYXmpCkxsgxE1NllVgEMiD8ElWT-0-8wHyV_Ojl3iHd3dRBRyWQtragUfshLKq1KiWSpvZZ4oSTSSCyWGxtzMLh2XBqtazAbkY1J4AfKZjtDG5ygOvf5Xi2HJQw5W61pQV1vawFoLEVjeIbnw-4Cu4f_SEZSP07FAMesFTSsH6HMC60x-jzENJvbYmCh9wY5EBVahuqbdGtMmGKuiUuaNzM8n1eDR-t8TrdNilCFp7ZOb_58xG_RFglv3DrnToE3GZiuBOIdoyy9Xfljgb6DinCRtxnp1Kvaq0YP1TEXMH1h427eywsJiNzIeeFj7CPB4rdLzqRnsKKzEU3IuxYQXLQm4tbiIihbrBKcOa7dybSJ_II30BC76zF_I-eqD88zFAstlGIskXQd9rqqT9FrKx-Ln_e4eMV7feCgReHKO1EIEGseTxdoo-zqSuNFjDd02MrhvblfST1SBr4_hMDfYRcXwXlRRn97EdrAasievMJqlTriaUpIkLZMjSvBS7shPxwXrvVbFdHbPqPvm5gRlJMJKcSYMv_Y50&sai=AMfl-YS7X5b0ifNvc0pSv9l1r_D4RPFMLpGSG1cP7AiAguXtI-rBW2QbfJx2cKqWs1aYW8E-zcMPnTpCa2K1r17cF_q1N8Dm19Q7C7Us6U29tNxzhFyiZYk1gr5OzGbBnz0Iios3ejyyxKIyXGImc6yjWET3BUzSgJmcny_EfPDgWh-d3f9UBiJpKU7iUPGA514o9gUysVeYq5hjVqQg3r8j4Zaw4w-gLODH4HuLhUaqxRI6MzBlzBGN_ldYuuo3ztkd121A1Z-BNGZNQ1DbfGAzCwub3CVK086wmI1EeL8egJYUPDvk5Cvo6GJnqGSugcLR9buC0jNtrcC2VkddFe-beH3xVUeGDehw7tSwvN8S4kxyAWMQaRSv_CjokFD7-50T_Ey01Xarw4C8sCyq5mWX8g5RbvGMOVNwqurBWDaO5zNuYFdWe4yfcuiD7lxnWy1hEECxBs7GWQSqTUKisRkE-7MDHXs7MXyCBO-7i4cTFuEj9KsV-WhLZ6sQ_Jk8smeQ-c6G1Kor_9m_ng&sig=Cg0ArKJSzP8CetNsbDc4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jaXJxdWVkdXNvbGVpbC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=158&vt=11&dtpt=156&dett=2&cstd=0&cisv=r20240228.74046&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 15:59:57 GMT
B29069693.375730882;dc_ver=99.292;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=2857856867;ord=17ctrk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCMPhf--_lZcWmJcvAzLUP7Pm...
ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/ Frame 8FF5 		67 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=2857856867;ord=17ctrk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCMPhf--_lZcWmJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9DjZnX4FX9htFhzSSaR2YiXp0hEBZKogmTLaOKe2fFkCNiXr9DxNSgYzC50W6gLRFlepXaVuNygIB64mNJF71bNxIGwYZZRdWF6Ohx37Roo_QNJe3oR4oUpCKCKo6trCkCjgP1Z1TOJMlr6DVFKp_RS4XBbVHU0o8-D4ZKjqa8C0HxbAVaGd3K4W7-LzxYg3prpzMDEy5c0HrWHlJ_YzWFWI45KNdh99ywanpGnb44KTnlWb4kEsPQ4oM1JEsGsiurMYjK9yXQB1AK4V8PQ7cLWWABdj2j54bTtDYXRaAI2oIkXNQxXsOx7PwqCv7yh1st5goOk1_BPfbkgMPbIfojo8sAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBAKChCg_PuUk-Xa-BESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIhZDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgIDavD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_3G50p5nAgEIeOdE7SKBnwxArEyxA%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=189;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
98fb47012c1bacc5af93f6b68e9785c2808b61b31a8ee40c58f35c8365eac562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
32355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:59:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4s...
ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/ Frame 0E0E 		65 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if8swcCTIt9OP8JwHabRPVzKNZpFmRKHmQg4YqaXSUl3cUJUXR2imfVGiLpyxMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBEKCxDAxoC2ruPW0I0BEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIhpDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgLv4fD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_0UX9VWj57DxqNZWAsRCay9Unu4Ow%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=190;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
c7e68efbe79e4f09c49cf146c163a00a682db30768d9fdddf8541df32b41ad0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
30977
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:59:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
pagead2.googlesyndication.com/bg/ Frame 2A98 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
3ea63ff6200af33c2e3336075436f8b40178b04fb7b77849252ed5bde6f9c5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:01:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
457098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20143
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 09:01:39 GMT
527824573150379555
s0.2mdn.net/simgad/ Frame 0E0E 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/527824573150379555
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if8swcCTIt9OP8JwHabRPVzKNZpFmRKHmQg4YqaXSUl3cUJUXR2imfVGiLpyxMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBEKCxDAxoC2ruPW0I0BEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIhpDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgLv4fD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_0UX9VWj57DxqNZWAsRCay9Unu4Ow%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=190;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
7afdbd52941d8372e8adcdbf24e30da7ca63a7761d90c142772be71dc635c013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Thu, 27 Feb 2025 09:22:06 GMT
date
Wed, 28 Feb 2024 09:22:06 GMT
x-content-type-options
nosniff
age
455871
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104081
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 23:15:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/xfa/ Frame 0E0E 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if8swcCTIt9OP8JwHabRPVzKNZpFmRKHmQg4YqaXSUl3cUJUXR2imfVGiLpyxMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBEKCxDAxoC2ruPW0I0BEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIhpDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgLv4fD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_0UX9VWj57DxqNZWAsRCay9Unu4Ow%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=190;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
78912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4124
x-xss-protection
0
server
cafe
etag
9042593224187393105
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 0E0E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if8swcCTIt9OP8JwHabRPVzKNZpFmRKHmQg4YqaXSUl3cUJUXR2imfVGiLpyxMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBEKCxDAxoC2ruPW0I0BEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIhpDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgLv4fD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_0UX9VWj57DxqNZWAsRCay9Unu4Ow%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=190;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 16:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
86323
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 16:01:14 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0E0E 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if8swcCTIt9OP8JwHabRPVzKNZpFmRKHmQg4YqaXSUl3cUJUXR2imfVGiLpyxMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBEKCxDAxoC2ruPW0I0BEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIhpDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgLv4fD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_0UX9VWj57DxqNZWAsRCay9Unu4Ow%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=190;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
17
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:59:40 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 8FF5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=2857856867;ord=17ctrk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCMPhf--_lZcWmJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9DjZnX4FX9htFhzSSaR2YiXp0hEBZKogmTLaOKe2fFkCNiXr9DxNSgYzC50W6gLRFlepXaVuNygIB64mNJF71bNxIGwYZZRdWF6Ohx37Roo_QNJe3oR4oUpCKCKo6trCkCjgP1Z1TOJMlr6DVFKp_RS4XBbVHU0o8-D4ZKjqa8C0HxbAVaGd3K4W7-LzxYg3prpzMDEy5c0HrWHlJ_YzWFWI45KNdh99ywanpGnb44KTnlWb4kEsPQ4oM1JEsGsiurMYjK9yXQB1AK4V8PQ7cLWWABdj2j54bTtDYXRaAI2oIkXNQxXsOx7PwqCv7yh1st5goOk1_BPfbkgMPbIfojo8sAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBAKChCg_PuUk-Xa-BESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIhZDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgIDavD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_3G50p5nAgEIeOdE7SKBnwxArEyxA%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=189;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 16:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
86323
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 16:01:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0E0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRJ3hpafDEwMkb35dYg24VcrXxA7PAvQN5OHeR10XLagBbblQt8wgPT895GTAm7ggvEnuitB0lxnxrpgqjpZQ0k5kz8N8DMix4ppRLvMmAutgF75bMLG6NjI3tTartN0ch8ueYBNX2w322M6foggkaBcVvwyb9EHg3LEM7JScnFhfaPUbL5JQ&sai=AMfl-YR72nYQ_eXQz3qo6dyJK3MPjOuh4Eo2pi-maabE5plGc8KFQsKGSekE6NfxHjymD9vaup2_6a0Ni1Jqw0PA9McNPFXmqxn6XsGQsw&sig=Cg0ArKJSzG4RlECBF2DREAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20240228.88745&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if8swcCTIt9OP8JwHabRPVzKNZpFmRKHmQg4YqaXSUl3cUJUXR2imfVGiLpyxMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBEKCxDAxoC2ruPW0I0BEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIhpDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgLv4fD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_0UX9VWj57DxqNZWAsRCay9Unu4Ow%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=190;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 15:59:58 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0E0E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if8swcCTIt9OP8JwHabRPVzKNZpFmRKHmQg4YqaXSUl3cUJUXR2imfVGiLpyxMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBEKCxDAxoC2ruPW0I0BEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIhpDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgLv4fD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_0UX9VWj57DxqNZWAsRCay9Unu4Ow%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=190;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 19:42:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
418622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 19:42:55 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8FF5 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=2857856867;ord=17ctrk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCMPhf--_lZcWmJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9DjZnX4FX9htFhzSSaR2YiXp0hEBZKogmTLaOKe2fFkCNiXr9DxNSgYzC50W6gLRFlepXaVuNygIB64mNJF71bNxIGwYZZRdWF6Ohx37Roo_QNJe3oR4oUpCKCKo6trCkCjgP1Z1TOJMlr6DVFKp_RS4XBbVHU0o8-D4ZKjqa8C0HxbAVaGd3K4W7-LzxYg3prpzMDEy5c0HrWHlJ_YzWFWI45KNdh99ywanpGnb44KTnlWb4kEsPQ4oM1JEsGsiurMYjK9yXQB1AK4V8PQ7cLWWABdj2j54bTtDYXRaAI2oIkXNQxXsOx7PwqCv7yh1st5goOk1_BPfbkgMPbIfojo8sAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBAKChCg_PuUk-Xa-BESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIhZDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgIDavD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_3G50p5nAgEIeOdE7SKBnwxArEyxA%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=189;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:17:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Mar 2024 15:17:28 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8FF5 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=2857856867;ord=17ctrk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCMPhf--_lZcWmJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9DjZnX4FX9htFhzSSaR2YiXp0hEBZKogmTLaOKe2fFkCNiXr9DxNSgYzC50W6gLRFlepXaVuNygIB64mNJF71bNxIGwYZZRdWF6Ohx37Roo_QNJe3oR4oUpCKCKo6trCkCjgP1Z1TOJMlr6DVFKp_RS4XBbVHU0o8-D4ZKjqa8C0HxbAVaGd3K4W7-LzxYg3prpzMDEy5c0HrWHlJ_YzWFWI45KNdh99ywanpGnb44KTnlWb4kEsPQ4oM1JEsGsiurMYjK9yXQB1AK4V8PQ7cLWWABdj2j54bTtDYXRaAI2oIkXNQxXsOx7PwqCv7yh1st5goOk1_BPfbkgMPbIfojo8sAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBAKChCg_PuUk-Xa-BESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIhZDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgIDavD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_3G50p5nAgEIeOdE7SKBnwxArEyxA%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=189;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 19:42:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
418623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 19:42:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0E0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRJ3hpafDEwMkb35dYg24VcrXxA7PAvQN5OHeR10XLagBbblQt8wgPT895GTAm7ggvEnuitB0lxnxrpgqjpZQ0k5kz8N8DMix4ppRLvMmAutgF75bMLG6NjI3tTartN0ch8ueYBNX2w322M6foggkaBcVvwyb9EHg3LEM7JScnFhfaPUbL5JQ&sai=AMfl-YR72nYQ_eXQz3qo6dyJK3MPjOuh4Eo2pi-maabE5plGc8KFQsKGSekE6NfxHjymD9vaup2_6a0Ni1Jqw0PA9McNPFXmqxn6XsGQsw&sig=Cg0ArKJSzG4RlECBF2DREAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=34&vt=11&dtpt=32&dett=2&cstd=1&cisv=r20240228.88745&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;sz=160x600;u_sd=1;gdpr=0;dc_adk=3748940717;ord=iglhar;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCLn8M--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if8swcCTIt9OP8JwHabRPVzKNZpFmRKHmQg4YqaXSUl3cUJUXR2imfVGiLpyxMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBEKCxDAxoC2ruPW0I0BEgIBA6oNAkNByA0B2BMD0BUB-BYBgBcB%26ase%3D2%26gclid%3DEAIaIQobChMIhpDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgLv4fD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_0UX9VWj57DxqNZWAsRCay9Unu4Ow%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=190;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 15:59:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0E0E 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/xfa/sodar_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
07374cf80c59be8012c9b2044f1dd7d66cc6fb1a1a7d9f1f458b8a6d4d378a17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5998
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 089B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
457656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Feb 2024 08:52:22 GMT
expires
Thu, 27 Feb 2025 08:52:22 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2435 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
457656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Feb 2024 08:52:22 GMT
expires
Thu, 27 Feb 2025 08:52:22 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A98 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCLKw--_lZcemJcvAzLUP7Pm3WAAAAAA4AeAEAg&bg=!zc6lzoHNAAaCCwxOogs7ADQBe5WfOFbUK-WWVD0CRXBCoA-nESBX16v-7YOLRjGPzBHzct4IlVYJScz_cyaqIFgVcl0GAgAAAIxSAAAAA2gBB5kC3aPP330h3ANJkk2V4yKNEC2NhywB7GUKnPqUQMzE9EgLDbKf3rtxuNzt2hyQB62mQ25X0E4uL4e-h9zBlHzsgFWb4AHLnsQcZ5vtLNGXS1UNyRYumIQWe_XRzolbX9K2-WrOf4qV1oFRcH-lYAYjW2t0uZsOKIEpGTKGAhXoT4cCUcqybl6W79quMPjtWaVsqd8bRJ2OzE7mvmUuHH0Neph56FRmZEmuA_8VEE_iW1ajMRbYb-GfZutpC1g4_XzfUQOUiOTROkvxt7GZaABAfvqf49n8LBg8ETA6Cuatl1_wVOjrjLTfGb0PV8NWojCkUk03FFhfDKXzXplmXqcPEeTY3lhPvRPvhH3ayENmP7c2tfjxyGZTn196OboAw-fAtyEiJpPBI4Dg0stmF7iS2afcBmMlGU1KX1nYuqh2AvwMjfRGiScKctj03ryTvR-ouOuAIiVEMIT5LTN34Jyszx1h5WX386IzklGSQ_Wel-fisWlCK8hL30PnuZ6Hy5PUqB93vndKF-83ZTMKlq5FpIwQh04qaiHgkQiZX_RtI9u9msRPsuoVJ61xHVON9JTQ7k5XZ6gXxecwg9FOYahOXNloG-Q9mgZyzfTgOTpKnh74kellhJePpUVVcQCzywg6MZJr04DvJGvUd-A3WMpdLHPdeAkXOA7cVZ2yHttssKqYnRpz0BfEEEy163VdeJVTjIc4FSXXzSpOVW7IYRM6CWJ6rAwHnslfepfcCDeYM-6vHB5kdOexbX3uxgHp-kx815UnNfxLjzmVWrIS18HzrRo5nJymmkUPOmRETKHTa13kWStzC_pYyeObS24MmIKDMFO5Gi47f8qeb71Qwi72YBRNpmtZFjJN5SY-QBUdUNJm1cYABXRUsDO5sFbkMRTpT8597bLlkINpN0VLH_x2YT-nmEY3qx7VASyWnJyh7cR7PFo_UxlEj5tmV4_82giXL4yOsSDTTHvJtMC_lxE
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8FF5 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:57:12 GMT
index.html
s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/ Frame C0A3 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
0da56d0df6af73d3e5f7e5fc7bb21364391b3cec88ae36e6fd3b5565098c91b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
454257
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2711
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Feb 2024 09:49:01 GMT
expires
Thu, 27 Feb 2025 09:49:01 GMT
last-modified
Fri, 22 Sep 2023 01:41:47 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8FF5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqFkTigSU68vIOUQPOAZoAHn7BXIFFLgHsi_5JYCzNr7qtMYKEfRz2_oPQyiggaZm8eLsTxMd9xkCBR7fRI6fUGhW56L54mCrGGMqgR7J1gwszK76GIK2dWWKEulbMZnu8g1PcPfMvSNW2ie5WN1fbS-Eu2qFUJQamEM8J7I9wnbmORI9RCv0&sai=AMfl-YRi1cDkGk-CYx43wRFUWP2i80Dv-bOXSgArDOhYe-0TWojMOnD2EzT08DUBXqjWzPdB2LO_Dvrlw_z301G1WJmmwUm3qqd5NPYINw&sig=Cg0ArKJSzCwq7RHBL4G2EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=132&cbvp=1&cstd=129&cisv=r20240228.91585&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=2857856867;ord=17ctrk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCMPhf--_lZcWmJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9DjZnX4FX9htFhzSSaR2YiXp0hEBZKogmTLaOKe2fFkCNiXr9DxNSgYzC50W6gLRFlepXaVuNygIB64mNJF71bNxIGwYZZRdWF6Ohx37Roo_QNJe3oR4oUpCKCKo6trCkCjgP1Z1TOJMlr6DVFKp_RS4XBbVHU0o8-D4ZKjqa8C0HxbAVaGd3K4W7-LzxYg3prpzMDEy5c0HrWHlJ_YzWFWI45KNdh99ywanpGnb44KTnlWb4kEsPQ4oM1JEsGsiurMYjK9yXQB1AK4V8PQ7cLWWABdj2j54bTtDYXRaAI2oIkXNQxXsOx7PwqCv7yh1st5goOk1_BPfbkgMPbIfojo8sAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBAKChCg_PuUk-Xa-BESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIhZDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgIDavD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_3G50p5nAgEIeOdE7SKBnwxArEyxA%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=189;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 15:59:58 GMT
PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
pagead2.googlesyndication.com/bg/ Frame 089B 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
3ea63ff6200af33c2e3336075436f8b40178b04fb7b77849252ed5bde6f9c5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:01:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
457099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20143
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 09:01:39 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0E0E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 15:59:58 GMT
truncated
/ Frame 4375 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd98b41a3c9e00b73c4c2d6a47a24d8a502a74914c4d3cc6c5c6cddb93d13f80

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 4375 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Clmqr--_lZcamJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIACT9BEeDwQcYWhgzE8coVLzw0wz-0qHWdHPl6adlKolakp0dR3mEhfdfaRLWlJF07s2ITYT6IH9A3UUvQz3NReiuWgkLkJDAUvbB9EMXAqETkliWoN6Pe4Zq051enatiC8-SSMnggM1zq6LQZcemFcEMjaJQfeDbk-0LlDj_4yLGjQpF0GYuR8wG9nEB9BwsL5cBS4C5sA-Gt4Pq423Zmw97vpwTwMSfNoRSWxkI-avbqdCeuF4goeSbASUpxfeNGq_fBPVIf0OXHVi2uG23zoGGc793I0if9uw-EBo1TwNnnOThExPt8Ca7xPHRupgdGYmqUUi5NYXVrX87urIsvX5sAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEKzRBNIIJAiAYRABGB8yAooCOgmAQIDAgICAgChIvf3BOlia6-OI_dqEA4AKAcgLAdoMEQoLEMDGgLau49bQjQESAgED2BMD0BUBgBcBshccChoIABIUcHViLTU5MTg5NzM5MTEzNjg3ODQYAA&sigh=nbs5xCAq53w&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ&cbvp=2&vis=1&nis=5
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Attribution-Reporting-Eligible
event-source
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C0A3 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Mar 2024 15:59:58 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C0A3 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Mar 2024 15:59:58 GMT
plugins.js
s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/js/ Frame C0A3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/js/plugins.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
5d1cdaa424c535df8806e191a90a42bdc795a237d6378664607fcef4eb98a10c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Thu, 27 Feb 2025 09:49:01 GMT
date
Wed, 28 Feb 2024 09:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454257
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3044
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 01:41:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
pagead2.googlesyndication.com/bg/ Frame 2435 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PqY_9iAK8zwuMzYHVDb4tAF4sE-3t3hJJS7Vveb5xaA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
3ea63ff6200af33c2e3336075436f8b40178b04fb7b77849252ed5bde6f9c5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:01:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
457099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20143
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 09:01:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A700 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOheSgu5xEuaL5uo522oIL-Zd4ORms80nS0cettowagavMFIoMS3AhWEVMllkVcbIABDBfPMLB1ZqlWtmxT0LZ9Vf1EHyUoU6w3-DY8GjogcuL9AaA7WiEXN1vEnTpp5_SKBQ6HJyWu4_0DP-PzcLDYMH3R09_8EE&sai=AMfl-YSYlpZIoZD8H2R_tBP5UhXghMjXzu8MuX3p4gNvUL1ovGJN2JpsyyYC-QmddvRTDs7vdcS98nfV3HSSgUpQyhyFfCLp2Zjd2qX6j32q5zLsFWfd15EF8yyhS-9gfVVM3N1PqfszckTu24ZARfmcVQ&sig=Cg0ArKJSzE8MkpxazouUEAE&cid=CAQSTwB7FLtqelidB7-vEBzzkJt-Pci4XUaGWCC1SiCt05AK28squEti_L_kKuRkmgKQBUZgKfN3dEdSWJAOlHuw8XiURK6aMf416bu4QgrpVgoYAQ&id=lidar2&mcvt=1038&p=0,0,280,1110&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=168499534&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550079600&rst=1709567995584&rpt=1600&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
pagead2.googlesyndication.com/bg/ Frame 786B 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 02:51:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
220137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15753
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Mar 2025 02:51:01 GMT
index.js
s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/ Frame C0A3 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
99e08c4ec1888a08a676f404a3cb0e2d715d8981ab063d10313ee225399b4b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Thu, 27 Feb 2025 09:49:02 GMT
date
Wed, 28 Feb 2024 09:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454256
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11836
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 01:41:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
photo.jpg
s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/images/ Frame C0A3 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/images/photo.jpg?1685461388447
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
454e8f487d3bed0f95391eb3a491ca9dff26739332095b28bff6cab99ff893eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Fri, 28 Feb 2025 07:36:45 GMT
date
Thu, 29 Feb 2024 07:36:45 GMT
x-content-type-options
nosniff
age
375793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126215
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 01:41:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dot.png
s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/images/ Frame C0A3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/images/dot.png?1685461388447
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
sffe /
Resource Hash
4c7a62a40308df1dddd4fd3916b55bde24fb50f18cf20b858c62365ee770ef48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14927239987912874057/E054_Q223_Foundational_PFC_Pillar2_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Thu, 27 Feb 2025 09:32:02 GMT
date
Wed, 28 Feb 2024 09:32:02 GMT
x-content-type-options
nosniff
age
455276
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1080
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 01:41:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
pop.160x600.swf
fundingchoicesmessages.google.com/f/AGSKWxWxI7yoTMClgKdvgy6pt2cSOQAdeqDMAhbqLZ6cV50Mw75dAtUhdRbOvMN3A60z0D9kXRj_lm6_vGBPd2Otyplhys7R0uyTQ1RxpcMuhVsbu4BQVosQKPB2MVPpUSgakt5Ty8fMfEKPlhp1DAn5asQeVTy9n... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWxI7yoTMClgKdvgy6pt2cSOQAdeqDMAhbqLZ6cV50Mw75dAtUhdRbOvMN3A60z0D9kXRj_lm6_vGBPd2Otyplhys7R0uyTQ1RxpcMuhVsbu4BQVosQKPB2MVPpUSgakt5Ty8fMfEKPlhp1DAn5asQeVTy9nvYUwhzoo3jm-_H3dDLYkuTvIzUHudXk/_/dfp.js/common/ad./tabunder/pop.160x600.swf?.adService.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx3N0hUyWWIfQKsJY5ik-ZxAx82ew/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
2ff04d41d10dd9c95155d885002f0829e396f31107b53700661adc12adce1ca9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UfZWhoIjn6ZjDvrQQxB9-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-UfZWhoIjn6ZjDvrQQxB9-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII0pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTD8e_-9PVsAgfOnHzHCAAKLi41"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx3N0hUyWWIfQKsJY5ik-ZxAx82ew/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
efae00f257fbdd16f945d40156928e4d796449859e1a4dc05fde50f61f61840a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:30:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31003
x-xss-protection
0
server
cafe
etag
16097037246406947114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 16:30:07 GMT
AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zs1a1j6_vAWscf7sSxRsKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-Zs1a1j6_vAWscf7sSxRsKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8e_-9PVsAjt2fWlnAgCSfBH2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://romsfun.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 089B 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BM7qh_e_lZb6mN6KYoPMPl6ur0A8AAAAAOAHgBAI&bg=!uLulu_TNAAaCCwxOogs7ADQBe5WfOLLJkEEF2NmCYX-tbWVfUjetOCEOxc-gHpX6pEcuYAj0NRNmZ_RixWpRQ6CfS-IzAgAAAMRSAAAAA2gBB5kDGz5HE6cwPkxEt0V4xQnQDWSBz4hl5QqXhzzPgEiyHxZ3Zyd1Z8dJCqPn274x29L4pHjNz0lBr6ejqi-pbN4lPy1OlXB0mTwGy6_Ta7WB5Fa59-GZNlX3WYJ_FeObZDJFVHIe-yELEOpRwcdJicVh3igS9Zidm1ZiWPdyrM4IOC5PXQkPdxHe6KZIt0x1BmxOBBpkl0-kIxW_LKx6l6NCCnlZUEGhov26AF6LSEu9K0CYSiIsOkXptaAretUM_JHCmoOQhsoJ5zqwN5y0q6zxEQ-b6G4TWI0KNse6SlH9Tze0Q2PebJf6xREdQw-7UejbS9dVbG7jW5kqX3Pz-NHut9nxYlOokyyZQdUCtf_qTPrjKNPcu-N09fk2Nd60JulCIQn9ZVVIPlMyiUruoQEQyb0Ii6vmQsTo0nk0Om_pvFMbMEqz964_VseZeyUTWQmstOGY6De3xnADzgF9FSa7Dl8_kZPWsAuNrwPLkzLKmeJ6oAwJAZqXwnOMWmzDAHNdxBxQAthpaBpEfbFbp6XfCuxtbmoIS_3XVEfFl1o4DyLhyp_X2MiNORgczLKHRXc3ch9w25VZ5KFWqyRsW_xxTGTIz_p1Lj_OXnA7SDEKX1zhEgks-fo3sDaZzIvvgrUrU9kR6YUYCAOSL7U8swo9R0FhdOZ64oEzAMAbF7SNXpi9G2iSkIOHM0uRHmMYLmPSOFvsh-Tk7s_CjUAHSNyYV-96C3XtGn46CcvqOYWrWvjiBhe-E1s-CuhjqGZiPKgJ0HHNqeatYL4OTwRIahPviWgkqYreQ7DRzgT-ISrahUh3ceUr6aD3hS56br7fahunDRWLvdPLHE1E1kh_83ZGNlg-0Ln2DzJx1B1lvLn7QGfjd62mT_Jj1-zKc8tHnC7dw_LZyp4FVi6OJpLFdIrwek-opb6xMVznAPGrQ7uvRmy_DUUldu8m4ab1TGqstSwV0_Q19ottq9QpvhMdMd4gdc6vtiT5K5bOWBAdUYhleEJ0dwt2OcQ9m-ByqT7vu0WOakK_ol6-izPQ9X7iV4sXK46dE08-tXL0D6gC5A
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2435 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIbXs_e_lZYiaN8idoPMPju25gAQAAAAAOAHgBAI&bg=!5Oel56jNAAaCCwxOogs7ADQBe5WfODiewG4Zwd6yJzFMQMEbncwTjgaQm2ofxQ6lQuzQv8m6oeKmLuqC55PUbQ9jq6K_AgAAALJSAAAAA2gBB5kDKDKBkPl567C0tDQI4RQeXN6R62z5MKIVjl-FGeigMwocNy4ECHUZwHQpUkV3c4Y3aQ95EuJobhUqM4DUuXL8Dd2j_3t_6MEIA3O0DhIwOEBQw3O1WsvbJ21VtZuU3EPVy2lRvp09MeYBZFR4maQ1p6h9z5Wt2B8LTcoKAIjHVgdNg_SqSh_oezO9DuW2XCZvykaBeMyM38HnxYmGqj-wqGabMUPIQVgHTm4C7NKV35iu5PnjKHip1RmRu0-ep-DLSAru8s9gwSrFxwv_2VLaI8UlUX7aB93GRrm1Z61LGnUN_pmz-hUmDgO1Bw6EIUmg5UOXZoZqLZdkE7G1D4JS3Dm_82OMjMnYmRYKLgcc6936FTt0cFPkeGv8a5PlD0DvCoc7UKaHPg9bD5BaWPGyL60KbltNiBzvvUFuK6gPJUypC60HAfnwaXuoFijmbBXlrzKxyZYOa4emWAt-K9BmlboJ2w1FYOAThVEcOrgvwMTN5GVF-5TkEvfEhFfRcZgWHwcqUhGSJ9GaEJgtNESGcWHfWuihBWE0vnm7BdTbFhCr6HoSQVF6qXA4iFpgjhnqSASI2UGUMHVcp45DqI3auUlt_YrLS7J57tEJ_-RDLTl_rhbwdiiHdWd-FpGSHXutOb48RJF2f9cdSGwutTZabEsVG8BbEUdu2X-3LU_XvaXkz-8ijx8RqpuyK5PBzbwJf4G3fA6nOI_KCOKup05qLo5NhBFE8dW1oD2iQiVAKRTVOe2ULxXByTvSUQ2X0qsN5nqNPRT1K9fvPNCsKvlrou5EBWJs6QTRPXbSPpx1LvI5Rf-UfdiU48seyQtwdejnAWDnaPS0vc9F_0SecAth70dSnoNgMy4l-B3EzmsYmk8LQr4N1M6axQkvtWCvkm_V1mBPuShXcNacbOfD7XET8pXEtTdEyRyHRsiYlfURNzAL_QkGiljwkSKKDQiG2HcahGrG2JrvYfiWuAjH2te2kXP6WDKSI-7XnsNMIun678uyRqlyiXGIstdaE9KcSgY0Wq1NZATAjg8TExWlEXlZwPacoFYOw0G0F3_QY2LivjROL6aoI4AeKPU
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=2857856867;ord=17ctrk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCMPhf--_lZcWmJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9DjZnX4FX9htFhzSSaR2YiXp0hEBZKogmTLaOKe2fFkCNiXr9DxNSgYzC50W6gLRFlepXaVuNygIB64mNJF71bNxIGwYZZRdWF6Ohx37Roo_QNJe3oR4oUpCKCKo6trCkCjgP1Z1TOJMlr6DVFKp_RS4XBbVHU0o8-D4ZKjqa8C0HxbAVaGd3K4W7-LzxYg3prpzMDEy5c0HrWHlJ_YzWFWI45KNdh99ywanpGnb44KTnlWb4kEsPQ4oM1JEsGsiurMYjK9yXQB1AK4V8PQ7cLWWABdj2j54bTtDYXRaAI2oIkXNQxXsOx7PwqCv7yh1st5goOk1_BPfbkgMPbIfojo8sAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBAKChCg_PuUk-Xa-BESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIhZDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgIDavD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_3G50p5nAgEIeOdE7SKBnwxArEyxA%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=189;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8FF5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqFkTigSU68vIOUQPOAZoAHn7BXIFFLgHsi_5JYCzNr7qtMYKEfRz2_oPQyiggaZm8eLsTxMd9xkCBR7fRI6fUGhW56L54mCrGGMqgR7J1gwszK76GIK2dWWKEulbMZnu8g1PcPfMvSNW2ie5WN1fbS-Eu2qFUJQamEM8J7I9wnbmORI9RCv0&sai=AMfl-YRi1cDkGk-CYx43wRFUWP2i80Dv-bOXSgArDOhYe-0TWojMOnD2EzT08DUBXqjWzPdB2LO_Dvrlw_z301G1WJmmwUm3qqd5NPYINw&sig=Cg0ArKJSzCwq7RHBL4G2EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=514&vt=11&dtpt=382&dett=3&cstd=129&cisv=r20240228.91585&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.375730882;dc_ver=99.292;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=2857856867;ord=17ctrk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCMPhf--_lZcWmJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIMCT9DjZnX4FX9htFhzSSaR2YiXp0hEBZKogmTLaOKe2fFkCNiXr9DxNSgYzC50W6gLRFlepXaVuNygIB64mNJF71bNxIGwYZZRdWF6Ohx37Roo_QNJe3oR4oUpCKCKo6trCkCjgP1Z1TOJMlr6DVFKp_RS4XBbVHU0o8-D4ZKjqa8C0HxbAVaGd3K4W7-LzxYg3prpzMDEy5c0HrWHlJ_YzWFWI45KNdh99ywanpGnb44KTnlWb4kEsPQ4oM1JEsGsiurMYjK9yXQB1AK4V8PQ7cLWWABdj2j54bTtDYXRaAI2oIkXNQxXsOx7PwqCv7yh1st5goOk1_BPfbkgMPbIfojo8sAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAoSL39wTpYmuvjiP3ahAOACgGYCwHICwGADAHaDBAKChCg_PuUk-Xa-BESAgEDqg0CQ0HIDQHYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMIhZDkiP3ahAMVSyCzAB3s_A0LEAEYASAAEgIDavD_BwE%26num%3D1%26cid%3DCAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ%26sig%3DAOD64_3G50p5nAgEIeOdE7SKBnwxArEyxA%26client%3Dca-pub-5918973911368784%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fromsfun.com%2F$0;xdt=1;crlt=e!FN)NDR22;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=189;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 15:59:58 GMT
AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RiXPtEI5H4LYsRtLwYUjYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-RiXPtEI5H4LYsRtLwYUjYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8e_-9PVsAgt2fulgAgCReBHb"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://romsfun.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame AA4A 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
567f10c0fc20316bd17d2a5a7e251da84850f2294617e24fd96189af7d52ed84

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame AA4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cqo0J--_lZcWmJcvAzLUP7Pm3WLCbvMx1_KXni4sSrgIQASCi7JImYP2gmYHoA6AB0vjL4gPIAQmoAwHIAwKqBIACT9DjZnX4FX9htFhzSSaR2YiXp0hEBZKogmTLaOKe2fFkCNiXr9DxNSgYzC50W6gLRFlepXaVuNygIB64mNJF71bNxIGwYZZRdWF6Ohx37Roo_QNJe3oR4oUpCKCKo6trCkCjgP1Z1TOJMlr6DVFKp_RS4XBbVHU0o8-D4ZKjqa8C0HxbAVaGd3K4W7-LzxYg3prpzMDEy5c0HrWHlJ_YzWFWI45KNdh99ywanpGnb44KTnlWb4kEsPQ4oM1JEsGsiurMYjK9yXQB1AK4V8PQ7cLWWABdj2i745V_jA5vYbmI8z73No-f7spxuwOsp2UBLsj6QFmL--jM0x8pi8hZFMAE7KmMivcCiAXhw9DhI6AGEYAHgYjWQ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEMa7BNIIJAiAYRABGB8yAooCOgmAQIDAgICAgChIvf3BOlia6-OI_dqEA4AKAcgLAdoMEAoKEKD8-5ST5dr4ERICAQPYEwPQFQGAFwGyFxwKGggAEhRwdWItNTkxODk3MzkxMTM2ODc4NBgA&sigh=2bbo8J0_HI4&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ&cbvp=2&vis=1&nis=5
Requested by
Host: romsfun.com
URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Attribution-Reporting-Eligible
event-source
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HTvZN24xCffniPPClJ6Heg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HTvZN24xCffniPPClJ6Heg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8e_-9PVsAis-Nk9gAgCOXRGi"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://romsfun.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TCMzZnwBh6KCr9fXY3VuDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TCMzZnwBh6KCr9fXY3VuDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8e_-9PVsAhe-_e5mAgCUARJV"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://romsfun.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU9mpG0uslSCbMApLbThtJg3AnIWNdNV2eWP_HPF6xt9GLSa9qqj8zAu48EI-Nd8mHI6j5th41WFm2He0lV6Jt_TR5hEVzIlwJYOppRpmjv_TfypS6roTjlk2KfIU6_PdSMbIxuUw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU9mpG0uslSCbMApLbThtJg3AnIWNdNV2eWP_HPF6xt9GLSa9qqj8zAu48EI-Nd8mHI6j5th41WFm2He0lV6Jt_TR5hEVzIlwJYOppRpmjv_TfypS6roTjlk2KfIU6_PdSMbIxuUw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTY3OTk4LDUzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yb21zZnVuLmNvbS9kb3dubG9hZC90aGUtbGVnZW5kLW9mLXplbGRhLW1ham9yYXMtbWFzay0zZC00Mjc1NCIsbnVsbCxbWzgsInZ6ck52SFEtY3lvIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
b126585c866cb45e0a6f86b9d71239543e8266f272814cd4dbffccc92d1a4976
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JeIK4Haw7iFXIvyDsr7pSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-JeIK4Haw7iFXIvyDsr7pSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTD8e_-9PVsAg2L2iYwAQAAUC0c"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHeGaNwxc0Ek1DyYMLOBYSyVUwr6jZ8jYWcBPoPPwMx2SvXp9_qtyZ_zYpJWYzkWHp0mvujQQTfS_FKZP3fqHi3cnVCXEtXDX7FRvGMfGUDDeIk86p0U7z4DZVgOpzf7Ygot4F_g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHeGaNwxc0Ek1DyYMLOBYSyVUwr6jZ8jYWcBPoPPwMx2SvXp9_qtyZ_zYpJWYzkWHp0mvujQQTfS_FKZP3fqHi3cnVCXEtXDX7FRvGMfGUDDeIk86p0U7z4DZVgOpzf7Ygot4F_g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XocPwNID3YSBHYIxfggbTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-XocPwNID3YSBHYIxfggbTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8e_-9PVsAhtWrV3FBACOSRGo"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://romsfun.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW_WzMrTKTBYJ4xfSno0HlMn9C-SxTBB4YSQIkh45xNcXTpB2fGGvZW8b0UjRooMf6wBju60JA6LmXQ71y5E167X7m9VNfNnUOD8C7o7m5YYh-Z9_sc68dmjoG94p7yZJ1V5r0AHw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMzbq9_BeTKhlbiv032J0rWew0GCtQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ogvTd0Mtz36JjxV_0QMNEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-ogvTd0Mtz36JjxV_0QMNEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8e_-9PVsAjsWP1vFBACSPBH0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://romsfun.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240228&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
bbd8190e5283beec9e7480902969f4df8636d0b1c5f7f1c0ca5c7bef1341d4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12358
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 15:59:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 599D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://romsfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
143393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 00:10:05 GMT
expires
Mon, 03 Mar 2025 00:10:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9D1E 		829 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f4.1e100.net
Software
GSE /
Resource Hash
089210ffcac04cf06d3c2c00ee0725600e5b059e6b58e3ead91dfecbeff2edaf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GET5Apy6Oo_r1_1tX5_QtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://romsfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GET5Apy6Oo_r1_1tX5_QtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 15:59:58 GMT
expires
Mon, 04 Mar 2024 15:59:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 3201 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXOSx2Q6gT5tNYBlnA_o-9MFL2_HrZ4vSGxSsAwiAjvWzFdf9tS7_ZtPle_XgjpdooBbyNrFYOVOFudTqgbIw8izXXbk0qs0dG1oDIkXYbLseyQpM8jIlnRgoo0XiaAiLdHWcCIYh6x-HAJlnKiQ&sai=AMfl-YSUN9bf3Er_lWG8tZ4uhZ0afPFzR4_2P3kJo2D_rq4xkIEmIPRrXB3q_-kVyoJuGMAuN42Sv1ETHXfnfP9q3EO3oUB1znScmsraJ481OMS3xYRmJnJGMlWVxFB8vFOTFEZE4fxx5WtHKDza0goR7A&sig=Cg0ArKJSzPJBrNXibEamEAE&cid=CAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=358,874,1003,1083,1083&tos=358,516,129,80,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550079700&rst=1709567997430&rpt=285&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
pagead2.googlesyndication.com/bg/ Frame 599D 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 02:51:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
220137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15753
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Mar 2025 02:51:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9D1E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240228&jk=113803897568305&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 599D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?czucsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 15:59:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E0E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvATDZ1FJ7yduSiaFdpczBR52lIvD4MGPujyhlTfq4uyo7c9cMHOWzzc-ReCnfw5vLoQAsFOLjfeGYN9uZkiV5NNJgooYoMsrC7DY2PPRHYINqzUVC2PnZpnwJikMcJe5e0mMm5g1MNZeg&sig=Cg0ArKJSzG0pxMOnbGX9EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=3748940717&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550079800&rst=1709567997877&rpt=217&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4375 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXjSEBzv8Fwsr7iJibduQA4Ggo0lsj2H_pOmwRUlDN57C8jGWNatRNEy4MROa5pvi1Px8JT0jU99Eh0brKLv8PkZtmIblP3TKTGfknZc9Q049uKCRI9Is8XsELLjeoHd81Yagiccsp-TJMD7w3LglbaQuIlW_GEPC7TCExMnbpnAqkiO7fbTZNvX0cJvt4ah2aDl7qs0EjKKOwfGgS8fwSBNFDKjoIBhrzP0N_QYyRsG3JZwUbO71A1LkCyGe3TSNLjagMwkB9e71i8l3s6wiu0-M6d8fIeiEubrZwj5QjTkmeJsmcq4lOMEMHrKnF3yflPNAMIN5YBIX1aX5pe3Kp9RjTkHTziLh9RKPuN2_DSmWReda4O_YhqtvDgEbrEeVGYvuRsb9pT8V-ktt-0Exa45SMYj-byP3ci_a6D3JI0QMy2T-2QHnYY438n-1D7w0P0i8DYW1b4BMzgT9r_Vm0aiuCxBPeqXw0-WTEnS699dOAC9AY-st8PVV0_fdbN8ByvuEwtTxpsATpCWuo4uWvdtLA1kNSfY1MDiSO9QwW2NnwvK27LrvVFDAb5AWScGqWjXu7eYl2W7uzyz7uC0RVocdQUDKlyxsz_5Enazxxg1c7bG94ptrUZMAw0kwP1VoSwTdpaMXMSBVwAnxqF-RG4OO-sgtuhEw74exBrXuz_QOzWulUiGcqcDS29azEv8zOn8SfB2NQKyMglrj2I0ySxk6cJRmKCVhwFhKQYUdWh5cfe7L9pJz-mh5GNe426z2lawmJs-x_kBBt_-Z9AGDf40r2HHgZwbxvl6u10OmvcK1U9NmzKSIoVEoNpA81h6B-kZtBAmH88nJFSrWUAb8tloRq3Uo_zyantkoKh2hfEBBHaI3mlOg7Sr8H5hnLQUuNbLUVj0fh9-6M9g499rWtCNfBb1yb_DODmZxQcwKx6WYnben8G-T4e1Hg2iVBrtzpG5_hhmGqACQ6uga35XUgwSPjKoPvj6eoQLIsL0jR54j-gaujZ5Bbkh9EBX12sHeoX52-GBT3PXH-1hGopXvK0iMCMEMbKKDR9_Ewe6i5RqeVQOa0NgBv5_flpQEa23Hx9RjZ0-xJtmo_WOoiq_FzDXeHwiJ6U8Y1dw33vHImIssTA89yBoS-gRC7PGDQI9f0Azrccw&sai=AMfl-YS4UoFZvlMq0gM23fFxP_qpQRMxWf26wtZrIZhUpBpRa59xenAz_ZcuXecUfWqi06YAx9ZZGLgk4MpnmMzv-JapPuIep5y67A5NMu16ov7Efv0IZtgHE11Bx3CQPOvc8bk9clnm8itajzL1nqVL6dVM4hI3IGUGpCtsW2o&sig=Cg0ArKJSzEQkXcBRkeYbEAE&cid=CAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550079700&rst=1709567997552&rpt=593&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240228&jk=113803897568305&bg=!6eql6qXNAAauXHXJjlw7ADQBe5WfOJWKH2GTDQDeigiWL6ZoCV1lVmil3nny18iWzbafEjT_KdaLD8Qbu3f6t9WyQrJOAgAAAEpSAAAABmgBB5kCudu2FH_LdlgSJGTnoe2homFeYeU5f-uSGRLt267f67jqr-h06WhgEVgJszPk-qWAU0TbSn7oMWH3p27GnYnOGdmqtFc3sHko3rEPJUL48HKONCBNa1FR71X9tMDzujJmewkwTew2tB0k8tWOz8GZorebsKZhJwpvYOqm8UlkOFSpavAvwp7NXifeVJQxcrkOSxgAFhdMErGkDYub4I6dMKOsUrtRx_lrlXMIPuNWMhS7X3aAXtwj6iGAWmX0YLxdEJX98_dTbcnzxHqEiU_BSKhnPE8uQLvRVsAM8GHIDPEQQQx-F-j9vWg4YapwZ1ZFZgEbDavtU7Wv_zSXVEn4ZqrQlW8tl9bC67hjohK2JnMewoccdk6NlNH7J5L9yVVOMzhUrjJkQ00jrq731YhAZQs0Y-s6cRk4caarC_nxtF63eciL8z41-o5mwNiTf4D7lAi3_1IoeD6Xi5vOFLuG1hRrh4-HCFoiv6BzDaV_yHPbcT3O1cwDO-h1zG5ppeu65ZrSLw--5Bu8nWUw9jYIUbx55-LqfN4CajR0XGzLDkqhQitZwXSHZzEeXD_hyou1v3XHhY0jn5C1fdrYwnI6BauGl3BvwkKGEx_PToUgdWTu3EXg9huW8SzY7kpuaFMExHXOvI0D4MB4jsoCmFdDG9zYMkNBlkWjH3AHsL8Blqvx8JpqIiimf7cc75otPNcC6ysi0qcJDcE8liJqhktkVbnFVfJuOQxr7gDy2qZ3aWGlWJB9cIkQ3ZpS3DOVBd0lMxx-Hi7Uw1_4eB1TaDqULRGXa4fyolTFMiU3E6htME-QtQaidjCICXacGWCNRxXNJhMbTVHIUdna9tKdaRFsCJ3vNRz0RlmW45cTm02XMHdI6D8TrnTg_UK2gLPpBHvc0vNBuprM4uGYbFE0zsmNt8QyudkETPLQPC8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://romsfun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 8FF5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-OYC1rm32DgTerzJEvHpHpRPgIOlcpxW7qP2Ge7MYVajxDQKENWlA4Ig8KszV6xcSvG78YiGQ3rpHjpDYI1k4xD8Gzt--xW5KjrPifbnv_aqsohelACnq3d9-0tbhfoXORIYx4aEedV0&sig=Cg0ArKJSzFNxejyMVrDWEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2857856867&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550079800&rst=1709567997875&rpt=344&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA4A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstklvDELOqKBSad-nhDlCWSMHJup34CwoeJhOjY-rxP8x6YOr_hUxUwzyTZX0uXhvejrUEKT1ZEaXdRi5k5mytYf4r9gRAJG3f8SjXlrNxh31SQ1Q6AR6Q2eeRCPozd4-fy1ke19SoAn3MNAT_Ou_pT3sYVAeTXPLnzlWNbQYe0FfLIfrocU0b9FBR3qQzzUo4OMwSo2G_QskOcSOzpsIOi0hkifB_AbnIAnSSbqY-TuGCDcZSrSrqxs11Zgwpj2imA2owQMtwGtZ25ihnqJDwgR56LpYkA4Sz5DNV7-3sC2XwBtP21p05Oll3JxDX7oZPEIdrGfiQBlTpbxvwtZG9glUYuqfycHb088JBWzFurU-H8ZbeH6cuyh4cteEh0wtzonUWpfrZUR-P4Et0GEOhA0uszO3DmA3Dbby5xgfJpBKeCfBXGms2JgDGe-CWCffSMItISxXCX_75H8Q-IFDWapg4f5ApjdcdHFpADMHx4ff63_th26beskGlhlkIxJvxe5_YHreawSbxEZ9f0MVQdSBOj6UuBx8678P3l1x9Sy_Ld7nho2xqTrHVE_uBGrx60cSKNJHTf7cVlqR94_C0uqQPovsZBbp4uFUi8Y4LB7i9sA6PikwVoURcfOSJMo-tnnmMuo8D4eXnYsUS6pX-Iajzmr3s0QIyiW3pGLEpIqqMKX74wkxq0OsOS1pK1repurCOdVzJAKmWlBCrGKx-8-dU5AUUaOEeNndGyzqeCf9zR2TSaLPmzEbRYFwT6-2KvRKlHW8dmxcon6wQ7ZZ2Y4WeBy2GyF3O4ClGdBjqNpjPAUI8N8SpqLTDcaPP3hcTW-8lfYzYscD2Vh895URtswHnx28sXEf8UUVzYtOc4bPIlFEwrAYYRWps9RKvB4jznP6Wz5nCfKLZgKOWNdB1fkZMVhbSIP3ZRPwotIohA3SAZDqlWwSe0hLMR8nxbWUmS77e5ipoC30fs60fdxgLH8IAgZAqyIqha54NS7WxnKV49B-KYoXLYQohrmEocO5yzglErQFzCXQjSoKAgsBJkA2bHKzMNuoSwqQfdVo6gR1hIdzUVutXxF-HgxYfXeFOrD7jcG5-Ky8K4t_hRYXVJzNFDQgA3SJfD5cSP_fhk-5FIvWhQ2VGb1lxZZUE_ncA500s&sai=AMfl-YT8caYByZxxhfsB6OPEAsc8qIFMeR7bfrsEjkNbkQFBrrC11SgmOisEvVZ6AHeZRB-0ZUgEtNFsM1q5Z7fyrJ1lbK7esav0ze-UY1gHnsgTpT3DcdvTZNu_EJuofbFvMk6Yj0abk0HrFZPk7vjpeffj6TiiemhU_n_OLDs&sig=Cg0ArKJSzPtJCY4m4GBREAE&cid=CAQSTwB7FLtq7eoIbfCUHvJZMkCi53vDO4eg7KuAnco23MC7MlGE1vW4dwJ_RfK8WyR8Nps16HVMRBNM1Wkzp0rIj0UMQFs8W5Ure_8C_zPAQKEYAQ&id=lidar2&mcvt=1004&p=0,0,600,160&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=550079700&rst=1709567997534&rpt=981&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 15:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 undefined| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle function| Popper object| bootstrap function| RateYo object| lazySizes object| Cookies object| ajax function| convertToSlug function| showFilterOptions object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaGlobal object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Y2Q3NjUwNTAxN2M3ZTQ1MmxvYWRlcl9qcw== string| Y2Q3NjUwNTAxN2M3ZTQ1MmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| __google_lidar_ function| __google_lidar_radf_ boolean| a4cb9197-30e6-480d-97d6-4cfdb30c8805 object| GoogleGcLKhOms

24 Cookies

Domain/Path Name / Value
.romsfun.com/ Name: cf_clearance
Value: dAmKZuBrPBsvdoRr4fiJVAx0ZpzmUlSe35x7yfvGPik-1709567995-1.0.1.1-yv4_ekLSYDMM9B81tMDVZ9mihVRzvR1yo.x9flXTanNeM0O8oRTLsqG3T0LenXcJ83DwfDxMmBqPYSqu2oDxQA
gk.achatecogida.com/ Name: GL_UI4
Value: eJw9jd1Og0AUhKH8tVrQSXgAHwGwmnJpfAgvyVn2QNfCbrOsEN%2FejYlezZfJN5kgCHblA8I1PSD6ohc8yeb5%2FFoPbTW0Zx7qXoi2agWdJFUtDeKEg1o6R2JiF2O%2FzGRd59YYx5E1W9V3vZGc49Fbf81Vm03HSIQlLXMkszemHJmwZlvYlhFiTTMjfb9Y4zOZ6dNYRHXTeFbac1hhZ5YyKu6QfSgt%2FbA4YldXRZEGuL9N5AZj507JNEQyWpKM8A37nhyPxn4jk7xcnbkBZpLdv%2F%2F7G211hVTyqnp%2FbtyF7Q%2FD4U7v
gk.achatecogida.com/ Name: GL_GI10
Value: eJwNyrEKwjAQBuDcgQlClx%2F7HMGKSlfJ3jqIe2hFstyFa%2FD57fYNn3OO%2Bw5cKrrxHq9jHG7xMpxBX3B6gBeBT1nymkEGniewCcIsLVtR0ILwUlNpuwvCpLa%2Bn3uSDcekVtVy%2B4CqJ3DTcABva%2B9AP3%2F6A0q4G2o%3D
.romsfun.com/ Name: _ga_CXR95QZ9B0
Value: GS1.1.1709567995.1.0.1709567995.0.0.0
.romsfun.com/ Name: _ga
Value: GA1.2.744576921.1709567995
.romsfun.com/ Name: _gid
Value: GA1.2.231556962.1709567995
.romsfun.com/ Name: _gat_gtag_UA_89527130_9
Value: 1
.romsfun.com/ Name: __gads
Value: ID=ccb0ddecc3a7a308:T=1709567995:RT=1709567995:S=ALNI_MYvZm_Au8UahQpFETsLzV2eenPWgw
.romsfun.com/ Name: __gpi
Value: UID=00000dcf2d0a6468:T=1709567995:RT=1709567995:S=ALNI_MYYCr0O25k3pyRRC9VTnyKRAXM_Ng
.romsfun.com/ Name: __eoi
Value: ID=74fc9fc6741ce476:T=1709567995:RT=1709567995:S=AA-AfjbLRvgfdAtpOzqhCd4jx-rX
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnoB2iYQEVOmKEfNe15GdIfoeGi4U0RazcRJSBCMpbRxCj7eKniHVoribUPm-c
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZeXv-dHM6EcAAC03ACqCQgAA
.casalemedia.com/ Name: CMPS
Value: 519
.casalemedia.com/ Name: CMPRO
Value: 519
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: 37H5kq84eoiOOAH-j7N6y-FTi3mVzoUQMw_-Z-UQu75QAB2cjqpdaANX5HVCszk6BRmyvl-GciYUXMgYupfsVi84v9VaVAtVdNzHiV1SS7s.
.adnxs.com/ Name: uuid2
Value: 4501340731434950153
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilhx<'*+!]tbPl1M>e)ZlrFUfJ+tGXxp?_d/!BY5h)h_ZS3/THfcq?/oO/`dYjyj*>ty3If)y3KL9D3I?+[A?M^6
.doubleclick.net/ Name: APC
Value: AfxxVi5lPH7oUI6g9TLMMXzWIcUmmyVTr8M8LHG3rGTuUBlgPWSIGQ
uidsync.net/ Name: rauid
Value: MfSGjKyoe3DJDbSSCl3LU6
.romsfun.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_zS1L9hX6D6fI6zRSQXC8Qome1uEnLOaeRS5LDIro-jZe0TpdNbusiZ_A2aT85vTMlr73XzorgwtJd-D-IDZv__252nhwLJEyRcx1MT5KaLmXQcJ3rvWFI2kw0r9G__yRElXhteSLtJu93Rzw7ib7pNHvDeg%3D%3D%22%5D%5D

79 Console Messages

Source Level URL
Text
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 104)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://romsfun.com/download/the-legend-of-zelda-majoras-mask-3d-42754
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gk.achatecogida.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
push-sdk.com
romsfun.com
s0.2mdn.net
tpc.googlesyndication.com
uidsync.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.176.202
142.250.64.78
142.250.65.226
142.250.72.97
142.250.80.104
142.250.80.66
142.250.80.67
142.250.80.98
142.251.32.98
142.251.35.166
142.251.40.130
142.251.40.163
142.251.40.230
142.251.40.238
142.251.41.4
157.90.33.68
172.64.151.101
172.67.75.236
173.0.146.24
68.67.161.182
00635c82556b38d46a22746a0272d0ef191d0ff6e5bdf7280105d347aecd0e3c
00cc1d6f8359763349a09d2c5b32b6d1de9b0642a6838c22ee34e9b329447da5
05e71ad1828d9a36e7280c7fdb551b1c21480db8ecab5b59d8619b8669e88cc0
07374cf80c59be8012c9b2044f1dd7d66cc6fb1a1a7d9f1f458b8a6d4d378a17
089210ffcac04cf06d3c2c00ee0725600e5b059e6b58e3ead91dfecbeff2edaf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d88cb482955b2ae3785845ff5ba79f03856a71bf96d956f5059ef4e3db9233c
0da56d0df6af73d3e5f7e5fc7bb21364391b3cec88ae36e6fd3b5565098c91b2
0e165f606257cb391e869a314341eeab48913b3f6871b8de063e15b6b169532f
1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
22223631ac9e8b247b66e291f629756905b2a44de2e8d9f83bb7d7d2b5f2ea0d
2425d8b6d3ffef2aca4ab55e854b139244a0b812c57701baedd3c86929eb1252
255737da99067f5c3514d77ef41da765f9e85d3028e50120d4670d3313023791
2ff04d41d10dd9c95155d885002f0829e396f31107b53700661adc12adce1ca9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e3f5004d73e0fd91f6ec8bd3e9017a3ac49774c7af908da74daac5afe57cf3d
3ea63ff6200af33c2e3336075436f8b40178b04fb7b77849252ed5bde6f9c5a0
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470
454e8f487d3bed0f95391eb3a491ca9dff26739332095b28bff6cab99ff893eb
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4a090a9b8bbb0f86926f094f4f1543ba2a48b776baff36d6429f8a9639d741a8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7a62a40308df1dddd4fd3916b55bde24fb50f18cf20b858c62365ee770ef48
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567f10c0fc20316bd17d2a5a7e251da84850f2294617e24fd96189af7d52ed84
568b5754961df1a0f2a68406380b1fe28743aff85c6b3f76dabc0db1fcda1eb3
5ae41cf3d75e4cf8eaf59c856e80f2d65ac0cbc0f3bbf1534ce865dce64309d3
5b1d44cdd22a100613e81b5f3d0cb5ab21376e199b4948e7a9c470c8a5b9f55b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1cdaa424c535df8806e191a90a42bdc795a237d6378664607fcef4eb98a10c
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
651ff70440e19a171c75ca856fc4e1d315627988af6129748b36c07ddbe85cce
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f98c98f1008b44be34b5c0b21e8e6c5fcb6fc8ea64f181a61909315f81a698
6b09efb8aa9423a2c9a42ab7f266effd2129f532d8f491450f6fe00925403f38
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70efb94cb6b7661eb4ebf83b5f923107cfce203f9edc70e2716538dc26fb7cfc
73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928
7afdbd52941d8372e8adcdbf24e30da7ca63a7761d90c142772be71dc635c013
7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8
7f4cf46b5503a47335ca25271b047f4610c4ded1e55e642c6097f470ecb2d25f
837931d8e29264b164889ae52f00fb11c2d89404f45f97906e5c4e78bf7c3c38
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8834e3ba46a17a042a0b7f58364b530cfa0b38f2808aa0fca17ef631d30bbf27
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
987d560888d1353cea1a8efdd87913732c88b7cbb73942c197a44a8ef2aed320
98fb47012c1bacc5af93f6b68e9785c2808b61b31a8ee40c58f35c8365eac562
99e08c4ec1888a08a676f404a3cb0e2d715d8981ab063d10313ee225399b4b1e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a328289a559acfad426bad8d264671b79908da8b3d3b6ccdf1b5d589c52d0043
a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d
a6c3ad3689ef34118c6bedae55c05d8f8b60ab6d8fbcb476d514d66ae7dd0f6c
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
b126585c866cb45e0a6f86b9d71239543e8266f272814cd4dbffccc92d1a4976
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21bf8cd38ab8e8369ecedc7f888bc80f669f167103740351d9a340e7d68a287
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
bbd8190e5283beec9e7480902969f4df8636d0b1c5f7f1c0ca5c7bef1341d4d4
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c1adbcaf7611325f71a5bd92543481e92fe997668280786bdeacadff5cff44b1
c1af6f48ed850aaf28e93595d93ad9a1df6a8ca49b312b949295acd356a87c42
c2a10177a344db880402f7ac9cd365ec2fa664d0d97c93ef54048bccd54c6f70
c7e68efbe79e4f09c49cf146c163a00a682db30768d9fdddf8541df32b41ad0c
dd31c0b46a521b86cf4e7987d86f0a32882f41398aed74e469a2f3ecb94cc92d
dd98b41a3c9e00b73c4c2d6a47a24d8a502a74914c4d3cc6c5c6cddb93d13f80
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec7454d1171f978522747043fa76b38fc2426df7fdde8f8834da863a8a38767
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee037d8a21e982c352a8f2687300d4cb90961fc846172c5b08885056f1cd4f41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
efae00f257fbdd16f945d40156928e4d796449859e1a4dc05fde50f61f61840a