Report - romsfun.com/download/mario-party-3-9593/1

Report Overview

Visited public
2024-07-20 22:37:35
Tags
URL
romsfun.com/download/mario-party-3-9593/1
Finishing URL
romsfun.com/download/mario-party-3-9593/1
IP / ASN
104.26.12.236
#13335 CLOUDFLARENET
Title
Download Mario Party 3 ROM - Nintendo 64 Game

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-20 18:15:09	1.6 kB	3.5 kB	142.250.74.131
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-07-20 18:50:20	868 B	169 kB	142.250.74.168
dt3y1f1i1disy.cloudfront.net	unknown	2008-04-25	2024-06-10 21:05:24	2024-07-05 20:02:04	1.8 kB	71 kB	143.204.42.163
ndaspiratiotyukn.com	unknown	unknown	No data	No data	950 B	1.8 kB	3.164.230.115
pogothere.xyz	unknown	2022-08-22	2022-09-04 21:11:25	2024-07-20 16:05:24	830 B	105 kB	188.114.97.1
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-20 18:12:19	2.3 kB	6.2 kB	23.36.76.226
romsfun.com	314183	2021-01-05	2021-01-06 09:53:22	2024-07-11 18:27:53	10 kB	889 kB	104.26.12.236
beliketheappyri.info	unknown	2024-04-01	2024-07-20 16:05:24	2024-07-20 16:05:24	1.6 kB	1.9 kB	104.21.44.153
getrunkhomuto.info	unknown	2024-03-31	2024-03-31 12:52:35	2024-07-20 16:05:24	922 B	1.8 kB	52.85.243.99
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2024-07-20 18:20:10	3.7 kB	25 kB	209.85.233.84

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-20	medium	getrunkhomuto.info	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	romsfun.com/download/mario-party-3-9593/1	ScriptElement	154 B	2023-03-12	2025-05-08
Pretty URL romsfun.com/download/mario-party-3-9593/1 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 11:39 Last Seen2025-05-08 08:44 Times Seen143 Hash 8d7444ba152aae0282a6738064d9bea3 c933aa5aaa985bc9cbb540da2af946e49d5ac89f 4ab58bdef37cafc6c8613216447b0d8074e0e4a133b23acaa2aeb3856aee33fe Loading...

	romsfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.9 kB	2024-08-19	2024-08-19
Pretty URL romsfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:14 Last Seen2024-08-19 16:14 Times Seen1 Hash 9d95a93fcaab2df7529b3bb06a882b64 7a687131b0d4b2d5308fea3ec74efd2c1d80d6ba 49f8a5534f6b062f76af5d9effc7c575f37fbb481eda341a7673287712e53709 Loading...

	www.googletagmanager.com/gtag/js?id=G-CXR95QZ9B0&l=dataLayer&cx=c	ScriptElement	261 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-CXR95QZ9B0&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:14 Last Seen2024-08-19 16:14 Times Seen1 Hash 89569f010a214123ff0b8221f2e4df96 1193ad20f7c33de66aa3e2472daa2f257db01e1a d5a7f74f1d63de37550fe40b7199d99b415b0a20c01870bd4eff753587f5a4f5 Loading...

	romsfun.com/wp-includes/js/jquery/jquery.js?ver=3.7.1	ScriptElement	141 kB	2023-11-16	2025-02-19
Pretty URL romsfun.com/wp-includes/js/jquery/jquery.js?ver=3.7.1 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 15:59 Last Seen2025-02-19 13:41 Times Seen133 Hash 15d149d159697f14f22caca6467e2174 22b596ae7aad63a4118c6304b9e4587b246b80a0 508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510 Loading...

	dt3y1f1i1disy.cloudfront.net/?ifytd=1058666	ScriptElement	210 kB	2024-08-19	2024-08-19
Pretty URL dt3y1f1i1disy.cloudfront.net/?ifytd=1058666 IP 143.204.42.163 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:14 Last Seen2024-08-19 16:14 Times Seen1 Hash 4f232ab04e4b4354666bfb0630d1d7ac a069c6769df9d1d7bc2ebbfa6f8daca02282dbd3 cbe251b8f0978c44942446ba46729e1f5df45b36a57d62569c85af60bcaa640c Loading...

	unknown	ScriptElement	236 B	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:14 Last Seen2024-08-19 16:14 Times Seen1 Hash 6a53e62b1e1997b71c8c1ed0de3a0796 73829b80a789e6b6b7babd3ac46596622a5cc0bd 9989efed1311ff615deeb73b199ae78a6118fdae25cef3ac2f0ecaf8e7c4ae2e Loading...

	romsfun.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1	ScriptElement	19 kB	2023-08-30	2025-02-19
Pretty URL romsfun.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-30 21:22 Last Seen2025-02-19 13:41 Times Seen98 Hash 318a8652a313c02b1d19f46b7ef1e426 afc5e61e6185848646a929a2287386a788870329 82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501 Loading...

	www.googletagmanager.com/gtag/js?id=UA-89527130-9	ScriptElement	212 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-89527130-9 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:14 Last Seen2024-08-19 16:14 Times Seen1 Hash ea5f22409458fa6925d80d0503545497 5b67d8c0b5ef81e98a160f449734f5ac76e7d9e5 b7a277aa97165b6e6288af6e342b358f561d65368511ba9376c717e840b9f50f Loading...

	romsfun.com/wp-content/themes/romsfun/js/bootstrap.min.js?ver=1.5	ScriptElement	166 kB	2023-10-24	2025-05-08
Pretty URL romsfun.com/wp-content/themes/romsfun/js/bootstrap.min.js?ver=1.5 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 03:42 Last Seen2025-05-08 08:44 Times Seen126 Hash 9c407d157bf5ffc36814e6cc948a11e9 5d598bfa7ada13784621d76d1bb907d58c20bbd0 4a090a9b8bbb0f86926f094f4f1543ba2a48b776baff36d6429f8a9639d741a8 Loading...

	romsfun.com/download/mario-party-3-9593/1	ScriptElement	102 B	2023-03-12	2025-05-08
Pretty URL romsfun.com/download/mario-party-3-9593/1 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 11:39 Last Seen2025-05-08 08:44 Times Seen142 Hash f1afecca58bbea096e1f40082c1a81d0 2d7f288793f0042033236e03a2043173d6a29cf7 79afca549552a12dcbda55428465f0e0c10952e87253bc7d4b079b8509bb1250 Loading...

	romsfun.com/download/mario-party-3-9593/sandbox%20eval%20code		147 B	2023-04-11	2025-05-14
Pretty URL romsfun.com/download/mario-party-3-9593/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-14 03:51 Times Seen342643 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-14
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-14 03:51 Times Seen341830 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	romsfun.com/download/mario-party-3-9593/1	ScriptElement	330 B	2024-08-19	2024-08-19
Pretty URL romsfun.com/download/mario-party-3-9593/1 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 16:14 Last Seen2024-08-19 16:14 Times Seen1 Hash 604d5ceeb8d465708ba204afbbb20171 cd9c8497f58bbbbdb56fc21d3e9e485e1d991e4d 7f4cfa765120ace072ed5970e34773b21969c00a9d929ee459ab4a7badd1420f Loading...

	romsfun.com/wp-content/themes/romsfun/js/site.js?ver=1.5	ScriptElement	7.3 kB	2024-01-06	2024-10-22
Pretty URL romsfun.com/wp-content/themes/romsfun/js/site.js?ver=1.5 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-06 21:02 Last Seen2024-10-22 18:45 Times Seen78 Hash d0c06ac274cc1ffad4888bc2e04ed7e2 e53ab6dfa900d7f0910f483838c3c9849833f143 3e3f5004d73e0fd91f6ec8bd3e9017a3ac49774c7af908da74daac5afe57cf3d Loading...

	romsfun.com/download/mario-party-3-9593/1	ScriptElement	921 B	2024-08-19	2024-08-19
Pretty URL romsfun.com/download/mario-party-3-9593/1 IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 16:14 Last Seen2024-08-19 16:14 Times Seen1 Hash c5cf928180613695d4a9c01d75e04160 c6bdca5493c4ddb19b7003a305a30926c3ec3015 05fff7de35adea3db1053c025d23ec31681586533114bc60c31ef4c6063bf804 Loading...

	romsfun.com/wp-content/plugins/wp-rocket/assets/js/lcp-beacon.js	ScriptElement	8.2 kB	2024-08-19	2024-08-19
Pretty URL romsfun.com/wp-content/plugins/wp-rocket/assets/js/lcp-beacon.js IP 104.26.12.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:14 Last Seen2024-08-19 16:14 Times Seen1 Hash c3db1374ce8c81d7c761a0ef26b1cd74 f39f50e23f7344a0802b6c3650034db9b458d4e8 749c25b3777ee321c668d275510a71d531906d7a3964ae53dd73ccc8f8250131 Loading...

HTTP Transactions (51)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f58a4b489ef65eff7896802c87e363e7
e7287b89b56c66407955bf95bd03133d2e5945d1
fb270cf16706247adde7efd430fe667555cb37ee35eae763593424a17c624bcd

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "FB270CF16706247ADDE7EFD430FE667555CB37EE35EAE763593424A17C624BCD"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9614
Expires: Sun, 21 Jul 2024 01:17:21 GMT
Date: Sat, 20 Jul 2024 22:37:07 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c746d0145c03aa7156aa6a21d8cd2d41
8fb7cb950f28012e8bf42cf02c7598862c66e21f
c695ccd93d9e45c8d7b4b08201a3fe45221658531fa0a54f778dadcc2479399e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C695CCD93D9E45C8D7B4B08201A3FE45221658531FA0A54F778DADCC2479399E"
Last-Modified: Thu, 18 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2628
Expires: Sat, 20 Jul 2024 23:20:55 GMT
Date: Sat, 20 Jul 2024 22:37:07 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ba83fc82f22d464fbc0a613d3224fdef
b8d2b3e057c0d01c05e3891f5b5cdaf09e001d3b
17205f996d5ce1462adb970516597f51763582906181b875e45b5b7535f38b8f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "17205F996D5CE1462ADB970516597F51763582906181B875E45B5B7535F38B8F"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4788
Expires: Sat, 20 Jul 2024 23:56:55 GMT
Date: Sat, 20 Jul 2024 22:37:07 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
42e531d59be85c09ecc215208470d19e
75ec72c8c8e1de19407837d46d2ad7119770cdb0
38125115e22a9a58bf2df205bb09ae6c6fef4948b9de15b2f15f37d19aedf6a9

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "38125115E22A9A58BF2DF205BB09AE6C6FEF4948B9DE15B2F15F37D19AEDF6A9"
Last-Modified: Thu, 18 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3117
Expires: Sat, 20 Jul 2024 23:29:04 GMT
Date: Sat, 20 Jul 2024 22:37:07 GMT
Connection: keep-alive

romsfun.com/wp-content/uploads/2023/08/LOGO.png

104.26.12.236

200 OK

1.7 kB

URL GET HTTP/2
romsfun.com/wp-content/uploads/2023/08/LOGO.png
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.7 kB (1694 bytes)
Hash
3a7fbc0e71b04ebdc7d22547eb5287ff
d7b4c81efe0f82a09d5407b91f3ad8a47ff46be3
5ae41cf3d75e4cf8eaf59c856e80f2d65ac0cbc0f3bbf1534ce865dce64309d3

HTTP Headers

GET /wp-content/uploads/2023/08/LOGO.png HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: image/webp
content-length: 1694
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3353
content-disposition: inline; filename="LOGO.webp"
etag: "64e90860-d19"
expires: Thu, 15 Aug 2024 19:13:35 GMT
last-modified: Fri, 25 Aug 2023 20:00:32 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 357813
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=osvCN4VH3qfq8dSbWMXesSi%2F%2BQhOwreirQu2pBJNW6G0odao6C7PJcdshbDWaVbNTeP%2FRu9VXwVg1cuGzuoIQorzpc8AqSNcxnIi7AjeeJUlPHB6tZQ5llK0HLkB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f201ded0afa-OSL
X-Firefox-Spdy: h2

romsfun.com/download/mario-party-3-9593/1

104.26.12.236

200 OK

17 kB

URL User Request GET HTTP/2
romsfun.com/download/mario-party-3-9593/1
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
17 kB (16597 bytes)
Hash
c72a653a592fb2f1d02ee02f17bfea20
58da06432632fad985c9e96851a7327a57f38c02
6c0648502c97765ec30321dd63db8e90215f73c0b4051de0e8513ee8447ff907

HTTP Headers

GET /download/mario-party-3-9593/1 HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 19 Jul 2024 15:30:21 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RWyf1LT%2FWgkdQxMwRMA38KTytxaBNUs1hyoZK3n2cVIWPnfVHmeJDlw720wu0RgZ6TKnhwq8hge2tIMzbswNa%2F9UChwzx49yFvVccy22biU5k%2BSsH6opJGxqZ5LH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f1dcca30afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

romsfun.com/wp-content/uploads/2023/09/download.jpeg

104.26.12.236

200 OK

16 kB

URL GET HTTP/2
romsfun.com/wp-content/uploads/2023/09/download.jpeg
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 259x194, components 3
Size
16 kB (16067 bytes)
Hash
21eff641374b709dc9339dd1477ac30d
2b19562ba1d46d2209b424f33c7ba5300bcd0d79
f7d8a65594379b6ea364a7cd88e97267f51d2447153205384cb8160f5b262a89

HTTP Headers

GET /wp-content/uploads/2023/09/download.jpeg HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: image/jpeg
content-length: 16067
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: origSize=16584, status=webp_bigger
etag: "650ee51a-40c8"
expires: Mon, 12 Aug 2024 22:18:16 GMT
last-modified: Sat, 23 Sep 2023 13:16:10 GMT
pragma: public
cf-cache-status: HIT
age: 605932
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2BVUk3JjtjUt8jXbnQPCwQE0N%2Bxv%2FtoIm73L9vIRq0nc6yQQbNk6Aj6B2NAxuqS6F3AzmB7YPDsC68OUhc3ykJz3XnIjKuiTtEP2W1Jo1KqAfL6Wehgk5drihpQ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a666f201df00afa-OSL
X-Firefox-Spdy: h2

romsfun.com/wp-content/uploads/2023/08/Doubutsu-Banchou-300x88.jpg

104.26.12.236

200 OK

12 kB

URL GET HTTP/2
romsfun.com/wp-content/uploads/2023/08/Doubutsu-Banchou-300x88.jpg
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11496 bytes)
Hash
d489c53943e112fc426bcd62a6b55fc2
7635f11d40d96eb27bb9584067127a6bdb502d41
55e75edc9a2dfe54ba89d478db13b6ec7ad8d826125b44d9408bb3f80fd2ac27

HTTP Headers

GET /wp-content/uploads/2023/08/Doubutsu-Banchou-300x88.jpg HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: image/webp
content-length: 11496
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=19195
content-disposition: inline; filename="Doubutsu-Banchou-300x88.webp"
etag: "64e451c2-4afb"
expires: Sat, 10 Aug 2024 20:51:48 GMT
last-modified: Tue, 22 Aug 2023 06:12:18 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 783920
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WgGtsVkPwPHwFJvJWRT4feAUxyVoetXjKk%2BwkSVzm3kfOk9yawWC%2B082TmhOspQGyhPwp5%2BUslU1HR8qyxB1JgQpx7d6cW70ygmnDBCWiDbI79lEh8TnomaPh8O0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f202e060afa-OSL
X-Firefox-Spdy: h2

romsfun.com/wp-content/uploads/2023/09/Doshin-the-Giant-1-300x300.png

104.26.12.236

200 OK

121 kB

URL GET HTTP/2
romsfun.com/wp-content/uploads/2023/09/Doshin-the-Giant-1-300x300.png
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
121 kB (121298 bytes)
Hash
75722f54cd42ea2f9a226a75b1d951cf
eed140772eb7c751d1d84ccff879a5b3574a0342
6b336f47442b757f28658bab345adf00b6e31ff934875e09bad123302c595d35

HTTP Headers

GET /wp-content/uploads/2023/09/Doshin-the-Giant-1-300x300.png HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: image/webp
content-length: 121298
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=181508
content-disposition: inline; filename="Doshin-the-Giant-1-300x300.webp"
etag: "650ef40e-2c504"
expires: Sat, 10 Aug 2024 20:51:48 GMT
last-modified: Sat, 23 Sep 2023 14:19:58 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 783920
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HikU6pMGILt9JDR%2FtVuLmQP1VrT%2FUcrH8W0YpGMLahm71g38lNyXlio9DuvzjFGRWmt59tTCR5xNXHLK3DUAjAonWXR0YssWfuo7csRZ06ErdLS0%2F3uHr%2FkNRijZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f202e070afa-OSL
X-Firefox-Spdy: h2

romsfun.com/wp-content/uploads/2023/09/F-Zero-X-Expansion-Kit-300x300.jpeg

104.26.12.236

200 OK

14 kB

URL GET HTTP/2
romsfun.com/wp-content/uploads/2023/09/F-Zero-X-Expansion-Kit-300x300.jpeg
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
14 kB (14358 bytes)
Hash
4d8883b32520309bc5410e96b802d229
24d3a2a1e9180ee5619a004d0804e2de8fdb1f05
a3127feeddcfe4b1f5325c3ec7f50e98bce6e94cc171e591ede0374a70e5a852

HTTP Headers

GET /wp-content/uploads/2023/09/F-Zero-X-Expansion-Kit-300x300.jpeg HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: image/webp
content-length: 14358
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=18063
content-disposition: inline; filename="F-Zero-X-Expansion-Kit-300x300.webp"
etag: "650ef4a5-468f"
expires: Sat, 10 Aug 2024 20:51:48 GMT
last-modified: Sat, 23 Sep 2023 14:22:29 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 783920
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UABZKgsJ0Ry%2BXRaanTaeuzjZ2t%2Bgszg4%2FkL84vztY4QFZGiJ1qYX7FA4OSZf85s0yzXNPdWHxcapEeRDIhoz56D9NM0JrvQKwpUa%2B6woHzQs59bsrUOzHoJmBq8a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f202e080afa-OSL
X-Firefox-Spdy: h2

romsfun.com/wp-content/uploads/2023/09/J.League-Live-64-300x421.jpg

104.26.12.236

200 OK

32 kB

URL GET HTTP/2
romsfun.com/wp-content/uploads/2023/09/J.League-Live-64-300x421.jpg
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x421, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (32548 bytes)
Hash
803afd7d0637d15a98fea2450c1b07c4
cf5c245020efb52558651c894dc819b6bb2c53f9
878cd2d7fc83d59da4789aaf79b80f2d42cdd0a03ff30c9da1267fea9c47cd90

HTTP Headers

GET /wp-content/uploads/2023/09/J.League-Live-64-300x421.jpg HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: image/webp
content-length: 32548
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=36762
content-disposition: inline; filename="J.webp"
etag: "64fb296f-8f9a"
expires: Mon, 12 Aug 2024 22:18:22 GMT
last-modified: Fri, 08 Sep 2023 14:02:23 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 605925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mYkCWu1KwTvLvHM964ptMVbClbqLggq57OFb8K34gjpZtA3I1ISLmutZJYmmseF864V5JF46m%2BcORs858QcZ%2FXb739w2DyQvcv%2BWr%2B5ajoiNFM6z53TAboCu%2F9Zz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f202e0b0afa-OSL
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
518e6f4b653879f86c4dfbdfd3e37ccf
155ac7a6133ea7ecbc5d983e14c0d83369f6b662
2135725772ad516923a8d295f477d22cdf5317294615fcd8dc269a961601fa8d

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 Jul 2024 22:37:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-89527130-9

142.250.74.168

200 OK

76 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-89527130-9
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintB3:23:88:EF:34:69:5A:0C:81:CE:02:E2:E3:19:FE:95:71:75:A1:14
ValidityMon, 24 Jun 2024 06:35:05 GMT - Mon, 16 Sep 2024 06:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
76 kB (76361 bytes)
Hash
ea5f22409458fa6925d80d0503545497
5b67d8c0b5ef81e98a160f449734f5ac76e7d9e5
b7a277aa97165b6e6288af6e342b358f561d65368511ba9376c717e840b9f50f

HTTP Headers

GET /gtag/js?id=UA-89527130-9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 Jul 2024 22:37:08 GMT
expires: Sat, 20 Jul 2024 22:37:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 20 Jul 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dt3y1f1i1disy.cloudfront.net/?ifytd=1058666

143.204.42.163

200 OK

69 kB

URL GET HTTP/2
dt3y1f1i1disy.cloudfront.net/?ifytd=1058666
IP
143.204.42.163:443
ASN
#16509 AMAZON-02

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
69 kB (69356 bytes)
Hash
4f232ab04e4b4354666bfb0630d1d7ac
a069c6769df9d1d7bc2ebbfa6f8daca02282dbd3
cbe251b8f0978c44942446ba46729e1f5df45b36a57d62569c85af60bcaa640c

HTTP Headers

GET /?ifytd=1058666 HTTP/1.1
Host: dt3y1f1i1disy.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 69356
date: Sat, 20 Jul 2024 22:37:08 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XBjZLfHnsVuTXhs29K_h0GuYXa2DVcoJvVF1E6jExEOxM9wUVfJ1MQ==
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
518e6f4b653879f86c4dfbdfd3e37ccf
155ac7a6133ea7ecbc5d983e14c0d83369f6b662
2135725772ad516923a8d295f477d22cdf5317294615fcd8dc269a961601fa8d

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 Jul 2024 22:37:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-CXR95QZ9B0&l=dataLayer&cx=c

142.250.74.168

200 OK

92 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-CXR95QZ9B0&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintB3:23:88:EF:34:69:5A:0C:81:CE:02:E2:E3:19:FE:95:71:75:A1:14
ValidityMon, 24 Jun 2024 06:35:05 GMT - Mon, 16 Sep 2024 06:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
92 kB (91793 bytes)
Hash
89569f010a214123ff0b8221f2e4df96
1193ad20f7c33de66aa3e2472daa2f257db01e1a
d5a7f74f1d63de37550fe40b7199d99b415b0a20c01870bd4eff753587f5a4f5

HTTP Headers

GET /gtag/js?id=G-CXR95QZ9B0&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 Jul 2024 22:37:08 GMT
expires: Sat, 20 Jul 2024 22:37:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

romsfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.12.236

302 Found

0 B

URL GET HTTP/2
romsfun.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sat, 20 Jul 2024 22:37:09 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
cache-control: max-age: 300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9D3d%2Bn6skoF92ctXpKf8MYSTKOCQFIbhuE3pf7ub1HKfihbmvUaU0LiI7wVsvDUBYqMS%2FvpJO4SUl4l%2BLhZZaesUHTQ4ggZy%2BS%2Blj%2F5yeLTOCeWgsTgq9riO7ut"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a666f234ffe0afa-OSL
X-Firefox-Spdy: h2

beliketheappyri.info/cHZ0WDRfSRcrCSkhF2hlGhImAEMIDzY0XBY3LDt2JkdMFlcHQlIsXRRLRWgBSEBCbhIAHxBlBVYFADlABQVJaRIZGBI3CVYASWkaQ0JaawJeQlItCUFQAChVF0tFfkQEAhhlBUdERW0FRUZGYAxJRA

104.21.44.153

204 No Content

0 B

URL GET HTTP/2
beliketheappyri.info/cHZ0WDRfSRcrCSkhF2hlGhImAEMIDzY0XBY3LDt2JkdMFlcHQlIsXRRLRWgBSEBCbhIAHxBlBVYFADlABQVJaRIZGBI3CVYASWkaQ0JaawJeQlItCUFQAChVF0tFfkQEAhhlBUdERW0FRUZGYAxJRA
IP
104.21.44.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerLet's Encrypt
Subjectbeliketheappyri.info
Fingerprint6F:F2:A9:B8:9A:56:D4:88:8A:37:CD:39:33:4A:6E:16:B5:6D:40:05
ValidityThu, 30 May 2024 09:44:23 GMT - Wed, 28 Aug 2024 09:44:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cHZ0WDRfSRcrCSkhF2hlGhImAEMIDzY0XBY3LDt2JkdMFlcHQlIsXRRLRWgBSEBCbhIAHxBlBVYFADlABQVJaRIZGBI3CVYASWkaQ0JaawJeQlItCUFQAChVF0tFfkQEAhhlBUdERW0FRUZGYAxJRA HTTP/1.1
Host: beliketheappyri.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 20 Jul 2024 22:37:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bmunZciXvyjuKfssRwueesx3RdxpOIWnLL6qnTRa5o%2B5q%2F6H1nPUoCV8gxsE8SDKjq4nS6neg0e9h8RUNKQTc9qyC44oR6UG9LcquESGRh78RlzECDdI3ddHa9iYSFtBSfjliDBlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f232e4956b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

beliketheappyri.info/c3YzNjFcSVBFDCkyaXRTQQ5hcgIhF2tgcDIVAgNoJhEGBmZCJxVCWBdLAgYES08DBBcDH1cLAEtQQEJQBwNACwBVH11QXk5QRQsAXUYdBB9GUEYLAFUCQ1dWTkcVRkUHGg4HBkFHBgcEQ0QLDwNC

104.21.44.153

204 No Content

0 B

URL GET HTTP/2
beliketheappyri.info/c3YzNjFcSVBFDCkyaXRTQQ5hcgIhF2tgcDIVAgNoJhEGBmZCJxVCWBdLAgYES08DBBcDH1cLAEtQQEJQBwNACwBVH11QXk5QRQsAXUYdBB9GUEYLAFUCQ1dWTkcVRkUHGg4HBkFHBgcEQ0QLDwNC
IP
104.21.44.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerLet's Encrypt
Subjectbeliketheappyri.info
Fingerprint6F:F2:A9:B8:9A:56:D4:88:8A:37:CD:39:33:4A:6E:16:B5:6D:40:05
ValidityThu, 30 May 2024 09:44:23 GMT - Wed, 28 Aug 2024 09:44:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c3YzNjFcSVBFDCkyaXRTQQ5hcgIhF2tgcDIVAgNoJhEGBmZCJxVCWBdLAgYES08DBBcDH1cLAEtQQEJQBwNACwBVH11QXk5QRQsAXUYdBB9GUEYLAFUCQ1dWTkcVRkUHGg4HBkFHBgcEQ0QLDwNC HTTP/1.1
Host: beliketheappyri.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 20 Jul 2024 22:37:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QuA%2FYDbeAayeQ%2BA%2FFvy%2Boc2W4F4KWGaJ9avs%2Bf6wusAAkafgRkhDJ7hzH3VnclZNlGLOEyDSITpxzr4l4Tn5R4bKcw1KJ0CGJFO8mykcQ2Fr%2BM1T%2Bg67sBz7vBUlrBiuRNvQ3pa35g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f234e5656b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ndaspiratiotyukn.com/dTBpcjIUUgofDRQNC1RHB1xUVwAzFVs0VgEDEENURFlYFlsGSUcRXhpFDRRAGl4dXFwQRExAdD1TLRpoIAI4JmQPU1glRSdiOSUHI2EoQ1ovZiM1ehxbATNgLHYiCEU/cVhGQSVlBiZkD2JYNlU7aCcLfC93OEJnOkgeOFMfRwojVSdzOSUHIGYFIwYlYSc8eh9HUDACRXoPCHs0dQ4kRhFiKDNkD3ocNEo7ZiI2ezN1PAEKOFsgNGUiYUxAcDZHGSB8IQgvJGMaVjMZQjR4PgZYIXEOOFM9ajE/WkRCMAVVL2YABUAkZSA7eyJEOj5FQEQNHlEMeD5fRh92DitWFFgjFmAdahkXWTNzKjYGR3IRBmoTdywbYxJYBisDJ3IqNVpHZgIwVzhzLDB0GVMBFl4sAiglC0xmLyh8L3cgVFgGXwcCDxwFJBpKDGIMPQ

3.164.230.115

200 OK

1.2 kB

URL GET HTTP/2
ndaspiratiotyukn.com/dTBpcjIUUgofDRQNC1RHB1xUVwAzFVs0VgEDEENURFlYFlsGSUcRXhpFDRRAGl4dXFwQRExAdD1TLRpoIAI4JmQPU1glRSdiOSUHI2EoQ1ovZiM1ehxbATNgLHYiCEU/cVhGQSVlBiZkD2JYNlU7aCcLfC93OEJnOkgeOFMfRwojVSdzOSUHIGYFIwYlYSc8eh9HUDACRXoPCHs0dQ4kRhFiKDNkD3ocNEo7ZiI2ezN1PAEKOFsgNGUiYUxAcDZHGSB8IQgvJGMaVjMZQjR4PgZYIXEOOFM9ajE/WkRCMAVVL2YABUAkZSA7eyJEOj5FQEQNHlEMeD5fRh92DitWFFgjFmAdahkXWTNzKjYGR3IRBmoTdywbYxJYBisDJ3IqNVpHZgIwVzhzLDB0GVMBFl4sAiglC0xmLyh8L3cgVFgGXwcCDxwFJBpKDGIMPQ
IP
3.164.230.115:443
ASN
#0

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerAmazon
Subjectndaspiratiotyukn.com
Fingerprint9A:D3:E5:04:6B:7B:4E:6D:F5:35:F7:FD:2B:BC:E3:52:F4:B0:60:C7
ValidityTue, 18 Jun 2024 00:00:00 GMT - Thu, 17 Jul 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3034), with no line terminators
Size
1.2 kB (1186 bytes)
Hash
898e4e03508766416eee7f21047ba471
263404371cddaddd3aa86c114f7ed4cdcf9791ff
6bc15f7d83616dc01f0f4bc5875348d2d3bf2219850355f13bf84b809ec4cf12

HTTP Headers

GET /dTBpcjIUUgofDRQNC1RHB1xUVwAzFVs0VgEDEENURFlYFlsGSUcRXhpFDRRAGl4dXFwQRExAdD1TLRpoIAI4JmQPU1glRSdiOSUHI2EoQ1ovZiM1ehxbATNgLHYiCEU/cVhGQSVlBiZkD2JYNlU7aCcLfC93OEJnOkgeOFMfRwojVSdzOSUHIGYFIwYlYSc8eh9HUDACRXoPCHs0dQ4kRhFiKDNkD3ocNEo7ZiI2ezN1PAEKOFsgNGUiYUxAcDZHGSB8IQgvJGMaVjMZQjR4PgZYIXEOOFM9ajE/WkRCMAVVL2YABUAkZSA7eyJEOj5FQEQNHlEMeD5fRh92DitWFFgjFmAdahkXWTNzKjYGR3IRBmoTdywbYxJYBisDJ3IqNVpHZgIwVzhzLDB0GVMBFl4sAiglC0xmLyh8L3cgVFgGXwcCDxwFJBpKDGIMPQ HTTP/1.1
Host: ndaspiratiotyukn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1186
date: Sat, 20 Jul 2024 22:37:09 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 cdd16a503d54c28f3f13bc34669e77be.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: yrxWsUow2l47u2oQTxtKMwBqXkft5Ysayhg8_oQSZd5JP_ccxRlOQw==
X-Firefox-Spdy: h2

getrunkhomuto.info/VW92UTk0DRU8BjRSFHdMJwNLdAsTSkQXXSFcD2BfZAZHNVAmFlgyVToaEjdLOgECf1cwG1NjfwciGxtYNys8A30BPj0VbAwjJj18ES4aNVADPj8QaxYAEwcIBwk9EHczPicATxQHDgN9AQs9BnwQITgTTgU6Rx9LEjckFnMECEcXfAw2Jj18Fik3ZQ4UAyMBaxFXNQRobDsQEAgCOjBoTAYEEgVhLwwyAn8mIDg2CQ0uNQNPBAg/CWwSHzMCXhs7EGAAIilHE0gUKQIyfywlPBB4HA4vPUkhLTALHGcpLmJ4DToxPlwHLRIDfmQ6Mxl/HxUlAHgWLSJ8AQU4IGBxNCwZEHg5IQcJeBgsI2IAMC4aAHUeLhoEYQcfU2N/DQEnHW8dPRUXfDEJFyYfPxwZP0loDkdgTBMbMQNg

52.85.243.99

200 OK

1.2 kB

URL GET HTTP/2
getrunkhomuto.info/VW92UTk0DRU8BjRSFHdMJwNLdAsTSkQXXSFcD2BfZAZHNVAmFlgyVToaEjdLOgECf1cwG1NjfwciGxtYNys8A30BPj0VbAwjJj18ES4aNVADPj8QaxYAEwcIBwk9EHczPicATxQHDgN9AQs9BnwQITgTTgU6Rx9LEjckFnMECEcXfAw2Jj18Fik3ZQ4UAyMBaxFXNQRobDsQEAgCOjBoTAYEEgVhLwwyAn8mIDg2CQ0uNQNPBAg/CWwSHzMCXhs7EGAAIilHE0gUKQIyfywlPBB4HA4vPUkhLTALHGcpLmJ4DToxPlwHLRIDfmQ6Mxl/HxUlAHgWLSJ8AQU4IGBxNCwZEHg5IQcJeBgsI2IAMC4aAHUeLhoEYQcfU2N/DQEnHW8dPRUXfDEJFyYfPxwZP0loDkdgTBMbMQNg
IP
52.85.243.99:443
ASN
#16509 AMAZON-02

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerAmazon
Subjectgetrunkhomuto.info
Fingerprint07:6C:15:28:EC:56:65:DE:8C:55:1C:BF:A5:DB:7B:96:8F:38:56:0E
ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3013), with no line terminators
Size
1.2 kB (1167 bytes)
Hash
51de86cc002af061b7773c7410618ee7
e53529277f67e26b3034efa014706ca91c2b2e29
9466af4203be96188c5684e20777d489815f967cc100146f5ae08387a5d881c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /VW92UTk0DRU8BjRSFHdMJwNLdAsTSkQXXSFcD2BfZAZHNVAmFlgyVToaEjdLOgECf1cwG1NjfwciGxtYNys8A30BPj0VbAwjJj18ES4aNVADPj8QaxYAEwcIBwk9EHczPicATxQHDgN9AQs9BnwQITgTTgU6Rx9LEjckFnMECEcXfAw2Jj18Fik3ZQ4UAyMBaxFXNQRobDsQEAgCOjBoTAYEEgVhLwwyAn8mIDg2CQ0uNQNPBAg/CWwSHzMCXhs7EGAAIilHE0gUKQIyfywlPBB4HA4vPUkhLTALHGcpLmJ4DToxPlwHLRIDfmQ6Mxl/HxUlAHgWLSJ8AQU4IGBxNCwZEHg5IQcJeBgsI2IAMC4aAHUeLhoEYQcfU2N/DQEnHW8dPRUXfDEJFyYfPxwZP0loDkdgTBMbMQNg HTTP/1.1
Host: getrunkhomuto.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1167
date: Sat, 20 Jul 2024 22:37:09 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 23c0f38b3232ce0b791a0dc79e0ef642.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: yScfT0RPLSNGSP4oNwTHn-LMp90gNO9ybNVEh6YJ3Z2yHC9c33fIMw==
X-Firefox-Spdy: h2

romsfun.com/wp-content/uploads/2021/04/rom.png

104.26.12.236

200 OK

2.2 kB

URL GET HTTP/2
romsfun.com/wp-content/uploads/2021/04/rom.png
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.2 kB (2190 bytes)
Hash
1b5e7bd99bf310a9d5575beb97666a3c
73b50e331febba5ff84766c56fa588f84db4e4b0
bb96f443457bf44cd8eee169af1332c830091ed89861e4365895181734eee316

HTTP Headers

GET /wp-content/uploads/2021/04/rom.png HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:09 GMT
content-type: image/webp
content-length: 2190
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2591
content-disposition: inline; filename="rom.webp"
etag: "617d7bd1-a1f"
expires: Fri, 16 Aug 2024 21:09:47 GMT
last-modified: Sat, 30 Oct 2021 17:07:29 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 264442
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnHYIJRc7b6K6ib%2FNI35m9kMU1vGpttzwD94PC7QUm85IYrI6vtLMpBgq8%2FtjyClUhwM1EfiOMSw%2B%2F83UyvEHDqp0%2BHqx2oPC5BxVQaRyVamQu9D4Fsj1EPBlN3h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f24b8ef0afa-OSL
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4676d6651de4496c787f16cc7d33577
cc7031cb2f08500a0b20842fcea7519b86910638
af2d83a9d8d20dd17dfa2fae7221834cdc9f4aab9c2aa929f2b5313ed734e22b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 Jul 2024 22:37:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

romsfun.com/cdn-cgi/challenge-platform/h/b/jsd/r/8a666f1dcca30afa

104.26.12.236

200 OK

0 B

URL POST HTTP/2
romsfun.com/cdn-cgi/challenge-platform/h/b/jsd/r/8a666f1dcca30afa
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8a666f1dcca30afa HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12169
Origin: https://romsfun.com
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.romsfun.com; HttpOnly; Secure; SameSite=None
cf_clearance=38UXAEhaKmpT6PrOtFe7Wu91Fh7pVlorGy9Bfsgk9Ig-1721515029-1.0.1.1-7vt3x9JBj67O3ZWGVKRz6NM8XASvNhmMLx7Bcpf8GllO1CQ9GhmtZ.z1QBgCu.6V_csxWmhokJHjzFcxGeBaXA; Path=/; Expires=Sun, 20-Jul-25 22:37:09 GMT; Domain=.romsfun.com; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pIx8xT0LbKcWKl%2FiLhUchQRwXJjOUNxdJ%2FyEE5oWjfP6E67YZ8x%2FRCAD6GaH%2FWm%2FPL4cGnHBUpSXhx0S5jSPrMACFTezIVYyGTbwiUe0Kq7eIVrcM5FOFIClCWzt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f25392b0afa-OSL
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4676d6651de4496c787f16cc7d33577
cc7031cb2f08500a0b20842fcea7519b86910638
af2d83a9d8d20dd17dfa2fae7221834cdc9f4aab9c2aa929f2b5313ed734e22b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 Jul 2024 22:37:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

209.85.233.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
209.85.233.84:443
ASN
#15169 GOOGLE

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintE2:52:AA:6E:92:43:2F:32:CB:C1:B1:82:05:66:27:C2:39:65:26:78
ValidityMon, 24 Jun 2024 07:42:42 GMT - Mon, 16 Sep 2024 07:42:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:gWreQ-UESluD-Pjpq70GSbbqiLL0cA:_oIagnPCIhAu7pgu; Expires=Mon, 20-Jul-2026 22:37:09 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Jul 2024 22:37:09 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I74XjdosGimRHbMN-AZckAARAViqpQPKc5hyaZwyqpUr6dCmoIZG_cqxVlEjNUDdil1w2iwiRA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-rpB7tAALmnxXp0uIMYtemA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

209.85.233.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
209.85.233.84:443
ASN
#15169 GOOGLE

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintE2:52:AA:6E:92:43:2F:32:CB:C1:B1:82:05:66:27:C2:39:65:26:78
ValidityMon, 24 Jun 2024 07:42:42 GMT - Mon, 16 Sep 2024 07:42:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:6GIi2LzXDwBoUTC1JVmVQMfEFi0x9A:hnPjoQeHkjsWttlM; Expires=Mon, 20-Jul-2026 22:37:09 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Jul 2024 22:37:09 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I75wWRJVFh3IgGKpGyrLEpz3CcB7QztVfeJk7hlQ1PaohNn-1EB4UouDT0CqS95ez2M6nPXSUA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-A-Jve63mQsmDt9Kkft1mnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I74XjdosGimRHbMN-AZckAARAViqpQPKc5hyaZwyqpUr6dCmoIZG_cqxVlEjNUDdil1w2iwiRA

209.85.233.84

302 Found

419 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I74XjdosGimRHbMN-AZckAARAViqpQPKc5hyaZwyqpUr6dCmoIZG_cqxVlEjNUDdil1w2iwiRA
IP
209.85.233.84:443
ASN
#15169 GOOGLE

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintE2:52:AA:6E:92:43:2F:32:CB:C1:B1:82:05:66:27:C2:39:65:26:78
ValidityMon, 24 Jun 2024 07:42:42 GMT - Mon, 16 Sep 2024 07:42:41 GMT

File type
HTML document, ASCII text, with very long lines (389)
Size
419 B (419 bytes)
Hash
1de352502aba91fe30d4920e02dd1539
c12ea3d879dfe294dfb8c3b80305faa7c22127a3
54388e29045c7fc0da8158095171edb18b8c2770631e06510cb32bd976d778f4

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I74XjdosGimRHbMN-AZckAARAViqpQPKc5hyaZwyqpUr6dCmoIZG_cqxVlEjNUDdil1w2iwiRA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://romsfun.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:9Z62HTT9RCJB9tAJ1C68dFSAJVc5_Q:qduqPUdXDn64mou5;Path=/;Expires=Mon, 20-Jul-2026 22:37:09 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Jul 2024 22:37:09 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76NzlfLVWiDKLFFc-6D8Opw6EPrGkUs_n-v1ZU9y8Kejt6QBko14OIKvZwGips6oBL07A1biA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S151462727%3A1721515029422126&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-DhfulIN2chYNZe6Zg7u__g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a8f22dbe4efeb2eb57de7d47d04337a8
4a95482b20ea50c4d6de169adc042e8ebff32023
287c8356108b54286b6b02bc9d3cf07d6817ec17c6a981c3cc877854fdd0f5be

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 Jul 2024 22:37:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dt3y1f1i1disy.cloudfront.net/HcDhZU2QTVzc1WwRRPW5VQA1hZVJGHikhARYFKzwJA14sPUoTVzR1DgNXNyNZGQ0UOxwJajwcQgRCPW5UVlQ4PQNNHjw9B00JfzIAEgVtdRAAVzJuFxNVKDIFEUs8MkIFWWQ+CwpRNT8FVQofZkpAHWtjTAgJaHZXMh1rYwgZViwrQUIIIWtSLw5tdlcyHW-tjFgYdahJdRhZpekFCCD42BxtXfGEiQghoY1RBCGh2VkBeMCEBFlchdlY2AW99VFZNZGI

143.204.42.163

583 B

URL
dt3y1f1i1disy.cloudfront.net/HcDhZU2QTVzc1WwRRPW5VQA1hZVJGHikhARYFKzwJA14sPUoTVzR1DgNXNyNZGQ0UOxwJajwcQgRCPW5UVlQ4PQNNHjw9B00JfzIAEgVtdRAAVzJuFxNVKDIFEUs8MkIFWWQ+CwpRNT8FVQofZkpAHWtjTAgJaHZXMh1rYwgZViwrQUIIIWtSLw5tdlcyHW-tjFgYdahJdRhZpekFCCD42BxtXfGEiQghoY1RBCGh2VkBeMCEBFlchdlY2AW99VFZNZGI
IP
143.204.42.163:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (845), with no line terminators
Size
583 B (583 bytes)
Hash
21e52642240a18a89b58bb2482e8e79e
67c2f8c838b263e0c091b90c2203ea66989874b3
2cf665dbc6e8982370074ec321f10a967b9293214071aa30fcb0ea56a1590525

HTTP Headers

GET /HcDhZU2QTVzc1WwRRPW5VQA1hZVJGHikhARYFKzwJA14sPUoTVzR1DgNXNyNZGQ0UOxwJajwcQgRCPW5UVlQ4PQNNHjw9B00JfzIAEgVtdRAAVzJuFxNVKDIFEUs8MkIFWWQ+CwpRNT8FVQofZkpAHWtjTAgJaHZXMh1rYwgZViwrQUIIIWtSLw5tdlcyHW-tjFgYdahJdRhZpekFCCD42BxtXfGEiQghoY1RBCGh2VkBeMCEBFlchdlY2AW99VFZNZGI HTTP/1.1
Host: dt3y1f1i1disy.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ndaspiratiotyukn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 583
date: Sat, 20 Jul 2024 22:37:09 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gTemgwZj0ouh_jgCCFT9G6XgWPbdlnfVwai9CPHBfIFO-4ZpSpCo3g==
X-Firefox-Spdy: h2

dt3y1f1i1disy.cloudfront.net/RMmJabDJRDTQKDUYLPlEDAldiVQIARCoeV1RfKANfQQQvAhxRDTdKWEENNBwPU1NrGXRGJQg1FEYYPlECFA47AlUPRD8CUQ9TfA1WUF9uSkdTXzcDSFsONg0XACRvQgIXUGpESgNTf19wF1BqAFtcFyJJAAIaYlptBFZ/X3AXUGoeRBdRG1UEHFJzSQACBT-8PWV1HaCoAAlNqXAMCU39eAlQLKAlUXRp/XnQLVHRcFEdfaw

143.204.42.163

192 B

URL
dt3y1f1i1disy.cloudfront.net/RMmJabDJRDTQKDUYLPlEDAldiVQIARCoeV1RfKANfQQQvAhxRDTdKWEENNBwPU1NrGXRGJQg1FEYYPlECFA47AlUPRD8CUQ9TfA1WUF9uSkdTXzcDSFsONg0XACRvQgIXUGpESgNTf19wF1BqAFtcFyJJAAIaYlptBFZ/X3AXUGoeRBdRG1UEHFJzSQACBT-8PWV1HaCoAAlNqXAMCU39eAlQLKAlUXRp/XnQLVHRcFEdfaw
IP
143.204.42.163:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
192 B (192 bytes)
Hash
e61f06f60baa12e1a8c14beeeb0155cf
ec0b6c7d844446affe32f16a436d639df52fc046
e27e0d96a0d19384aa8c62d23c86975707668d199b88f3a39ce5c73c68e703ec

HTTP Headers

GET /RMmJabDJRDTQKDUYLPlEDAldiVQIARCoeV1RfKANfQQQvAhxRDTdKWEENNBwPU1NrGXRGJQg1FEYYPlECFA47AlUPRD8CUQ9TfA1WUF9uSkdTXzcDSFsONg0XACRvQgIXUGpESgNTf19wF1BqAFtcFyJJAAIaYlptBFZ/X3AXUGoeRBdRG1UEHFJzSQACBT-8PWV1HaCoAAlNqXAMCU39eAlQLKAlUXRp/XnQLVHRcFEdfaw HTTP/1.1
Host: dt3y1f1i1disy.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getrunkhomuto.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 192
date: Sat, 20 Jul 2024 22:37:09 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KdkEmgECkY_4yb9Fdq2k-AmUlLiZcfaPbf1bDnvzeDH4pNcfw_2ANw==
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I75wWRJVFh3IgGKpGyrLEpz3CcB7QztVfeJk7hlQ1PaohNn-1EB4UouDT0CqS95ez2M6nPXSUA

209.85.233.84

302 Found

423 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I75wWRJVFh3IgGKpGyrLEpz3CcB7QztVfeJk7hlQ1PaohNn-1EB4UouDT0CqS95ez2M6nPXSUA
IP
209.85.233.84:443
ASN
#15169 GOOGLE

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint0B:28:0E:1B:FF:FC:C8:1B:AF:D7:4E:50:F3:EE:75:59:BB:D5:46:24
ValidityMon, 24 Jun 2024 06:35:44 GMT - Mon, 16 Sep 2024 06:35:43 GMT

File type
HTML document, ASCII text, with very long lines (393)
Size
423 B (423 bytes)
Hash
24c34415704b47e0efdc3cf4e2d1405c
fe5a030fd4c48fb218f77cd87b3e82feaad44354
5724ae1aa42cf0b88df2cc2348ae236b94b89107b6fc9e8e157b39b6ecc7d643

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I75wWRJVFh3IgGKpGyrLEpz3CcB7QztVfeJk7hlQ1PaohNn-1EB4UouDT0CqS95ez2M6nPXSUA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://romsfun.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:ajcCip3HpmPu3i__0VfHmYF2HUQmLw:c7ERXZ7EXCZYbjMR;Path=/;Expires=Mon, 20-Jul-2026 22:37:09 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Jul 2024 22:37:09 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I75e_ljWbyEdYQIcIiODjmcqYRdhB97uSoz2MTy1yPSRcDjNIOjKGOYBmkCFvd9Sbk9dNXxnVA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705564429%3A1721515029580744&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-cQK26HQeotA7s8k6iUCHQw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 423
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

beliketheappyri.info/popunder.gif

104.21.44.153

58 B

URL GET
beliketheappyri.info/popunder.gif
IP
104.21.44.153:0
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerLet's Encrypt
Subjectbeliketheappyri.info
Fingerprint6F:F2:A9:B8:9A:56:D4:88:8A:37:CD:39:33:4A:6E:16:B5:6D:40:05
ValidityThu, 30 May 2024 09:44:23 GMT - Wed, 28 Aug 2024 09:44:22 GMT

File type
GIF image data, version 89a, 1 x 1
Size
58 B (58 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: beliketheappyri.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 20 Jul 2024 22:37:09 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 49269
last-modified: Sat, 20 Jul 2024 08:56:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSa%2BITgMDOPEhNJiWhSl9HTNG3xeK0Yuk6LVTOIuIMjjsgf1VUXHd7ZdjyHNwe%2FueHJ71aAzFVX1Khe2TIPLqjczixNHoQsVRj2oPD8O4nK5wRfbiX5lEyNrQVup5CkmYmdTjQiI%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a666f295f89b51d-OSL
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9041c7b14ed56a170760ee187e59cb3d
4334c89d4af87a7d10b7cfd712cf6494bcbf2f04
da6d4b1554585f827dbf6b29b44389dc9d1b7ea24ac0bc5b078dcc7fc5c4e148

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DA6D4B1554585F827DBF6B29B44389DC9D1B7EA24AC0BC5B078DCC7FC5C4E148"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3991
Expires: Sat, 20 Jul 2024 23:43:41 GMT
Date: Sat, 20 Jul 2024 22:37:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9041c7b14ed56a170760ee187e59cb3d
4334c89d4af87a7d10b7cfd712cf6494bcbf2f04
da6d4b1554585f827dbf6b29b44389dc9d1b7ea24ac0bc5b078dcc7fc5c4e148

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DA6D4B1554585F827DBF6B29B44389DC9D1B7EA24AC0BC5B078DCC7FC5C4E148"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3991
Expires: Sat, 20 Jul 2024 23:43:41 GMT
Date: Sat, 20 Jul 2024 22:37:10 GMT
Connection: keep-alive

pogothere.xyz/

188.114.97.1

200 OK

533 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
FingerprintD5:05:90:24:44:B6:41:18:9C:8A:33:A9:4D:BD:A0:53:55:33:EF:4D
ValiditySat, 25 May 2024 04:51:26 GMT - Fri, 23 Aug 2024 04:51:25 GMT

File type
ASCII text, with no line terminators
Size
533 B (533 bytes)
Hash
e85565812a6ac3afc8d40e1c131ede1a
14ab5589cedd7d1e98627bdf257d63e01c0a6b5c
146088f127c0c20978dbb480b5bf9442d61ea24a110788c9d061c8e21e48ea89

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://romsfun.com/
Origin: https://romsfun.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:09 GMT
content-type: text/plain
set-cookie: csu=1145408517647703@1@1721515029; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://romsfun.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQJhauWArwTQAIRfjKZIRJs1fjGG2MjUOYAA8UKi1dr0kXw6A5U4N5k69WGE5qnnvGk4LBXGUn6uRkJm2a0VJO9a5qxuNJfnDnllGW%2BJ9eLwBlwy7JvG6jlHBykfgS%2F6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f252ff87127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9041c7b14ed56a170760ee187e59cb3d
4334c89d4af87a7d10b7cfd712cf6494bcbf2f04
da6d4b1554585f827dbf6b29b44389dc9d1b7ea24ac0bc5b078dcc7fc5c4e148

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DA6D4B1554585F827DBF6B29B44389DC9D1B7EA24AC0BC5B078DCC7FC5C4E148"
Last-Modified: Thu, 18 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3991
Expires: Sat, 20 Jul 2024 23:43:41 GMT
Date: Sat, 20 Jul 2024 22:37:10 GMT
Connection: keep-alive

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76NzlfLVWiDKLFFc-6D8Opw6EPrGkUs_n-v1ZU9y8Kejt6QBko14OIKvZwGips6oBL07A1biA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S151462727%3A1721515029422126&ddm=0

209.85.233.84

403 Forbidden

11 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76NzlfLVWiDKLFFc-6D8Opw6EPrGkUs_n-v1ZU9y8Kejt6QBko14OIKvZwGips6oBL07A1biA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S151462727%3A1721515029422126&ddm=0
IP
209.85.233.84:443
ASN
#15169 GOOGLE

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint0B:28:0E:1B:FF:FC:C8:1B:AF:D7:4E:50:F3:EE:75:59:BB:D5:46:24
ValidityMon, 24 Jun 2024 06:35:44 GMT - Mon, 16 Sep 2024 06:35:43 GMT

File type
gzip compressed data, max compression
Size
11 kB (11121 bytes)
Hash
d95f4d6205984c637323fc7abc0675ee
e6590484f13319aa77a06443172523a18a40362e
2576e376a775a073e1b5d450ce1d9073202ad8fb02700e81234edb4f94ddeca0

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I76NzlfLVWiDKLFFc-6D8Opw6EPrGkUs_n-v1ZU9y8Kejt6QBko14OIKvZwGips6oBL07A1biA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S151462727%3A1721515029422126&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://romsfun.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Jul 2024 22:37:09 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce-vjp5NO4FpjD5cNFxWzat3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.eYsuAVAG7Kg.es5.O/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

romsfun.com/wp-content/themes/romsfun/css/bootstrap.min.css?ver=1.5

104.26.12.236

200 OK

169 kB

URL GET HTTP/2
romsfun.com/wp-content/themes/romsfun/css/bootstrap.min.css?ver=1.5
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
ASCII text, with very long lines (65320)
Size
169 kB (169277 bytes)
Hash
f37a5fc394c57adb0d496fafa36c853a
b5d853a78f414638b61e6cbb3ff213664d4560e1
c1af6f48ed850aaf28e93595d93ad9a1df6a8ca49b312b949295acd356a87c42

HTTP Headers

GET /wp-content/themes/romsfun/css/bootstrap.min.css?ver=1.5 HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: text/css
last-modified: Fri, 17 Nov 2023 06:56:04 GMT
vary: Accept-Encoding
etag: W/"65570e84-2953d"
expires: Sun, 04 Aug 2024 09:05:22 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 1344706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiLGRsV6qinWZKw6mzalh8COpQbKgHfifuKnZU3Ca49slSnQxY7tZFC4lToSRoqnzZv8cmBKjp4ZGtzr8p4V0KISpCVxcthyCl6AjV14%2Ba%2Ff%2FC2zux2iXuesSZFn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f201de40afa-OSL
X-Firefox-Spdy: h2

romsfun.com/wp-content/uploads/2023/09/Animal-Forest-300x169.jpeg

104.26.12.236

200 OK

8.3 kB

URL GET HTTP/2
romsfun.com/wp-content/uploads/2023/09/Animal-Forest-300x169.jpeg
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x169, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.3 kB (8318 bytes)
Hash
7f4e54d8a7242dae8dbd9cedaa101706
13673b45e1b405e018807c61f22bf5f9f3261710
5455c6b26b511b3c231a3957f42e521184924f94cb69e267f8c5cbb3f60b676b

HTTP Headers

GET /wp-content/uploads/2023/09/Animal-Forest-300x169.jpeg HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: image/webp
content-length: 8318
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10728
content-disposition: inline; filename="Animal-Forest-300x169.webp"
etag: "650ef116-29e8"
expires: Tue, 13 Aug 2024 08:10:32 GMT
last-modified: Sat, 23 Sep 2023 14:07:18 GMT
pragma: public
vary: Accept
cf-cache-status: HIT
age: 570396
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hv8f7GkK8HF5hVTwviKybJFczXR6eTA51Wj8NbdJR23l7wGgB1Yg8EtcF34pwInLo2A1oTCQCz12WjxqLWe8R2CAXI%2FnNOyUmr99qlm6QftWpzm4MJeDXJ5cTQes"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f201df20afa-OSL
X-Firefox-Spdy: h2

romsfun.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?

104.26.12.236

200 OK

7.9 kB

URL GET HTTP/2
romsfun.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7872), with no line terminators
Size
7.9 kB (7872 bytes)
Hash
9d95a93fcaab2df7529b3bb06a882b64
7a687131b0d4b2d5308fea3ec74efd2c1d80d6ba
49f8a5534f6b062f76af5d9effc7c575f37fbb481eda341a7673287712e53709

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js? HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:09 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtYXhO8B0XpK4yyiuWV6zqgRurzDVEBoTjUuAv037oMTJM%2BvkNn2NzOozdlPjnDiagUgjgw5wlWpLbF%2FlCdGNT9ufi8OX6Bg6uV3U91ZQqTySzyY9ET7gZLbQcUN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a666f2368270afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

romsfun.com/wp-includes/css/dist/block-library/style.css?ver=6.6

104.26.12.236

200 OK

112 kB

URL GET HTTP/2
romsfun.com/wp-includes/css/dist/block-library/style.css?ver=6.6
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type

Size
112 kB (112353 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.css?ver=6.6 HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=120688
etag: W/"6697f094-1d770"
expires: Fri, 16 Aug 2024 16:28:35 GMT
last-modified: Wed, 17 Jul 2024 16:25:56 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 281313
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0vhmEg3cjPue3WxNICN3aFN24w4ixj55lRzMZJgpqcNM5CRUpnSyCWtJk8g9XzYTyAcCBxxjPmEICPpytdVdwAMN0pxaQRhsnNPnora8j2TzM%2FKJIw986Ckj9Ght"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f200de20afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

romsfun.com/wp-content/themes/romsfun/js/site.js?ver=1.5

104.26.12.236

200 OK

7.3 kB

URL GET HTTP/2
romsfun.com/wp-content/themes/romsfun/js/site.js?ver=1.5
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7367), with no line terminators
Size
7.3 kB (7305 bytes)
Hash
866081e4776dc5812b790c57a1888445
7d74714ef202d116b3b984023678674c129a5b42
c4426a3208c9c140cb90a8ce126b12ea2a4c81cac09a696733ac31c958a4d7e5

HTTP Headers

GET /wp-content/themes/romsfun/js/site.js?ver=1.5 HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=9269
etag: W/"65570e84-2435"
expires: Mon, 12 Aug 2024 11:20:58 GMT
last-modified: Fri, 17 Nov 2023 06:56:04 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 645370
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmjngFpY5OpskMovW1YOPPFgPDU6WO9eC5n5NW6V9AiJQ1AIocSJlSvtrHXpe8YXRcplzCFh1xTTmDjCW8SoisipvNeesK%2BMmgtYZingN0fA7FYZnUgj06z6rCgE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f202e100afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

188.114.97.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
FingerprintD5:05:90:24:44:B6:41:18:9C:8A:33:A9:4D:BD:A0:53:55:33:EF:4D
ValiditySat, 25 May 2024 04:51:26 GMT - Fri, 23 Aug 2024 04:51:25 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://romsfun.com/
Origin: https://romsfun.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:09 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://romsfun.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2700
last-modified: Sat, 20 Jul 2024 21:52:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B5SKhjg%2FzuFifC2CX8XeOK07fQt2ADqh9q4rQADPcLgtLQCxQNUTuGBEvJAMOdBSlkeLHKLbTsSlzcSl4r6tEzoES3irVYK4AIPjQFt%2FF02Ij3anIBLlLfHTBOT4gow1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a666f252ffa7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

romsfun.com/wp-includes/js/jquery/jquery.js?ver=3.7.1

104.26.12.236

200 OK

141 kB

URL GET HTTP/2
romsfun.com/wp-includes/js/jquery/jquery.js?ver=3.7.1
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1210)
Size
141 kB (141386 bytes)
Hash
15d149d159697f14f22caca6467e2174
22b596ae7aad63a4118c6304b9e4587b246b80a0
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=3.7.1 HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=285334
etag: W/"66573ef8-45a96"
expires: Mon, 12 Aug 2024 11:20:58 GMT
last-modified: Wed, 29 May 2024 14:43:04 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 645370
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVHPw4PJyHt2ITfHT2WsdtIcOEtzQvVOCAdyAwVlYfJ45MTUs5byZPTLRhjFlwgqX8g9KLFkPle5PkbAkkelSvnYfDBYe2aXcv%2ByRrth3km0N4GKYQnxmdZ3%2FHbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f201de80afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

romsfun.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1

104.26.12.236

200 OK

19 kB

URL GET HTTP/2
romsfun.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2434)
Size
19 kB (19183 bytes)
Hash
318a8652a313c02b1d19f46b7ef1e426
afc5e61e6185848646a929a2287386a788870329
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1 HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=31978
etag: W/"66573ef8-7cea"
expires: Mon, 12 Aug 2024 11:20:58 GMT
last-modified: Wed, 29 May 2024 14:43:04 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 645370
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZZJEq58KGAg%2FUcowtIgUsASJFrtqkNJ8jyR9yDKf5mmuF4UsIf8CLk4GXok25vQF3XtwhJSq1ccoKIKMyE1q3GNf%2BAg2QnFWltNojAJhsnHxmzWS3q4AIIm%2FXFs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f201de90afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

romsfun.com/wp-content/plugins/wp-rocket/assets/js/lcp-beacon.js

104.26.12.236

200 OK

8.2 kB

URL GET HTTP/2
romsfun.com/wp-content/plugins/wp-rocket/assets/js/lcp-beacon.js
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
ASCII text, with very long lines (8333), with no line terminators
Size
8.2 kB (8200 bytes)
Hash
65a9ae5aaddb9bb0221177b0d9159225
1edf234dc534ff8072885ee40bd7ac95e28c831c
7c9ad0655372c522936142002c1abbdf79915ad7f57d9115ecdeb34eff8ca660

HTTP Headers

GET /wp-content/plugins/wp-rocket/assets/js/lcp-beacon.js HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=10504
etag: W/"669a73fe-2908"
expires: Sun, 18 Aug 2024 14:11:45 GMT
last-modified: Fri, 19 Jul 2024 14:11:10 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 116723
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wf5SbWjyzuAXNRkz1W7u%2B7Bx2yX9O5VZJ52YgS6obLEgaSOKpKfuP4xYSkizBhUDsvzxi17oZc4Fx4v0rpOBVVZLgeDUc7%2F%2F7AEiJqtosCnBNnck4YpB7YH2DQXc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f202e110afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I75e_ljWbyEdYQIcIiODjmcqYRdhB97uSoz2MTy1yPSRcDjNIOjKGOYBmkCFvd9Sbk9dNXxnVA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705564429%3A1721515029580744&ddm=0

209.85.233.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I75e_ljWbyEdYQIcIiODjmcqYRdhB97uSoz2MTy1yPSRcDjNIOjKGOYBmkCFvd9Sbk9dNXxnVA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705564429%3A1721515029580744&ddm=0
IP
209.85.233.84:443
ASN
#15169 GOOGLE

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint0B:28:0E:1B:FF:FC:C8:1B:AF:D7:4E:50:F3:EE:75:59:BB:D5:46:24
ValidityMon, 24 Jun 2024 06:35:44 GMT - Mon, 16 Sep 2024 06:35:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I75e_ljWbyEdYQIcIiODjmcqYRdhB97uSoz2MTy1yPSRcDjNIOjKGOYBmkCFvd9Sbk9dNXxnVA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705564429%3A1721515029580744&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://romsfun.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Jul 2024 22:37:09 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce--tC9KFwj2IOHMJWZV2vy1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.eYsuAVAG7Kg.es5.O/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

romsfun.com/wp-content/themes/romsfun/js/bootstrap.min.js?ver=1.5

104.26.12.236

200 OK

166 kB

URL GET HTTP/2
romsfun.com/wp-content/themes/romsfun/js/bootstrap.min.js?ver=1.5
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type

Size
166 kB (166355 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/romsfun/js/bootstrap.min.js?ver=1.5 HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Nov 2023 06:56:04 GMT
vary: Accept-Encoding
etag: W/"65570e84-289d3"
expires: Sun, 04 Aug 2024 09:05:12 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 1344716
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LEc%2FBEtInKlsyS5U%2BeP1MACr3iimjf8DepPoa8I9lF5mmShqTHZarYI0IJ%2FRItuEY%2BlLjTlafPrxg%2FlvfcXlSxoYGOMuvSp8OsTr4jkKyFFX8ZUQ1ppo4C74Wv%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f202e0f0afa-OSL
X-Firefox-Spdy: h2

romsfun.com/wp-content/themes/romsfun/style.css?ver=1.5

104.26.12.236

200 OK

15 kB

URL GET HTTP/2
romsfun.com/wp-content/themes/romsfun/style.css?ver=1.5
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
ASCII text, with very long lines (14648), with no line terminators
Size
15 kB (14648 bytes)
Hash
fabdfcfad39aca293f739d3922ead311
b33c606f5f516c75eee5d0970358400c94b27524
a6c3ad3689ef34118c6bedae55c05d8f8b60ab6d8fbcb476d514d66ae7dd0f6c

HTTP Headers

GET /wp-content/themes/romsfun/style.css?ver=1.5 HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:08 GMT
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=20512
etag: W/"65846e85-5020"
expires: Thu, 15 Aug 2024 05:08:16 GMT
last-modified: Thu, 21 Dec 2023 16:57:41 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 408532
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C0eqkS73zepxnZemM03K9RPfVkcVn2Btspv6GcEG9of%2Fh9WL%2BdmYH8RFiegB%2Fx3Vs4GUGN4pIWabvkNWTEZWychqQMkkGiz8rf%2BlaadGMTiOHIgMNLm5qa4Q8F7P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f201de70afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

romsfun.com/wp-admin/admin-ajax.php

104.26.12.236

200 OK

1.1 kB

URL POST HTTP/2
romsfun.com/wp-admin/admin-ajax.php
IP
104.26.12.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://romsfun.com/download/mario-party-3-9593/1
Certificate
IssuerGoogle Trust Services
Subjectromsfun.com
Fingerprint91:BE:41:11:4E:EF:03:DC:F3:6A:0E:C0:E0:B3:0D:AE:DE:E1:41:C5
ValidityWed, 19 Jun 2024 04:43:00 GMT - Tue, 17 Sep 2024 04:42:59 GMT

File type
ASCII text, with very long lines (1184), with no line terminators
Size
1.1 kB (1108 bytes)
Hash
f6a527d2bd35bce41ff8de44fe4b34d1
b3105f93dc48b3aae60e8d76b75b5dee006bd569
19e3993c7736f38172110e0266b1db690eaed164737144dfd7a746f27b5a9c42

HTTP Headers

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: romsfun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Origin: https://romsfun.com
DNT: 1
Connection: keep-alive
Referer: https://romsfun.com/download/mario-party-3-9593/1
Cookie: _ga_CXR95QZ9B0=GS1.1.1721515029.1.0.1721515029.0.0.0; _ga=GA1.1.776296097.1721515029; cf_clearance=38UXAEhaKmpT6PrOtFe7Wu91Fh7pVlorGy9Bfsgk9Ig-1721515029-1.0.1.1-7vt3x9JBj67O3ZWGVKRz6NM8XASvNhmMLx7Bcpf8GllO1CQ9GhmtZ.z1QBgCu.6V_csxWmhokJHjzFcxGeBaXA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 20 Jul 2024 22:37:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://romsfun.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff, nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xO3VTh9XmYO5MSXFLRFSskGVQoqMCbhO5oE%2Ff1ykBSOGKcBrmqwAz1uacqfAmZtUbgB%2FsvarO%2F68PSlYmuvPXkbITRXQAt1pv9xd6LbImLOl8wkjQFJoMlvghHk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a666f2619700afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash