Report - s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z

Report Overview

Submitted URL
s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z
IP
104.26.7.60
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-29 14:58:54
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
s3.romsfast.com	unknown	2022-10-31T12:13:06Z	2023-03-13T02:58:24Z	4.5 kB	98 kB	172.67.71.93
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.1 kB	8.4 kB	142.250.74.131
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	23.33.119.27
romspure.cc	221922	2021-09-01T18:06:50Z	2023-03-13T06:04:18Z	5.3 kB	54 kB	172.67.68.35
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	519 B	4.9 kB	142.250.74.130
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	50 kB	34.120.237.76
fundingchoicesmessages.google.com	2397	2019-01-16T16:59:52Z	2023-03-13T05:10:12Z	396 B	44 kB	142.250.74.142
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.5 kB	192 kB	142.250.74.67
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	95.101.11.115
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.83.202.51
pagead2.googlesyndication.com	101	2021-02-20T16:52:05Z	2023-03-13T08:39:15Z	884 B	52 kB	142.250.74.162
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	725 B	63 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-29 14:58:51	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-01-29 14:58:51	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	fundingchoicesmessages.google.com/i/ca-pub-6379699571015222?ers=2	125 kB	2023-03-13	2023-03-13
Pretty URL fundingchoicesmessages.google.com/i/ca-pub-6379699571015222?ers=2 IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:18:36 Last Seen2023-03-13 11:18:36 Times Seen1 Hash eb746d5d0ff61fe5835113bc10146aaa 03e066cfd9c30411bb2080e0de7860296f6b3de5 5aafb6bd221bd5c0d2fd6c2c131dff66daa74c22f85add25ac538cc9cec5e172 Loading...

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7912d3dfce6bb4ed	49 kB	2023-03-13	2023-03-13
Pretty URL s3.romsfast.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7912d3dfce6bb4ed IP 172.67.71.93 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:18:36 Last Seen2023-03-13 11:18:36 Times Seen1 Hash b24ea22990296cb33ddef645c7f38333 b8c880bdc0180bec81ee61d4ef2884602f5fa68e ce9629cbefdaf66c3415eca2e4f6a47417dfb9c70c84497d78e69ebc463c1cbd Loading...

	s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z	17 B	2023-03-07	2023-04-05
Pretty URL s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z IP 172.67.71.93 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2023-04-05 02:12:11 Times Seen1946 Hash 8ff8851cc2351b1ece0667fc38808aca 1948720040e391039821b5f1e0ffb994f42af529 39dc54b6b6d6d57f0d76b09b6e775fa9bf57418049cbb68c31fa4176a8b81175 Loading...

	romspure.cc/	57 B	2023-03-07	2024-04-19
Pretty URL romspure.cc/ IP 172.67.68.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-19 13:22:26 Times Seen10829 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	romspure.cc/	468 B	2023-03-09	2023-08-06
Pretty URL romspure.cc/ IP 172.67.68.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:26:50 Last Seen2023-08-06 14:57:05 Times Seen366 Hash 620e4c7586c536809d38e14d688c570b 16d54b13c376505e2493e69a7d09f3c81601e359 efd4f9b659c67da097238c7be75d5596edf767dba09af992ecd48259eaec4674 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784	151 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:18:36 Last Seen2023-03-13 11:18:36 Times Seen1 Hash dad127f23a5f47746f158871bd8e2365 55f9be5f98365ce4a49b607a693af9af32949f63 d3e19fd96683cc42508aa6c125530927e0c326293e2740c5db40ec8c788ea7a7 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html	9.7 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 5ba05061c66d3e3a39f0573557899b0d f31c916b0c5ba50856c2d505c6a07ac2e3703dea 821afaa0abe5e4fb2292f52492b24ad0e290f7c43766602293856e911b5d1499 Loading...

	romspure.cc/	102 B	2023-03-09	2024-04-07
Pretty URL romspure.cc/ IP 172.67.68.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:26:50 Last Seen2024-04-07 22:18:26 Times Seen880 Hash b79d3cc4dacaefe2a065e15bd9cf1ed2 f8cabaddf5b1cf655185ddae677118358579ca79 9691fbcc386acebd80bb7222bf8d948096e589cc770f197fb09249a1a1c22394 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 05:56:23 Times Seen36969745 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	http:blank	580 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:18:36 Last Seen2023-03-13 11:18:36 Times Seen1 Hash 2afbbb5d8db856fb54dd2921efa4e75c 70aacf5d161c54aaa25f76cf8406d83048b04622 e8fdabb42ff3cc6265dc6f57c549d1600dace40f3e05e4a8872406694432daa1 Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6379699571015222&plah=romspure.cc&bust=31071811	370 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6379699571015222&plah=romspure.cc&bust=31071811 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:18:36 Last Seen2023-03-13 11:18:36 Times Seen1 Hash d4533b00abf2d3c4b7a6f68e8cfe10ee 5de1442141911b3a5d63a40e6a458d6bb2a4fe85 3bb4c5a7d76b0b40655469b9db591078fa94bd5190af63d6d212804ea1c21630 Loading...

	s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z	3.2 kB	2023-03-13	2023-03-13
Pretty URL s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z IP 172.67.71.93 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:18:36 Last Seen2023-03-13 11:18:36 Times Seen1 Hash 337c259a4cdd27757808ac5c90a6448d 0d163389cb27323cbcde8a5c87d89dcac5053029 33ed932f44e4515efc9ad4cecd3e9d5f019bed294665d56188aebf773e29c246 Loading...

	romspure.cc/	476 B	2023-03-07	2024-04-20
Pretty URL romspure.cc/ IP 172.67.68.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-20 04:38:23 Times Seen15689 Hash ce71388c2d441cfb9ef0985bc4e5bb71 1e74c490ed76f671eb45ab0b45c9c9f5b9b89f0f efb5a648656ae8f944fbf74e5644126464160ab50197a288c8b587e74edd575a Loading...

	romspure.cc/	8.7 kB	2023-03-07	2024-04-18
Pretty URL romspure.cc/ IP 172.67.68.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-04-18 22:13:35 Times Seen1108 Hash cd9680743225d3fd4c1b85a731dd2ec8 32741541072b130bfa55f22a4e738c5f0338f54e cdd6551cd2b3236957745d4eae454072cd51cea1fb31885069a31a34fe6c3735 Loading...

	romspure.cc/	1.4 kB	2023-03-13	2023-03-13
Pretty URL romspure.cc/ IP 172.67.68.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:18:36 Last Seen2023-03-13 11:18:36 Times Seen1 Hash e206319d0dd37069823852f2a628164d 49fc2a3063b6ef90894264c3993719fb8e43509a e95852fe8d6c0a57ad00315774032adfc433375afc1dd972b45ec042366cdf98 Loading...

	fundingchoicesmessages.google.com/f/AGSKWxXOhGN5BzZawUn8tO8EshcYVxY28Tfw2jqfaF6X773Q9IKdR07N2SeFgnn8fW65-elnWJI62vileOBiKyRUJeo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MDA0MzM0LDYwMDAwMDAwXSwiQjU5OEIwNDgtQ0FCNS00NTI5LUFERUYtMjgzNjQ0NjgzQzVBIixudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yb21zcHVyZS5jYy8iLG51bGwsW1s4LCJCeUI1WURzdmlZWSJdLFs5LCJlbi1VUyJdXV0	436 kB	2023-03-13	2023-03-13
Pretty URL fundingchoicesmessages.google.com/f/AGSKWxXOhGN5BzZawUn8tO8EshcYVxY28Tfw2jqfaF6X773Q9IKdR07N2SeFgnn8fW65-elnWJI62vileOBiKyRUJeo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MDA0MzM0LDYwMDAwMDAwXSwiQjU5OEIwNDgtQ0FCNS00NTI5LUFERUYtMjgzNjQ0NjgzQzVBIixudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yb21zcHVyZS5jYy8iLG51bGwsW1s4LCJCeUI1WURzdmlZWSJdLFs5LCJlbi1VUyJdXV0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:18:36 Last Seen2023-03-13 11:18:36 Times Seen1 Hash b143d6ea8dd8a69c98e0814b251e9a67 66793f2a3fe9aeb91df3236f32cb106115254af7 af6f30b8b98cc3ded1f5a3aa9cb1b6a2b453b238d152a2c52d273786ab3b8a4a Loading...

	romspure.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-19
Pretty URL romspure.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 172.67.68.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 20:39:51 Times Seen31782 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 437266f0cf7a0e59f091af47377746c2	537 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:18:36 Last Seen2023-03-13 11:18:36 Times Seen1 Hash 437266f0cf7a0e59f091af47377746c2 bac3c5f04640001c01031748906cd697fbb2e2d2 936566bf8ef4fdd29931850f3d444a15a8acb7ea6a0320c42d39c1011a01d95c Loading...

	#2 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 467d82ac802ebf5b672ecdb8e02505e6	3.6 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:02:24 Last Seen2023-07-11 15:29:01 Times Seen16478 Hash 467d82ac802ebf5b672ecdb8e02505e6 b3df725dd3285fd4618d65c08e83b8f08c8e4798 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515 Loading...

HTTP Transactions (62)

	URL	IP	Response	Size
	s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z	172.67.71.93	503 Service Temporarily Unavailable	7.2 kB
URL HTTP/1.1 s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z IP 172.67.71.93:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836) Size 7.2 kB (7223 bytes) Hash 6845e459ec6268417065c6a16f660ccb 58b8671283819876fa91256ef84fdb399225ff21 1b7f666c0c0918d01d6d978944b41c741200118739b2919eb6e1e46340f83e58 HTTP Headers `GET /PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 503 Service Temporarily Unavailable Date: Sun, 29 Jan 2023 14:58:43 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() Referrer-Policy: same-origin X-Frame-Options: SAMEORIGIN Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XICfKjuXZqdyVOv8cyW9Pf0Jx00SPBDjNtDY0AtesKgSx2QIeDsD874owC0%2B3m0u3baPJfurgqjljMLUCy75iTGI9sQ0rDgXWUVmZZ7f1AAskSZfaTy3EOF2gAN4ydoxSQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7912d3dfce6bb4ed-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 81dd5c5cc5b3278876cb44dcb520a60f c0511a59e9eccdcdda98717b87c89c5d59974808 41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3362 Expires: Sun, 29 Jan 2023 15:54:45 GMT Date: Sun, 29 Jan 2023 14:58:43 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5eb7c9bc996a0ff420e58af45526f053 8c2614832b8efe1c9da0bbd465d6f3f172d95a9e c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17728 Expires: Sun, 29 Jan 2023 19:54:11 GMT Date: Sun, 29 Jan 2023 14:58:43 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 03092d1a1bc7ac91ee342a1a7ab2a562 52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a 03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4311 Expires: Sun, 29 Jan 2023 16:10:35 GMT Date: Sun, 29 Jan 2023 14:58:44 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash dcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 29 Jan 2023 14:43:08 GMT content-type: application/json age: 936 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: JbrREEAYBxMZu0zN0yApErkecdQt8jqBZcjFGPp4WH9X5LhC9DOxuKtA+cH1PaGucrXc8zY8ypk= x-amz-request-id: 6DWCWYW0FBSCRH1T content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 29 Jan 2023 14:50:21 GMT age: 503 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	s3.romsfast.com/cdn-cgi/styles/challenges.css	172.67.71.93	200 OK	2.6 kB
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/styles/challenges.css IP 172.67.71.93:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (6190), with no line terminators Size 2.6 kB (2585 bytes) Hash 0cfcef358de34ee519bc7aee694f3963 ee32fa87d15414efca97a881c99a2172d728ea77 1b82a0dbaae19093a91691e510ea2606a8476ed60a5f3a63794dcbc1fc0d2789 HTTP Headers `GET /cdn-cgi/styles/challenges.css HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z Connection: keep-alive` `HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 14:58:44 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Mon, 23 Jan 2023 11:05:33 GMT ETag: W/"63ce69fd-182e" Server: cloudflare CF-RAY: 7912d3e17e66b4fa-OSL X-Frame-Options: DENY X-Content-Type-Options: nosniff Vary: Accept-Encoding Expires: Sun, 29 Jan 2023 16:58:44 GMT Cache-Control: max-age=7200, public Content-Encoding: gzip`

	s3.romsfast.com/favicon.ico	172.67.71.93	302 Found	0 B
URL HTTP/1.1 s3.romsfast.com/favicon.ico IP 172.67.71.93:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z Connection: keep-alive` HTTP/1.1 302 Found Date: Sun, 29 Jan 2023 14:58:44 GMT Content-Length: 0 Connection: keep-alive Location: https://romspure.cc Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mjhTU%2FBf7%2BVv%2FNHGdbfSvGbZCV25GmtF2wkHaP%2Bplg1XQfJBDNzXyYYJimZ%2BYTi%2BWVnzgAD2CUGOCMuOtiRjw%2Fug2JmakkzRoCMx%2BMhCqHGp0JIYe5G4AQqz4YVQ7T5Ug%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7912d3e17f2c1bfe-OSL alt-svc: h2=":443"; ma=60

	s3.romsfast.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7912d3dfce6bb4ed	172.67.71.93	200 OK	42 B
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7912d3dfce6bb4ed IP 172.67.71.93:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7912d3dfce6bb4ed HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z Connection: keep-alive` `HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 14:58:44 GMT Content-Type: image/gif Content-Length: 42 Connection: keep-alive Last-Modified: Mon, 23 Jan 2023 11:05:33 GMT ETag: "63ce69fd-2a" Server: cloudflare CF-RAY: 7912d3e21828b4fa-OSL X-Frame-Options: DENY X-Content-Type-Options: nosniff Vary: Accept-Encoding Expires: Sun, 29 Jan 2023 16:58:44 GMT Cache-Control: max-age=7200, public Accept-Ranges: bytes`

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7912d3dfce6bb4ed	172.67.71.93	200 OK	22 kB
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7912d3dfce6bb4ed IP 172.67.71.93:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (49329), with no line terminators Size 22 kB (21924 bytes) Hash 8c0e61767d821fb655bab8926d8d248e d21c79ca109494aa346f6dbbcf61550886ec29cd 4aea546137dcbf291c06f02f8d8389aabdf9ce360f591b809f1aca8399a90e3a HTTP Headers `GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7912d3dfce6bb4ed HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z?__cf_chl_rt_tk=Kz4HfDFNlQPIgHhgkGnqoBHPIIUbYm4.F.DJgAjF5ic-1675004323-0-gaNycGzNAxE Connection: keep-alive` HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 14:58:44 GMT Content-Type: application/javascript; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cache-control: max-age=0, must-revalidate Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKL0GXgyu2vuM99WUPdZDdMCut3dAQYUhgT33p4WGxwvmDMPd3NiqKTnsnPxA5zsok2440Ue2o4i1dlzMpb%2FZwLspBG64TqeINGWwZkdymQzQKiIas%2FS75L%2FIe3hRJKldQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7912d3e21fcc1bfe-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 29 Jan 2023 14:58:44 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	e1.o.lencr.org/	23.33.119.27	200 OK	344 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 344 B (344 bytes) Hash c6f896f6c07e30efa6529a8ca5a4dd31 0973351aa4b888b52caf18301e8150b5a67150b3 97cc74e533784b81f58554e59eb2042546343f72ec83af18f5cd43ec39ce193e HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 344 ETag: "97CC74E533784B81F58554E59EB2042546343F72EC83AF18F5CD43EC39CE193E" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3648 Expires: Sun, 29 Jan 2023 15:59:32 GMT Date: Sun, 29 Jan 2023 14:58:44 GMT Connection: keep-alive`

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.476319510622075:1675001865:WTGOhxpg-Vdr9ffzGvZ9woPASoqzRuKvVwTP-6aKrDE/7912d3dfce6bb4ed/c334587b29d68c7	172.67.71.93	200 OK	58 kB
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.476319510622075:1675001865:WTGOhxpg-Vdr9ffzGvZ9woPASoqzRuKvVwTP-6aKrDE/7912d3dfce6bb4ed/c334587b29d68c7 IP 172.67.71.93:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65536), with no line terminators Size 58 kB (58114 bytes) Hash f145462457b73aeb1c3d5ce79d54af1e 78817c9776b3c18aeeaa125950a9b906a58d6137 598e6c9dc06aa8a411dcf87f8af09e04471b6400284a444324313ab4cc6e878e HTTP Headers POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.476319510622075:1675001865:WTGOhxpg-Vdr9ffzGvZ9woPASoqzRuKvVwTP-6aKrDE/7912d3dfce6bb4ed/c334587b29d68c7 HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z Content-type: application/x-www-form-urlencoded CF-Challenge: c334587b29d68c7 Content-Length: 1840 Origin: http://s3.romsfast.com Connection: keep-alive Cookie: cf_chl_2=c334587b29d68c7 HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 14:58:44 GMT Content-Type: text/plain; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cf_chl_gen: QY+31R0A829WPPBFF9X20QGN3411EDOZhIzhJC+ABXEu4Vf9EAAYA+9hh+5dRH/R+JBdxhtrcKYcKPU/F3rEWFQr+OF/JNVjjSRfro6BK2LFHJrH4ln8Xi/L4mWQT8vIlXwgl8WDH1KURUtkI6wzQ4RNSESmdF0c0kt5XJLxWsf8Nicx0IGNLnc6s2YZz/sLyH54PyQ0XI2zFvURd0S4ZeGc105dIXAfXQ5BFwBhPBAd+s3FDGYfxfQIFx0rcycnpfoBvM5TABJp+SauJP/spl2owRpWWpbZjc0mTDEtK5s=$jYziHXuJ2mDOBzof646BXw== Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaRY3UREzWyzik%2BntKFlZEV%2FqbG7Hcvm225F4GbH9nnCxrt0ows4dCM9u%2FzYymfYjD%2BISvK6BxzfBD%2BHvoN%2F1NagaAFr5hDNhmFbtqL3BaBR%2BcjeV8oMg6n%2FqFEAwlSNDQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7912d3e399971bfe-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 29 Jan 2023 14:49:04 GMT age: 580 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18547 Expires: Sun, 29 Jan 2023 20:07:51 GMT Date: Sun, 29 Jan 2023 14:58:44 GMT Connection: keep-alive`

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/img/7912d3dfce6bb4ed/1675004324422/Qzu7ZzQZaylsmIT	172.67.71.93	200 OK	61 B
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/challenge-platform/h/g/img/7912d3dfce6bb4ed/1675004324422/Qzu7ZzQZaylsmIT IP 172.67.71.93:0 ASN #13335 CLOUDFLARENET File type PNG image data, 66 x 61, 8-bit/color RGB, non-interlaced\012- data Size 61 B (61 bytes) Hash 94ac296936865b2eac7c7af455d7cbdd b9febdf0f816da7fbb4649ccdc81da6784ca2e19 0058f76f8ae34f6ebf92f48c3fc3a32ea93df072ba2368b6c92be23534e629c7 HTTP Headers `GET /cdn-cgi/challenge-platform/h/g/img/7912d3dfce6bb4ed/1675004324422/Qzu7ZzQZaylsmIT HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z Connection: keep-alive Cookie: cf_chl_2=c334587b29d68c7` HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 14:58:44 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Bv%2BT5OpmsVKMfEuDP4Df%2Bpy9NgUWU1XAOUnx27bAzQL6%2BFs60Rvebmkv2NujHHSVi8pTJlvQowM6kDGWYeIIy39pz5Mhi%2B88FN37ywCYdD3GdfvvjMMUDT9Gw7KBt1oYQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7912d3e70d251bfe-OSL alt-svc: h2=":443"; ma=60

	push.services.mozilla.com/	35.83.202.51	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.83.202.51:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: YMoXZaWBHwnMRwgTbp+zfA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: O1sPNvWyPXQJadLxCfkFt199Qhs=`

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.476319510622075:1675001865:WTGOhxpg-Vdr9ffzGvZ9woPASoqzRuKvVwTP-6aKrDE/7912d3dfce6bb4ed/c334587b29d68c7	172.67.71.93	200 OK	1.8 kB
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.476319510622075:1675001865:WTGOhxpg-Vdr9ffzGvZ9woPASoqzRuKvVwTP-6aKrDE/7912d3dfce6bb4ed/c334587b29d68c7 IP 172.67.71.93:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (2264), with no line terminators Size 1.8 kB (1751 bytes) Hash 3d0e9903877aa7c041f19e885807ab06 c093d7e73d17b0706463ebdbec804b6d5434f63f 69d37d95cae7b9644dba715b7ffc102f90b6535d9628e8fe453e0ea65569e4ad HTTP Headers POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.476319510622075:1675001865:WTGOhxpg-Vdr9ffzGvZ9woPASoqzRuKvVwTP-6aKrDE/7912d3dfce6bb4ed/c334587b29d68c7 HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z Content-type: application/x-www-form-urlencoded CF-Challenge: c334587b29d68c7 Content-Length: 15494 Origin: http://s3.romsfast.com Connection: keep-alive Cookie: cf_chl_2=c334587b29d68c7 HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 14:58:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive set-cookie: cf_chl_rc_ni=;Expires=Sat, 28 Jan 2023 14:58:45 GMT;SameSite=Strict cf_chl_out: 9yGckhW+VmOwRrTzHguUpfoU/31ENKlu1uF+lmr4cnZwudGuH77tWNACl6KMGFt1H6PvsSKPD+QRD2LFBeV/gQ==$LS+1NUmzCljsSi6OFhEI5A== cf_chl_out_s: zs0ybpQuwlq0owHLa7aY8xLYBSBLiPoH3C1HgT5rIU3RNIEoZ1Bj+EAzdSotd/bPwZJbRO4V7OGpQWQdJf5VYHyn5wCb/cPaCBu/EEGtqsghjGQQfhhN/N6DewRYIUil1cYMVANIzquhniKHyACT5w==$4svbBNkq7zausyBU8Umalw== Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtJZlPeouiubSMMojyY5A9ukwTa%2BsToxsjO3iKYRo3aNAMBBvc%2Fe6JxsY3vzBLpurKlJfkYfdiXnxlgochYjEq%2BkDnffIX5tETBHRyx%2Bigz74Xlg0Ny%2FHBp%2FrYnhCsPW%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7912d3e8ceff1bfe-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60

	s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z	172.67.71.93	302 Found	0 B
URL HTTP/1.1 s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z IP 172.67.71.93:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/PS2-EU/Resident%20Evil%204%20(Europe)%20(EnFrDeEsIt).7z?__cf_chl_tk=Kz4HfDFNlQPIgHhgkGnqoBHPIIUbYm4.F.DJgAjF5ic-1675004323-0-gaNycGzNAxE Content-Type: application/x-www-form-urlencoded Content-Length: 1575 Origin: http://s3.romsfast.com Connection: keep-alive Cookie: cf_chl_2=c334587b29d68c7 Upgrade-Insecure-Requests: 1 HTTP/1.1 302 Found Date: Sun, 29 Jan 2023 14:58:45 GMT Content-Length: 0 Connection: keep-alive Set-Cookie: cf_chl_2=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.romsfast.com cf_clearance=pFuS8DkY.TiwBkCevj7kGus51PcjUy5ew01QVuY3u1Y-1675004325-0-150; path=/; expires=Mon, 29-Jan-24 14:58:45 GMT; domain=.romsfast.com; HttpOnly Location: https://romspure.cc Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=em%2Bx5CN%2FPLCYtk4NCwaS9e%2FvsTADr1O%2F86A9Y6lhJEI%2FSmv7YkFZBwIl4%2FbeY76QEXQtuvbeVvpXJn6QO2Tv5AisyY7SFvMM38veSge%2FsDYunwo3MObGgm%2FlszHpPPiEIA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7912d3e95fdc1bfe-OSL alt-svc: h2=":443"; ma=60

	e1.o.lencr.org/	23.33.119.27	200 OK	344 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 344 B (344 bytes) Hash c6f896f6c07e30efa6529a8ca5a4dd31 0973351aa4b888b52caf18301e8150b5a67150b3 97cc74e533784b81f58554e59eb2042546343f72ec83af18f5cd43ec39ce193e HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 344 ETag: "97CC74E533784B81F58554E59EB2042546343F72EC83AF18F5CD43EC39CE193E" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3647 Expires: Sun, 29 Jan 2023 15:59:32 GMT Date: Sun, 29 Jan 2023 14:58:45 GMT Connection: keep-alive`

	romspure.cc/wp-content/uploads/2020/05/bg-search.png	172.67.68.35	200 OK	24 kB
URL HTTP/2 romspure.cc/wp-content/uploads/2020/05/bg-search.png IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type PNG image data, 1920 x 500, 8-bit colormap, non-interlaced\012- data Size 24 kB (24210 bytes) Hash 4afc52d0f0ef0723532ad66629522c81 cabdf5838f750ef8a22e910cdf1c4439f44f2810 3ad6d7e37cd007e5585b621a2f2f4e3d6a7724349233a296a338a2f62ff750df HTTP Headers `GET /wp-content/uploads/2020/05/bg-search.png HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:45 GMT content-type: image/png content-length: 24210 last-modified: Fri, 29 Oct 2021 22:52:29 GMT etag: "617c7b2d-5e92" expires: Sat, 18 Feb 2023 08:22:26 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 887779 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpPEOvVqZxfmSkSwx40vqzw9fggKkmGNCMZpPtFc8v5x1NG79%2Fdq%2Br9X0GxUVNO%2BNZMSROC%2FMr8rZ9Mq%2FeHrEw2L8COiI4%2B5%2BvP0gUQ2v5tjxTJK1dValZaeoNt4"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7912d3eb1c871c0e-OSL X-Firefox-Spdy: h2

	romspure.cc/wp-content/uploads/2020/05/favicon.png	172.67.68.35	200 OK	3.9 kB
URL HTTP/2 romspure.cc/wp-content/uploads/2020/05/favicon.png IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type PNG image data, 295 x 298, 8-bit colormap, non-interlaced\012- data Size 3.9 kB (3898 bytes) Hash 9ba1d6e401ea67f50c0df60c9a95d072 10981b4e96171dc3247f27f3775284c80d1732b6 bf0fe0ec9030927348bcc19850c383f5346260892025ee66c76c98a1ab234336 HTTP Headers `GET /wp-content/uploads/2020/05/favicon.png HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:45 GMT content-type: image/png content-length: 3898 last-modified: Fri, 29 Oct 2021 23:18:00 GMT etag: "617c8128-f3a" expires: Wed, 15 Feb 2023 12:55:40 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1130585 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Rb3%2Bk6k9YFp7jQYuud3zt0d1b8ApREt6ufRXOFZx3Ucx4q4B8oeuyXmaKtRTzo%2F%2B8kbC19rOXgockgpsQpBjo9NLHdF63keLFKV2BOmGdi70IpvHpCJYUkaDThY"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7912d3eb5cb91c0e-OSL X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ed8a8c45dceab588456b222e04775919 0242859712655caa3c3e9b936878c7c7874b7b5a 669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	romspure.cc/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674993600	172.67.68.35	200 OK	16 kB
URL HTTP/2 romspure.cc/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674993600 IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (39755), with no line terminators Size 16 kB (16182 bytes) Hash 8bf0a6e68f521e46fcbe1e4ae2485126 de7d509c621a3da8018d358a80aecba78477647f d4a6ee9ed9787d00d2465c9850b4e03871794fcf1d76c51ee3dec3c7d49f70af HTTP Headers `GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674993600 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:45 GMT content-type: application/javascript; charset=UTF-8 cache-control: max-age=14400, public vary: accept-encoding x-control-type-options: nosniff report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HrxcAiJDu4ldO3qh%2BN7qfk2Ra9bNDLzsp4UnaU%2BDMjOLVCj%2F69QVMHzBEGCEZFxhdMjJwzfTJAx9fb5X34Jq7OygvMgQBuQba4prAlC7R%2BOlCCWRlgKnAcruHm%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d3eb5cc11c0e-OSL content-encoding: br X-Firefox-Spdy: h2

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6379699571015222	142.250.74.162	200 OK	50 kB
URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6379699571015222 IP 142.250.74.162:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (4879) Size 50 kB (50213 bytes) Hash 89a03dc3b8dec439a0a1eaf6a4b4b7b0 840c6129d3c5c524c374445d20cc46fcd3455d4c 4d59a0d22cc5c2fb7cba008b64c895b24308895a823cca2b554376954822808b HTTP Headers `GET /pagead/js/adsbygoogle.js?client=ca-pub-6379699571015222 HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://romspure.cc Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding date: Sun, 29 Jan 2023 14:58:45 GMT expires: Sun, 29 Jan 2023 14:58:45 GMT cache-control: private, max-age=3600 content-type: text/javascript; charset=UTF-8 etag: 17138821633261982989 access-control-allow-origin: * x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 50213 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784	142.250.74.162	200 OK	472 B
URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784 IP 142.250.74.162:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ed8a8c45dceab588456b222e04775919 0242859712655caa3c3e9b936878c7c7874b7b5a 669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3 HTTP Headers `GET /pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784 HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://romspure.cc Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding date: Sun, 29 Jan 2023 14:58:45 GMT expires: Sun, 29 Jan 2023 14:58:45 GMT cache-control: private, max-age=3600 content-type: text/javascript; charset=UTF-8 etag: 9506223836458260071 access-control-allow-origin: * x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 49883 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html	142.250.74.130	200 OK	4.2 kB
URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html IP 142.250.74.130:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579) Size 4.2 kB (4242 bytes) Hash 2fb3574102373e2e076cfa2ff90cdf25 d06c985183def975546d6e47ab6369c11dcf7195 e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345 HTTP Headers GET /pagead/html/r20230124/r20190131/zrt_lookup.html HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding x-content-type-options: nosniff content-encoding: br server: cafe content-length: 4242 x-xss-protection: 0 date: Sun, 29 Jan 2023 12:06:26 GMT expires: Sun, 12 Feb 2023 12:06:26 GMT cache-control: public, max-age=1209600 age: 10339 etag: 10353107486223812946 content-type: text/html; charset=UTF-8 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ef589be52a3e55b643978f17949a73da 74545de6f144282252ff92c751f97cc835c80341 7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ef589be52a3e55b643978f17949a73da 74545de6f144282252ff92c751f97cc835c80341 7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4417 Expires: Sun, 29 Jan 2023 16:12:23 GMT Date: Sun, 29 Jan 2023 14:58:46 GMT Connection: keep-alive`

	fundingchoicesmessages.google.com/i/ca-pub-6379699571015222?ers=2	142.250.74.142	200 OK	43 kB
URL HTTP/2 fundingchoicesmessages.google.com/i/ca-pub-6379699571015222?ers=2 IP 142.250.74.142:0 ASN #15169 GOOGLE File type data Size 43 kB (42677 bytes) Hash 85e65ef6e25d33887818054367291028 5381aa998ab4ab79c23a5f6be5e05122118eb919 74c848a153698f06377de51eae9348821796194192eb0be7eb9395a235c344f3 HTTP Headers `GET /i/ca-pub-6379699571015222?ers=2 HTTP/1.1 Host: fundingchoicesmessages.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 29 Jan 2023 14:58:46 GMT content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-jGiezXVzGe9dnSyT66trWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy: cross-origin permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= cross-origin-opener-policy: same-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4417 Expires: Sun, 29 Jan 2023 16:12:23 GMT Date: Sun, 29 Jan 2023 14:58:46 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4417 Expires: Sun, 29 Jan 2023 16:12:23 GMT Date: Sun, 29 Jan 2023 14:58:46 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5594 bytes) Hash 4c77437e3a7361861aed8bfecbfe6bd6 fefd238c13c0fdfb7d964c90fcc8a8cbbf953034 282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5594 x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fLyeEGOloAMFpzA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0 x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 05:26:16 GMT age: 34350 etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8652 bytes) Hash 43c4a8e963936a8064dbd2bd3c67b905 8508727c97127c98b886833af28b3470306216c2 070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8652 x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVguyG7BIAMFm8g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 23:11:24 GMT age: 56842 etag: "8508727c97127c98b886833af28b3470306216c2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg	34.120.237.76	200 OK	9.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.2 kB (9167 bytes) Hash 3be81f83687ddb6c93d3ff3c09a9dba2 50a48e737310d3f31840db4301b25927fbcc12c5 e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9167 x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fPF9YEBmIAMF0kQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0 x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 17:35:56 GMT age: 76970 etag: "50a48e737310d3f31840db4301b25927fbcc12c5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4475 bytes) Hash 4205d8106659e00fff1cbe9262918b8c ab4f6528594a1725934727dc7d834c028a79c609 31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4475 x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_e6HsaIAMF5Lg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 05:24:09 GMT etag: "ab4f6528594a1725934727dc7d834c028a79c609" content-type: image/jpeg age: 34477 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11470 bytes) Hash 10a6491e2c1dfde68c7cd7297e70700f d0f195319825a6d3e5e50ad15b2fcab27cb65896 4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11470 x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fIf6WFgAIAMF6gw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0 x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 23:12:28 GMT age: 56778 etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg	34.120.237.76	200 OK	3.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.8 kB (3774 bytes) Hash 97118e74a8f60620950e42a11c11d71b d144bbb82392a6103810ac9baa5346ddbefb5c16 2ce0c9696cf9842243186e86bae28c22896a9f51837f4961b6c7e3cfdfb24bd0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3774 x-amzn-requestid: deae2f1e-baec-408c-92a7-4859d4afed47 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa-EgFAgoAMFXRQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d443b6-32a2ff1a369e7b5f41ecbabd;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:50 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: VA7MkuSOzdsSIBVjT8kx3Azf1hvLzVrLOoxXrknN-J5p1BUqVvVz0w== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 22:05:07 GMT age: 60819 etag: "d144bbb82392a6103810ac9baa5346ddbefb5c16" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8c630e9bbc930d1c367efa81b67be3f7 ec536695531d40a813d99a06271c7c2d698d51d3 39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8c630e9bbc930d1c367efa81b67be3f7 ec536695531d40a813d99a06271c7c2d698d51d3 39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Archivo\|Arimo\|Bitter\|EB+Garamond\|Lato\|Libre+Baskerville\|Libre+Franklin\|Lora\|Google+Sans:regular,medium\|Material+Icons\|Merriweather\|Montserrat\|Mukta\|Muli\|Nunito\|Open+Sans:400,600,700\|Open+Sans+Condensed:300,400,600,700\|Oswald\|Playfair+Display\|Poppins\|Raleway\|Roboto\|Roboto+Condensed\|Roboto+Slab\|Slabo+27px\|Source+Sans+Pro\|Ubuntu\|Volkhov&display=swap	142.250.74.106	200 OK	62 kB
URL HTTP/2 fonts.googleapis.com/css?family=Archivo\|Arimo\|Bitter\|EB+Garamond\|Lato\|Libre+Baskerville\|Libre+Franklin\|Lora\|Google+Sans:regular,medium\|Material+Icons\|Merriweather\|Montserrat\|Mukta\|Muli\|Nunito\|Open+Sans:400,600,700\|Open+Sans+Condensed:300,400,600,700\|Oswald\|Playfair+Display\|Poppins\|Raleway\|Roboto\|Roboto+Condensed\|Roboto+Slab\|Slabo+27px\|Source+Sans+Pro\|Ubuntu\|Volkhov&display=swap IP 142.250.74.106:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (6754) Size 62 kB (62303 bytes) Hash 06e938aabc949972ad0ed33a528654b5 09b0e2f717e8cb8ceb5bab1cc4dc1a3dbbcb23ee 32c468deca3e0597cae9416646248c5c8db69cce8ee080d360eb7d0e5640123d HTTP Headers GET /css?family=Archivo\|Arimo\|Bitter\|EB+Garamond\|Lato\|Libre+Baskerville\|Libre+Franklin\|Lora\|Google+Sans:regular,medium\|Material+Icons\|Merriweather\|Montserrat\|Mukta\|Muli\|Nunito\|Open+Sans:400,600,700\|Open+Sans+Condensed:300,400,600,700\|Oswald\|Playfair+Display\|Poppins\|Raleway\|Roboto\|Roboto+Condensed\|Roboto+Slab\|Slabo+27px\|Source+Sans+Pro\|Ubuntu\|Volkhov&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 29 Jan 2023 14:58:46 GMT date: Sun, 29 Jan 2023 14:58:46 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash db3290a85d0ba4da27406ae9636aa618 4c69da45eddd66a1e26fce5562fc45eda7005309 19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.67	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size 16 kB (15744 bytes) Hash 15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 HTTP Headers `GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://romspure.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 25 Jan 2023 19:33:54 GMT expires: Thu, 25 Jan 2024 19:33:54 GMT cache-control: public, max-age=31536000 age: 329092 last-modified: Wed, 11 May 2022 19:24:48 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash db3290a85d0ba4da27406ae9636aa618 4c69da45eddd66a1e26fce5562fc45eda7005309 19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2	142.250.74.67	200 OK	128 kB
URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data Size 128 kB (128352 bytes) Hash 53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 HTTP Headers `GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://romspure.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 128352 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 27 Jan 2023 12:51:13 GMT expires: Sat, 27 Jan 2024 12:51:13 GMT cache-control: public, max-age=31536000 last-modified: Thu, 25 Aug 2022 00:26:06 GMT content-type: font/woff2 age: 180453 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	142.250.74.67	200 OK	45 kB
URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Size 45 kB (44856 bytes) Hash 565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db HTTP Headers `GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://romspure.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 44856 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 23 Jan 2023 18:52:41 GMT expires: Tue, 23 Jan 2024 18:52:41 GMT cache-control: public, max-age=31536000 age: 504365 last-modified: Mon, 15 Aug 2022 18:20:18 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash bab8a4c1e6bb2e6c9cc00222eef1235d 1a5dd108e9f9aaf33bc048b0097a9f510d295cad fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 14:58:52 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	romspure.cc/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:45 GMT content-type: text/css last-modified: Mon, 21 Nov 2022 15:20:44 GMT vary: Accept-Encoding etag: W/"637b974c-172a9" expires: Wed, 15 Feb 2023 12:55:39 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1130585 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7e%2F1oECAyOXsPgUVutCYp%2FVAtVjk%2BBSwi9OfD7yCXjO2RoslLBtQGzdnEZEWNW3fNNKFFrF2o8hlKrsUCB21RMsR8y5aeL9H6zXlO26sonW1kAStK5YYdyxeXO2"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d3eabc1d1c0e-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-content/themes/k/style.css?ver=2.4	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/wp-content/themes/k/style.css?ver=2.4 IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-content/themes/k/style.css?ver=2.4 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:45 GMT content-type: text/css cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-bgj: minify cf-polished: origSize=15069 etag: W/"63a880e4-3add" expires: Thu, 23 Feb 2023 17:19:43 GMT last-modified: Sun, 25 Dec 2022 16:57:08 GMT pragma: public vary: Accept-Encoding cf-cache-status: HIT age: 423542 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yode4Yt3nVmu9iQKJBZndJbYTJZUgpDfOWTqwT3w7UOvQzIpLYNlHpHQ0vHyn0wuS9hNeoq4zBbCEyI4LMJ63DuK6vN52s%2Fi19OfFsCA138wSRXVXqhLpMnxIXdf"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d3eabc241c0e-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:52 GMT content-type: application/javascript last-modified: Sun, 20 Dec 2020 18:03:22 GMT vary: Accept-Encoding etag: W/"5fdf91ea-2bd8" expires: Wed, 15 Feb 2023 12:55:40 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1130592 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FJyOHJPy2ngsH2dhEf59fxfj%2B9FvRfbNYlDtS2cL3njZ%2FdKEz%2FPglTr9c3odoxfazvENgQqyHfibz38NQSfX0v9OgGX93RrFf6uhKNaoJQL1AyVo1SJ2LzFPTbI"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d417c8ea1c0e-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-content/themes/k/js/bootstrap.min.js?ver=2	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/wp-content/themes/k/js/bootstrap.min.js?ver=2 IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-content/themes/k/js/bootstrap.min.js?ver=2 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:52 GMT content-type: application/javascript last-modified: Sat, 09 May 2020 10:09:29 GMT vary: Accept-Encoding etag: W/"5eb68159-17992" expires: Wed, 15 Feb 2023 12:55:40 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1130592 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf%2BqejgR1kVGo%2BuaHnHKgb7OMtXreFDgbAByR9G68tGFwQlF43pSvqeiJmeVuHrBt466AQ1l8zvW9vNmsOgGvdDa%2FlNMizJrolsXh7efOnPC4YGlXKRCe5%2Fq2tGL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d417c8eb1c0e-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/ IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:44 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding last-modified: Sun, 29 Jan 2023 01:54:37 GMT x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLUU1zlW1W4XyjJU6uy56dKy2z9DCwhDU78nlpR5cCnPVKdYjiDwXuV%2FW5OdB6hxWNIxsGDGNzfhz6Iud8eOCNdv4mOjd5%2BZg0id2%2BlBrIiVCVFFxFmUWKUjjoBo"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d3e35c490b49-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-includes/css/classic-themes.min.css?ver=1	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/wp-includes/css/classic-themes.min.css?ver=1 IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:45 GMT content-type: text/css last-modified: Mon, 21 Nov 2022 15:20:44 GMT vary: Accept-Encoding etag: W/"637b974c-d9" expires: Wed, 15 Feb 2023 12:55:40 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1130585 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T16ENZVhCmcFZoHJzJ9SzR4pBarsg0oq2SmE2FuhlbIu%2FCw04qKPY0e95xBiJRsh8NyB90K8v3NBmmh0uBAn9ss1FMRQ53hiX4VP%2BJ0JOetdlo8JTJFIHqp%2BsMRK"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d3eabc1e1c0e-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:52 GMT content-type: application/javascript last-modified: Mon, 21 Nov 2022 15:20:44 GMT vary: Accept-Encoding etag: W/"637b974c-15e54" expires: Wed, 15 Feb 2023 12:55:40 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1130592 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkYL9uYiDHUtMMeWYkFfXDxC4Zz7Zkn9RYutAFUc6Vx9Cln0rldSb768JFcC%2BYF6qu13T9nf7%2FR71GLSqUPdbTEok8psI0hd%2FhxUc2HeSyPvrro45Zze2CFfX4ee"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d417b8ce1c0e-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-content/themes/k/js/site.js?ver=2.3	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/wp-content/themes/k/js/site.js?ver=2.3 IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-content/themes/k/js/site.js?ver=2.3 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:52 GMT content-type: application/javascript cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-bgj: minify cf-polished: origSize=7457 etag: W/"63a1d772-1d21" expires: Sat, 18 Feb 2023 04:47:44 GMT last-modified: Tue, 20 Dec 2022 15:40:34 GMT pragma: public vary: Accept-Encoding cf-cache-status: HIT age: 900668 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDs2AZ%2BSXXTTNEM4SYJOJDIrLp5dVLSDM3mUklBD5xkwRm8Fp3UC8WtTDCY6IyYwMjlpFK7X9adn5o1pwLdqP%2B0I75uVa5mdXy%2BOQrCXojLUzuZ8ZNH38C%2BJfSaa"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d417c8ed1c0e-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/ IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:45 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding last-modified: Sun, 29 Jan 2023 01:54:37 GMT x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaTKSgQQEl8RnH8mKLvpPuFDktAXnwodxiiY8K%2FQ4K2FpnX2JjVyf%2Fk5BXmnnF22ZnQQtj22zlNbUYzwz%2BKFMQbIQWxmjJnIYha%2F8UNj8mb8RAkJjIhrKZa8pK7I"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d3e99b351c0e-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-content/themes/k/css/bootstrap.min.css?ver=2	172.67.68.35	200 OK	0 B
URL HTTP/2 romspure.cc/wp-content/themes/k/css/bootstrap.min.css?ver=2 IP 172.67.68.35:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-content/themes/k/css/bootstrap.min.css?ver=2 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 29 Jan 2023 14:58:45 GMT content-type: text/css last-modified: Sat, 29 Feb 2020 16:58:31 GMT vary: Accept-Encoding etag: W/"5e5a9837-26326" expires: Sat, 18 Feb 2023 05:28:49 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 898196 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMK2kq82dFtXlyCOMbADvrr1%2FRF2kQx%2F9zlrdzJQ24%2F3dXBRI7CRBelodYLW%2Fvcydk%2BDM9KCnks99Fo6652i53xR161put%2FLL8F2ksk4yU320f0vhQZyIyzxL1rL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7912d3eabc211c0e-OSL content-encoding: br X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML