Report - s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0

Report Overview

Submitted URL
s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0
IP
172.67.71.93
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-31 17:36:36
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.5 kB	192 kB	142.250.74.163
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	23.36.76.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.13.249.229
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	67 kB	34.120.237.76
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	519 B	4.9 kB	216.58.207.226
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
fundingchoicesmessages.google.com	2397	2019-01-16T16:59:52Z	2023-03-13T05:10:12Z	1.1 kB	49 kB	216.58.211.14
s3.romsfast.com	unknown	2022-10-31T12:13:06Z	2023-03-13T02:58:24Z	4.9 kB	107 kB	104.26.6.60
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.1 kB	8.4 kB	142.250.74.131
pagead2.googlesyndication.com	101	2021-02-20T16:52:05Z	2023-03-13T08:39:15Z	442 B	51 kB	142.250.74.162
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
romspure.cc	221922	2021-09-01T18:06:50Z	2023-03-13T06:04:18Z	4.5 kB	132 kB	104.26.4.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-31 17:36:43	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-01-31 17:36:43	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	romspure.cc/	8.7 kB	2023-03-07	2024-04-21
Pretty URL romspure.cc/ IP 104.26.4.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-04-21 01:59:06 Times Seen1110 Hash cd9680743225d3fd4c1b85a731dd2ec8 32741541072b130bfa55f22a4e738c5f0338f54e cdd6551cd2b3236957745d4eae454072cd51cea1fb31885069a31a34fe6c3735 Loading...

	romspure.cc/	468 B	2023-03-09	2023-08-06
Pretty URL romspure.cc/ IP 104.26.4.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:26:50 Last Seen2023-08-06 14:57:05 Times Seen366 Hash 620e4c7586c536809d38e14d688c570b 16d54b13c376505e2493e69a7d09f3c81601e359 efd4f9b659c67da097238c7be75d5596edf767dba09af992ecd48259eaec4674 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6379699571015222	155 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6379699571015222 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:29:08 Last Seen2023-03-13 13:29:08 Times Seen1 Hash d05981e3ddc0285beaaf61390ccf3ad0 369274ccbeb7d3bef066207dbfa54ee91ba384ad 7ba826836cfbf7f01df6b06ce5fded3f59a08371a084b611eb521d210cde3b1e Loading...

	s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0	17 B	2023-03-07	2023-04-05
Pretty URL s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 IP 104.26.6.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2023-04-05 02:12:11 Times Seen1946 Hash 8ff8851cc2351b1ece0667fc38808aca 1948720040e391039821b5f1e0ffb994f42af529 39dc54b6b6d6d57f0d76b09b6e775fa9bf57418049cbb68c31fa4176a8b81175 Loading...

	romspure.cc/	57 B	2023-03-07	2024-04-27
Pretty URL romspure.cc/ IP 104.26.4.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-27 02:43:14 Times Seen10863 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784	151 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:29:08 Last Seen2023-03-13 13:29:08 Times Seen1 Hash 073f878f88ea3c939dd9a672f22562a3 c4a3ec25c11d8fbceb14b02ca9e17ef5d09f614e a111624df2a4460ca3c52c8248e83e0071616e5592adbf31ec9493d03c3dfee4 Loading...

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7924359fabf0b4ed	51 kB	2023-03-13	2023-03-13
Pretty URL s3.romsfast.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7924359fabf0b4ed IP 104.26.6.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:29:08 Last Seen2023-03-13 13:29:08 Times Seen1 Hash 7033ce6e25c41da0496348a1f659d848 464b7b957c837025680a97346d15d4bdc23da381 4c60d2bc2044ca6f3634d3190a15c3f5b78e9891acddf3884c27053a4692972d Loading...

	romspure.cc/	476 B	2023-03-07	2024-04-26
Pretty URL romspure.cc/ IP 104.26.4.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-26 16:08:08 Times Seen15715 Hash ce71388c2d441cfb9ef0985bc4e5bb71 1e74c490ed76f671eb45ab0b45c9c9f5b9b89f0f efb5a648656ae8f944fbf74e5644126464160ab50197a288c8b587e74edd575a Loading...

	http:blank	580 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:29:08 Last Seen2023-03-13 13:29:08 Times Seen1 Hash 5289c2f5f025d4965a2acc9a50af5172 73bbf6c7182588df23ff80c50fcee9bf774f4602 37aaab6258f62e3abe381a11da184d7998b384097b26e81ff041728dad4dedc6 Loading...

	romspure.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-27
Pretty URL romspure.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 104.26.4.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-27 01:43:20 Times Seen31839 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0	3.2 kB	2023-03-13	2023-03-13
Pretty URL s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 IP 104.26.6.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:29:08 Last Seen2023-03-13 13:29:08 Times Seen1 Hash a7283e6603ba1ad8ab42d645d7d940c5 f067ee5989eb1f4685d7af53459e2fa58ca71bba af0101b1740890c64cdd81bd7b5c63120ca818aebe7e1b996753cefdc3d2534e Loading...

	romspure.cc/	102 B	2023-03-09	2024-04-25
Pretty URL romspure.cc/ IP 104.26.4.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:26:50 Last Seen2024-04-25 05:56:37 Times Seen882 Hash b79d3cc4dacaefe2a065e15bd9cf1ed2 f8cabaddf5b1cf655185ddae677118358579ca79 9691fbcc386acebd80bb7222bf8d948096e589cc770f197fb09249a1a1c22394 Loading...

	romspure.cc/	1.4 kB	2023-03-13	2023-03-13
Pretty URL romspure.cc/ IP 104.26.4.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:29:08 Last Seen2023-03-13 13:29:08 Times Seen1 Hash 5b280190505312aa66805935a3d7bd57 b28d466bdca23c5c2124f095862296b3038254e9 72e1314eedd65a61a04c304fea69ec550dabce549d9ae8b615f001c6c3f0df48 Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6379699571015222&plah=romspure.cc&bust=31071855	370 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6379699571015222&plah=romspure.cc&bust=31071855 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:27:42 Last Seen2023-03-13 13:29:08 Times Seen1 Hash 7d267a40cc6a496d5b4890d0789fbeb1 99ddc56fb3349c48ed187a171c382e5e0b17cb58 693b5e8f28631cd8d7602078c8de36351f712b1bb711ea4b2fc2f0ac78355574 Loading...

	fundingchoicesmessages.google.com/i/ca-pub-6379699571015222?ers=2	125 kB	2023-03-13	2023-03-13
Pretty URL fundingchoicesmessages.google.com/i/ca-pub-6379699571015222?ers=2 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:29:08 Last Seen2023-03-13 13:29:08 Times Seen1 Hash 63e60af0426b6a8c81a1e50930792a58 85bff3739833b57f069df54332e1354b3cd854aa faef1be831d79d22f55b0e88f5df9760e65b38b9c19d4a613695d3db2a59cb55 Loading...

	fundingchoicesmessages.google.com/f/AGSKWxWJBENSOU-WfmCfVfS8qPG2__0U8Qh7mapj5N6tEdpd23u4Zt37_DTFBWTtvmWSSKnTocYaWWrJDD6Dohx8B7k=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MTg2NjA4LDMzMDAwMDAwMF0sIjQ2NTFCRDNBLUM1MDYtNEZBRC1BOTQ2LTIxQzNGOUY1NzNBRSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcm9tc3B1cmUuY2MvIixudWxsLFtbOCwiUklMRTRrYThSMFEiXSxbOSwiZW4tVVMiXV1d	437 kB	2023-03-13	2023-03-13
Pretty URL fundingchoicesmessages.google.com/f/AGSKWxWJBENSOU-WfmCfVfS8qPG2__0U8Qh7mapj5N6tEdpd23u4Zt37_DTFBWTtvmWSSKnTocYaWWrJDD6Dohx8B7k=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MTg2NjA4LDMzMDAwMDAwMF0sIjQ2NTFCRDNBLUM1MDYtNEZBRC1BOTQ2LTIxQzNGOUY1NzNBRSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcm9tc3B1cmUuY2MvIixudWxsLFtbOCwiUklMRTRrYThSMFEiXSxbOSwiZW4tVVMiXV1d IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:29:08 Last Seen2023-03-13 13:29:08 Times Seen1 Hash 16a0df972b301b22cad704eccd0bf082 9a3072fa00536a43b8c40f6afcaa53054f5f0bca 5cf271d942fe5e847fe428e075b0e2d0fbbee81d770bf6d5e8ee3ab8ab425960 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5914507bf0247222d23188e71300e5cf	630 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:29:08 Last Seen2023-03-13 13:29:08 Times Seen1 Hash 5914507bf0247222d23188e71300e5cf f6d3bfd358c308f8d56e4dad2d4938fbbc0e3cab 314a4725af2a70ae6fe14e86e831ba0fdf2fc893095d8c7c2fccfb55e7f94999 Loading...

	#2 Eval - 70efa725f660990cc6701727e98c360b	769 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:07:04 Last Seen2023-07-11 03:19:46 Times Seen6035 Hash 70efa725f660990cc6701727e98c360b 04f4df4180629c6a1a8648630310794bfdb39eb8 cb2789441eb37a5d5520d68b778e5e1a0743c6d105076aa2e3be07147e0dc752 Loading...

	#3 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 467d82ac802ebf5b672ecdb8e02505e6	3.6 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:02:24 Last Seen2023-07-11 15:29:01 Times Seen16478 Hash 467d82ac802ebf5b672ecdb8e02505e6 b3df725dd3285fd4618d65c08e83b8f08c8e4798 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515 Loading...

HTTP Transactions (59)

	URL	IP	Response	Size
	s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0	104.26.6.60	503 Service Temporarily Unavailable	7.2 kB
URL HTTP/1.1 s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 IP 104.26.6.60:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836) Size 7.2 kB (7180 bytes) Hash 913ab30e6fdd3b7ebe93ed04c154e13e 22776309f3b3eddc6563f2497fddd19a6623f76c 6af2addc54f5082eb91000ba30f3e5d3dc2f5bb8973bbfa8f4f6ca7903f4e594 HTTP Headers `GET /NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 503 Service Temporarily Unavailable Date: Tue, 31 Jan 2023 17:36:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() Referrer-Policy: same-origin X-Frame-Options: SAMEORIGIN Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbsqqW22n5LBVnkdGwlQRv4%2B9rKgPSiShipl2JWZgJu96uGDUROFKcxkAD4NlLqtpfA%2Bd43%2FR9Yf4hBjZFPf6mXhpalpV%2Be%2B%2BRPFwlBmk%2FXR7knl74NjT7xoX4jNzVHIJg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7924359fabf0b4ed-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 0c35c3ec659d3a26ea97e68d787bb043 d97e3672244efec5b7814f2d8a734cd1a9387854 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2195 Expires: Tue, 31 Jan 2023 18:13:00 GMT Date: Tue, 31 Jan 2023 17:36:25 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d2e72d45afe3d391c204b5391599607c 149d68b9d00a720b6f380fa2324779dca9dbe26d f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10489 Expires: Tue, 31 Jan 2023 20:31:14 GMT Date: Tue, 31 Jan 2023 17:36:25 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 31 Jan 2023 16:43:17 GMT content-type: application/json age: 3188 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 09ee4b0fe6cf4ca5ed31b24452338d00 7e62b6e20f0d4737f4a8d94f9818a0883027839e 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2214 Expires: Tue, 31 Jan 2023 18:13:19 GMT Date: Tue, 31 Jan 2023 17:36:25 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: G1ZkLt9qLnOCPEt2BnpKPzgVcSP1mxoJnG9Tf6Rl5mxvVfO1GjpS8A20lqzIzU9xBd4T0J3g/qU= x-amz-request-id: DYHJ4AJ3WPZYDZAV content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 31 Jan 2023 16:51:14 GMT age: 2711 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	s3.romsfast.com/cdn-cgi/styles/challenges.css	104.26.6.60	200 OK	2.6 kB
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/styles/challenges.css IP 104.26.6.60:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (6190), with no line terminators Size 2.6 kB (2585 bytes) Hash 0cfcef358de34ee519bc7aee694f3963 ee32fa87d15414efca97a881c99a2172d728ea77 1b82a0dbaae19093a91691e510ea2606a8476ed60a5f3a63794dcbc1fc0d2789 HTTP Headers `GET /cdn-cgi/styles/challenges.css HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 Connection: keep-alive` `HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 17:36:25 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Mon, 23 Jan 2023 11:05:33 GMT ETag: W/"63ce69fd-182e" Server: cloudflare CF-RAY: 792435a15f65b4eb-OSL X-Frame-Options: DENY X-Content-Type-Options: nosniff Vary: Accept-Encoding Expires: Tue, 31 Jan 2023 19:36:25 GMT Cache-Control: max-age=7200, public Content-Encoding: gzip`

	s3.romsfast.com/favicon.ico	104.26.6.60	302 Found	0 B
URL HTTP/1.1 s3.romsfast.com/favicon.ico IP 104.26.6.60:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 Connection: keep-alive` HTTP/1.1 302 Found Date: Tue, 31 Jan 2023 17:36:25 GMT Content-Length: 0 Connection: keep-alive Location: https://romspure.cc Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAWDFwiGAPncWulNWtxwhPi2KqgoXrjYqP%2B%2FpWdPn807p1wG7LX2DJAEGxtyaSNv%2BM5GdNhnqIsn29xK%2BcChOzD7IfTBy0NJ9oKdzwn9LbmgFNUNpuYUW1QZfHNWQEBtfQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 792435a16d08b50b-OSL alt-svc: h2=":443"; ma=60

	s3.romsfast.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7924359fabf0b4ed	104.26.6.60	200 OK	42 B
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7924359fabf0b4ed IP 104.26.6.60:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7924359fabf0b4ed HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 Connection: keep-alive` `HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 17:36:25 GMT Content-Type: image/gif Content-Length: 42 Connection: keep-alive Last-Modified: Mon, 23 Jan 2023 11:05:33 GMT ETag: "63ce69fd-2a" Server: cloudflare CF-RAY: 792435a1c82cb4eb-OSL X-Frame-Options: DENY X-Content-Type-Options: nosniff Vary: Accept-Encoding Expires: Tue, 31 Jan 2023 19:36:25 GMT Cache-Control: max-age=7200, public Accept-Ranges: bytes`

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7924359fabf0b4ed	104.26.6.60	200 OK	22 kB
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7924359fabf0b4ed IP 104.26.6.60:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (50996), with no line terminators Size 22 kB (22439 bytes) Hash 40c820ea072d7508ef30f934fc1b3e7a aeb3c13cfc6d8c420f6d5a4a05f404ea14af60ad 1117b0e7599a9970f5041e2aa4d5db09e6e176b4425a515324c329aa2443e7b2 HTTP Headers `GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7924359fabf0b4ed HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_rt_tk=iyVllExyyj2qFeAIrfqcSuySHGFip5B0zFq19AvCLtI-1675186585-0-gaNycGzNAxE Connection: keep-alive` HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 17:36:25 GMT Content-Type: application/javascript; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cache-control: max-age=0, must-revalidate Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0djTmLfg8Fa6XUUQT%2BwtG57XEMKRpnV5WP%2Fj%2FWwXuCCff%2B%2B%2FonLDCro7YhxRRnfgY6U%2BUV22pHHXikvMqUHWn4Tg8HPNzSNt4pF6tJMd7%2FFjDmqHujmvshfDILXNgD%2FgUw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 792435a1f890b4eb-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 31 Jan 2023 17:36:25 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	e1.o.lencr.org/	23.36.76.226	200 OK	346 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 346 B (346 bytes) Hash f223a4bf597c543d2e746d28cc873b5d b24ebedb79047fe31376e540a4a974eb024024c3 0672ab587e4b33ab98a0d91087e757e535f46fbe4bcdb07ab169a5e9d4f31a0c HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 346 ETag: "0672AB587E4B33AB98A0D91087E757E535F46FBE4BCDB07AB169A5E9D4F31A0C" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=70 Expires: Tue, 31 Jan 2023 17:37:36 GMT Date: Tue, 31 Jan 2023 17:36:26 GMT Connection: keep-alive`

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.04823802233443124:1675184753:FlElvHgPeOgYZrQCnQXM__gJu9ZB5dbcle3o9eIgp-E/7924359fabf0b4ed/061905189baabe1	104.26.6.60	200 OK	66 kB
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.04823802233443124:1675184753:FlElvHgPeOgYZrQCnQXM__gJu9ZB5dbcle3o9eIgp-E/7924359fabf0b4ed/061905189baabe1 IP 104.26.6.60:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65536), with no line terminators Size 66 kB (66153 bytes) Hash 6d039b9d81af30dcb73e303b3019bc38 dbc7b00e6b0fab730469dab2a6fb66b3aff4f73f b94bd89e789cb409d9a030134421f9e0cff23c6b7855233dc9b368ff92975177 HTTP Headers POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.04823802233443124:1675184753:FlElvHgPeOgYZrQCnQXM__gJu9ZB5dbcle3o9eIgp-E/7924359fabf0b4ed/061905189baabe1 HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 Content-type: application/x-www-form-urlencoded CF-Challenge: 061905189baabe1 Content-Length: 1805 Origin: http://s3.romsfast.com Connection: keep-alive Cookie: cf_chl_2=061905189baabe1 HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 17:36:26 GMT Content-Type: text/plain; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cf_chl_gen: dEGO/Qt1GMQaLfflWThcVyie8t2+j8TaXepKIOTX/GlKRzHaxaac2VPbI0ecYQ+B+/Dh0kvKW2/5V6leYSTWNXDgyNuxoT7OM9iOBTf/FUp01fh68sNvEh7/1AgDjLHcDOOzmnqPvrAk6/Bl9iMLCiFsZ/uNZGNdWPBfhYw46BAN0voyd0dXA2N4pUXJxRxxU262zfN/IWpHIARgRj6chg5p5bTLi7BsA/5TVli61XH9z5NqzrwWKuOoMA6mHKvfyf9XSCT+N5GhbuC/Afi22FYGlu4fAEIlUrWIc1qlGEeMRUzlJEnQcMf7m1+P3PmNVDRKPI3yAb9NqJm0WcAQFIyO8XVj+bDSmCtnk5yJTsTaeD+cboUsnMeOSHbanXBP$vvq+xH2a5M5rxUOa8FXzsQ== Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGe6zCyDcJ%2FYw1dgslxuf91SkhvgDf3CZcDaiaANzKP1L8r3wlfWaPcWuaBUXhe2wpoY8%2FIEynPbwD53M2NJcRORUizNphBGtu%2ByPXpIRFkeZQj7ts7aF48%2BQy8bUOuQSg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 792435a35a8bb4eb-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 31 Jan 2023 16:41:42 GMT age: 3284 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6018 Expires: Tue, 31 Jan 2023 19:16:44 GMT Date: Tue, 31 Jan 2023 17:36:26 GMT Connection: keep-alive`

	push.services.mozilla.com/	52.13.249.229	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.13.249.229:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: SCAGGZYPJvHAIXX5t0W4pQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: sdnCYzRzVZe86gX8Gc4Mds3NxBM=`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3758 Expires: Tue, 31 Jan 2023 18:39:06 GMT Date: Tue, 31 Jan 2023 17:36:28 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3758 Expires: Tue, 31 Jan 2023 18:39:06 GMT Date: Tue, 31 Jan 2023 17:36:28 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3758 Expires: Tue, 31 Jan 2023 18:39:06 GMT Date: Tue, 31 Jan 2023 17:36:28 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (9987 bytes) Hash 2c4934be94898028e2ab696561b51462 6cf734e2d29938688913daacfb75506d8e004a94 239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9987 x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flYlPF9uIAMFXMg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:58:16 GMT age: 56292 etag: "6cf734e2d29938688913daacfb75506d8e004a94" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6844 bytes) Hash 976dda397f9292a498ca9db5599c0378 dad9e9c3462907a2475046aee36d57f8309cd44e 7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6844 x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flZsxH0YIAMF9ew= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 6bbFjAsd03GN8zzBnAFBm7xA8igZ_xHJsOHzw7nwNgRxiWUDLPGjpQ== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:53:29 GMT age: 56579 etag: "dad9e9c3462907a2475046aee36d57f8309cd44e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11129 bytes) Hash 2797bfd35b7ec24888de84be14f7f2ec 8e315ac5856967286eaa8769e081d827fb4ca39e b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11129 x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffDBZGRPoAMFedg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 03:40:17 GMT age: 50171 etag: "8e315ac5856967286eaa8769e081d827fb4ca39e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (13853 bytes) Hash d957012d3e2b8c3bc0eefe11d66e8554 1959fdd94846fa3791c4890578dd15336b909dcc a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13853 x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fk3zzF4hIAMFwWg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: T5CaUojMEG8x8vki59UdIhI8IbbBRY_7w3xgiW3RCZlHTyeHPLIy2Q== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:47:13 GMT age: 71355 etag: "1959fdd94846fa3791c4890578dd15336b909dcc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg	34.120.237.76	200 OK	5.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.9 kB (5903 bytes) Hash 42a648f9d34d8fb703f0b80a52e0deec 7ccefd66211d249ae5266c3b6ae3375a19e5cb6d a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5903 x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fboufGeSoAMF-1g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ZKuBcZgC6yolu1QcaXZKAIIDynG3Zywq1d7sWI8Jlq3ULwlr6XlhWQ== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 13:05:29 GMT age: 16259 etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (12507 bytes) Hash 5190c0bdc6abe0ee258e9f8c20ddaf51 d60f280f8a742480527dbc32d08f321f972d4fcf 874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12507 x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fhklyFaJoAMFqKA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:55:07 GMT age: 70881 etag: "d60f280f8a742480527dbc32d08f321f972d4fcf" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/img/7924359fabf0b4ed/1675186586143/tnjbV7clYWSeyP_	104.26.6.60	200 OK	61 B
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/challenge-platform/h/g/img/7924359fabf0b4ed/1675186586143/tnjbV7clYWSeyP_ IP 104.26.6.60:0 ASN #13335 CLOUDFLARENET File type PNG image data, 57 x 96, 8-bit/color RGB, non-interlaced\012- data Size 61 B (61 bytes) Hash f6937fe4b4170083affe1237d5ecdc28 773f85c8401f38cb1c8461292e1fbd38a76c2e76 09ee35e65fcfda1eaf3d35216c6f3c45590653cfbf1986d991a70d20dabf3bf9 HTTP Headers GET /cdn-cgi/challenge-platform/h/g/img/7924359fabf0b4ed/1675186586143/tnjbV7clYWSeyP_ HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 Connection: keep-alive Cookie: cf_chl_2=061905189baabe1 HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 17:36:28 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdFNCd9TmvB7pEfrW5A1Hs1k8I3ek5golqBuh%2BRzv1S4yRCH8t70d5IwANtRc1GgUjJWCEZHxfbcu7FZSs4k0cYJI2ky%2FB%2B87P%2FzAu6WAn28L8fFFdMcDmuCufJxt44J%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 792435b43d4eb4eb-OSL alt-svc: h2=":443"; ma=60

	s3.romsfast.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.04823802233443124:1675184753:FlElvHgPeOgYZrQCnQXM__gJu9ZB5dbcle3o9eIgp-E/7924359fabf0b4ed/061905189baabe1	104.26.6.60	200 OK	1.7 kB
URL HTTP/1.1 s3.romsfast.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.04823802233443124:1675184753:FlElvHgPeOgYZrQCnQXM__gJu9ZB5dbcle3o9eIgp-E/7924359fabf0b4ed/061905189baabe1 IP 104.26.6.60:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (2220), with no line terminators Size 1.7 kB (1716 bytes) Hash a2506620137078ccbc89be89adb65e9a bd1a1fb5bca17e44b7f214f30dc6261973dfcc18 2ac0fc01a9aa63da56e99af0f2209b76d6cb663f5ebb36778749eb05bd9d42ac HTTP Headers POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.04823802233443124:1675184753:FlElvHgPeOgYZrQCnQXM__gJu9ZB5dbcle3o9eIgp-E/7924359fabf0b4ed/061905189baabe1 HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 Content-type: application/x-www-form-urlencoded CF-Challenge: 061905189baabe1 Content-Length: 16730 Origin: http://s3.romsfast.com Connection: keep-alive Cookie: cf_chl_2=061905189baabe1 HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 17:36:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive set-cookie: cf_chl_rc_ni=;Expires=Mon, 30 Jan 2023 17:36:29 GMT;SameSite=Strict cf_chl_out: aMStlI0xGJfsXgMNhaS9wclUPkkabQTcHpOga+5gUqCgV+hhT+E7wcD0d6yYi+R3FRz6FuBJkgD7N9b6zDDrOA==$qOVaFjrWPdKFbA+ERkLsGQ== cf_chl_out_s: 3QO6TgEoP3+ZcqW29Zw4KjasNcbWiEqg5IVCQwjVjCe53QpOeN/eXzRKy79nF5MNzu1nscRfss3ZmbRcqmylcCZD1qUJbRVUgEhNHF1XGl7fT4JFEAbjKzP0fpJZGZAWKYTqpXG1MFO27sWvbWJK/A==$q06omUC++Yj57gPxmnzyqA== Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JR%2BkuSIj6%2Fd4CaQnsD7tO0iRUIJlqAd9REdVlqD9LwelXGSuGumGOmnndkT4rOEglEiveriBMeOuGCK0hCqyRqipJtOfEMHEM7LBymAwXGyaHYG8F28tL0Xck%2BXvlg%2Ftsw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 792435b7bb0cb4eb-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60

	s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0	104.26.6.60	302 Found	0 B
URL HTTP/1.1 s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 IP 104.26.6.60:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=5OsVRI1vb_ykS1PxG29nWCsLCNtVXnFZ1piwoWxbiuM-1675186530-0-gaNycGzNCL0 HTTP/1.1 Host: s3.romsfast.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://s3.romsfast.com/NTSC-US/God%20of%20War%20II%20(USA).7z?__cf_chl_tk=iyVllExyyj2qFeAIrfqcSuySHGFip5B0zFq19AvCLtI-1675186585-0-gaNycGzNAxE Content-Type: application/x-www-form-urlencoded Content-Length: 1499 Origin: http://s3.romsfast.com Connection: keep-alive Cookie: cf_chl_2=061905189baabe1 Upgrade-Insecure-Requests: 1 HTTP/1.1 302 Found Date: Tue, 31 Jan 2023 17:36:29 GMT Content-Length: 0 Connection: keep-alive Set-Cookie: cf_chl_2=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.romsfast.com cf_clearance=nkOnBSN9JTCHqP02IG9Jj_Ee_Yx_XhYebj5JzPLgYWM-1675186589-0-150; path=/; expires=Wed, 31-Jan-24 17:36:29 GMT; domain=.romsfast.com; HttpOnly Location: https://romspure.cc Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CVESwPfjfLxYLLsk2Nyk3Mr3FfST48h7usAq39Mv%2BAKSnABzL4rfS0aLsdj0Hnbf%2Bsf6L8XaZMHbmTXoGJ7ZiO4E06tnr8hQrU%2FekdgXzsvJfQbNiH9hZTGVN1plBaCEg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 792435b82b93b4eb-OSL alt-svc: h2=":443"; ma=60

	e1.o.lencr.org/	23.36.76.226	200 OK	346 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 346 B (346 bytes) Hash c1f408aeb53afcf8ae06639928fc848f 1b6889f060ece10b84624b3cf2e7cc87729e51b6 4aae442152d94ec39ca031ff2315db24ff6bea6bff53f38e6ae859e115f025e3 HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 346 ETag: "4AAE442152D94EC39CA031FF2315DB24FF6BEA6BFF53F38E6AE859E115F025E3" Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20188 Expires: Tue, 31 Jan 2023 23:12:57 GMT Date: Tue, 31 Jan 2023 17:36:29 GMT Connection: keep-alive`

	romspure.cc/wp-content/uploads/2020/05/bg-search.png	104.26.4.97	200 OK	24 kB
URL HTTP/2 romspure.cc/wp-content/uploads/2020/05/bg-search.png IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type PNG image data, 1920 x 500, 8-bit colormap, non-interlaced\012- data Size 24 kB (24210 bytes) Hash 4afc52d0f0ef0723532ad66629522c81 cabdf5838f750ef8a22e910cdf1c4439f44f2810 3ad6d7e37cd007e5585b621a2f2f4e3d6a7724349233a296a338a2f62ff750df HTTP Headers `GET /wp-content/uploads/2020/05/bg-search.png HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:29 GMT content-type: image/png content-length: 24210 last-modified: Fri, 29 Oct 2021 22:52:29 GMT etag: "617c7b2d-5e92" expires: Sat, 18 Feb 2023 08:22:26 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1070043 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U36FbRmfoN4MIkjrPQXbostYbfWVaVQ3XjN93AwL4X9DvtTTqLiC5GvqgPgSEqakrm3wWezf9hEQPPSGTrj%2BE00oZkOoCL1jwFGij7a6HxM3KGvAB1uicKkiITHU"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 792435badc75b503-OSL X-Firefox-Spdy: h2

	romspure.cc/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	104.26.4.97	200 OK	16 kB
URL HTTP/2 romspure.cc/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (47826) Size 16 kB (16489 bytes) Hash bcf5525e23266c3626f3ff2b0ba4724a 7e0c4677815d9b0084fab60120cce7a571376257 aa219b1b62b5fa4c8ca6e37380f178b33a2c11d150e6c0db6b8904e7006eb4be HTTP Headers `GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:29 GMT content-type: text/css last-modified: Mon, 21 Nov 2022 15:20:44 GMT vary: Accept-Encoding etag: W/"637b974c-172a9" expires: Wed, 15 Feb 2023 12:55:39 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1312849 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0ZqSsCdOVjQ3c1MMuxYHveXsydTV%2FNEwictLdSYKd9mdNrxARuFHxknGYc1foTuFQ%2F2%2B%2B095ogYXO0ZXmwyObo049xwdFqLvNNZRFZzURnYcoTeB%2BcAlTdcCj%2B4"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435ba6bdfb503-OSL content-encoding: br X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 69ffc0a3f7ca2b025a6b99f9c38889be 1b436bda66cd246a1024f8c3d8e91e3aeef31eaa 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 69ffc0a3f7ca2b025a6b99f9c38889be 1b436bda66cd246a1024f8c3d8e91e3aeef31eaa 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	romspure.cc/	104.26.4.97	200 OK	68 kB
URL HTTP/2 romspure.cc/ IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators Size 68 kB (67524 bytes) Hash 3358d51b646ed62820d2b2f6e099d090 a4c43ac46a34f4decc5a58c59efdfcfad604d9a5 b7d485bb9788a41df052fa841b0b2ea948015b573279a758168a8d2b1fe6121b HTTP Headers `GET / HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:29 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding last-modified: Mon, 30 Jan 2023 20:12:45 GMT x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8zwdduPFTQgbw5FYC3HbI3MWungwEENxPQDKe7%2BWFIx0LH49J5JRJN9PhmTh3dxlQksk%2FhrljZ%2F34f4DiBsSTTOgZHWS0CgDeFf24uEuT9%2B%2FqZ47m03L5gKMX2v"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435b88979b503-OSL content-encoding: br X-Firefox-Spdy: h2

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784	142.250.74.162	200 OK	50 kB
URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784 IP 142.250.74.162:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (3642) Size 50 kB (50063 bytes) Hash cd893d03a3fd7f30bdd14ae04e246553 66dedba48fc08c772d2715cb59e645345506c98b 583695eb61e2b50e08d7cf255586fc9ef79ef19a5ea619db2f896f136da5be8e HTTP Headers `GET /pagead/js/adsbygoogle.js?client=ca-pub-5918973911368784 HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://romspure.cc Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding date: Tue, 31 Jan 2023 17:36:30 GMT expires: Tue, 31 Jan 2023 17:36:30 GMT cache-control: private, max-age=3600 content-type: text/javascript; charset=UTF-8 etag: 3204600710708656095 access-control-allow-origin: * x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 50063 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 69ffc0a3f7ca2b025a6b99f9c38889be 1b436bda66cd246a1024f8c3d8e91e3aeef31eaa 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html	216.58.207.226	200 OK	4.2 kB
URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html IP 216.58.207.226:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579) Size 4.2 kB (4242 bytes) Hash 2fb3574102373e2e076cfa2ff90cdf25 d06c985183def975546d6e47ab6369c11dcf7195 e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345 HTTP Headers GET /pagead/html/r20230125/r20190131/zrt_lookup.html HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding x-content-type-options: nosniff content-encoding: br server: cafe content-length: 4242 x-xss-protection: 0 date: Mon, 30 Jan 2023 18:54:51 GMT expires: Mon, 13 Feb 2023 18:54:51 GMT cache-control: public, max-age=1209600 etag: 10353107486223812946 content-type: text/html; charset=UTF-8 age: 81699 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d 736ae15d0ed2068580d35a7cff8b33c0ec87af52 24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	romspure.cc/wp-includes/css/classic-themes.min.css?ver=1	104.26.4.97	200 OK	15 kB
URL HTTP/2 romspure.cc/wp-includes/css/classic-themes.min.css?ver=1 IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type ASCII text Size 15 kB (15295 bytes) Hash c82773e6ba30064c709ec44a6b5b1417 ce929e6571b48f5d01b01a92a3ab613eb63beae2 0c38fad95f74af5a7773fa6368c1ac8b107f0b2b11a9abf664abd806ef499afb HTTP Headers `GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:29 GMT content-type: text/css last-modified: Mon, 21 Nov 2022 15:20:44 GMT vary: Accept-Encoding etag: W/"637b974c-d9" expires: Wed, 15 Feb 2023 12:55:40 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1312849 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRneUG67ZA1q8Qhv5Cmggqk0pHqySBwlWcO5lQajf%2Fhx0LgFFtaZhNFN5mq0UIa7R2zI%2FMGQ3gXw5pAw3JdgqFxYTVHhflF0HlmwFzDtHG1Y7OnkaJpCS%2B%2FqLUwL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435ba6be1b503-OSL content-encoding: br X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 789b41f1f8027d4275a66ac9cb2f124d c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79 e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.163	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size 16 kB (15744 bytes) Hash 15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 HTTP Headers `GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://romspure.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 03:13:04 GMT expires: Fri, 26 Jan 2024 03:13:04 GMT cache-control: public, max-age=31536000 last-modified: Wed, 11 May 2022 19:24:48 GMT content-type: font/woff2 age: 483806 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 789b41f1f8027d4275a66ac9cb2f124d c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79 e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fundingchoicesmessages.google.com/i/ca-pub-6379699571015222?ers=2	216.58.211.14	200 OK	46 kB
URL HTTP/2 fundingchoicesmessages.google.com/i/ca-pub-6379699571015222?ers=2 IP 216.58.211.14:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1976) Size 46 kB (45700 bytes) Hash 8c7fa40e758dd7df4a31c196b35975d4 b6ea7a1e418123627b34c6f4f35fbd5616565f12 397728f231381b8bcc805cb14ff17ad38ec48ffee5174341ac2ddd2c2cd6d4b6 HTTP Headers `GET /i/ca-pub-6379699571015222?ers=2 HTTP/1.1 Host: fundingchoicesmessages.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Tue, 31 Jan 2023 17:36:30 GMT permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]} accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-xW-d8MspxD5F7b-ogK9awA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp" content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2	142.250.74.163	200 OK	128 kB
URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data Size 128 kB (128352 bytes) Hash 53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 HTTP Headers `GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://romspure.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 128352 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 28 Jan 2023 00:57:19 GMT expires: Sun, 28 Jan 2024 00:57:19 GMT cache-control: public, max-age=31536000 age: 319151 last-modified: Thu, 25 Aug 2022 00:26:06 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 17:36:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	142.250.74.163	200 OK	45 kB
URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Size 45 kB (44856 bytes) Hash 565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db HTTP Headers `GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://romspure.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 44856 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 10:05:58 GMT expires: Fri, 26 Jan 2024 10:05:58 GMT cache-control: public, max-age=31536000 last-modified: Mon, 15 Aug 2022 18:20:18 GMT content-type: font/woff2 age: 459032 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	romspure.cc/wp-content/themes/k/css/bootstrap.min.css?ver=2	104.26.4.97	200 OK	0 B
URL HTTP/2 romspure.cc/wp-content/themes/k/css/bootstrap.min.css?ver=2 IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-content/themes/k/css/bootstrap.min.css?ver=2 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:29 GMT content-type: text/css last-modified: Sat, 29 Feb 2020 16:58:31 GMT vary: Accept-Encoding etag: W/"5e5a9837-26326" expires: Sat, 18 Feb 2023 05:28:49 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1080460 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hc9nRHUDiEZlH2nPooRAkh7L2dOG1PvdJCy%2F8ZUH4VH6yGjkidV0G603wtdceXDMHTioGJvt%2BL21lQ%2FFZjGisd7dhzkyelwax%2BRZzodfesanBm0oY0Z0opLpwAWX"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435ba6be2b503-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	104.26.4.97	200 OK	0 B
URL HTTP/2 romspure.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:34 GMT content-type: application/javascript last-modified: Mon, 21 Nov 2022 15:20:44 GMT vary: Accept-Encoding etag: W/"637b974c-15e54" expires: Wed, 15 Feb 2023 12:55:40 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1312854 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGj3mSypOlno7mqPyZHFfx3EMJzX7GYLhboPNpLtafdwJCqLADoHODqyQFp4U%2FFP37szz09tl3QPOKYlL8plYl0VmFcqYCB%2B%2F%2FsnJMEaIdICeH%2BTblQGnPb6laqT"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435d559f6b503-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-content/themes/k/style.css?ver=2.4	104.26.4.97	200 OK	0 B
URL HTTP/2 romspure.cc/wp-content/themes/k/style.css?ver=2.4 IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-content/themes/k/style.css?ver=2.4 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:29 GMT content-type: text/css cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-bgj: minify cf-polished: origSize=15069 etag: W/"63a880e4-3add" expires: Thu, 23 Feb 2023 17:19:43 GMT last-modified: Sun, 25 Dec 2022 16:57:08 GMT pragma: public vary: Accept-Encoding cf-cache-status: HIT age: 605806 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95ojgGQ8cL2wTF6URcHmTZ6Ug%2BZjIZ4j%2BiW3w7ou6n1gK3aU6nYxS%2BmmSVs234%2BQk%2BscMLAy4Yqife0SXQhQPBFaKVI1sZJh8H9wQV2Ra0Uw1lx7lmRY7kfruzB5"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435ba6be5b503-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-content/themes/k/js/bootstrap.min.js?ver=2	104.26.4.97	200 OK	0 B
URL HTTP/2 romspure.cc/wp-content/themes/k/js/bootstrap.min.js?ver=2 IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-content/themes/k/js/bootstrap.min.js?ver=2 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:34 GMT content-type: application/javascript last-modified: Sat, 09 May 2020 10:09:29 GMT vary: Accept-Encoding etag: W/"5eb68159-17992" expires: Wed, 15 Feb 2023 12:55:40 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1312854 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ly8C2GAzCQSQRsCpB357CsNY9xLpxoeGwkCR7V09cpSPQDXyVtDrkMhg74Tg3wFrPwbGDAg0%2B402cAwexeBFiMeSerJTgTktFADkCep0OkgXSJ3Ci4jyGXM8nHw"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435d559fcb503-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-content/themes/k/js/site.js?ver=2.3	104.26.4.97	200 OK	0 B
URL HTTP/2 romspure.cc/wp-content/themes/k/js/site.js?ver=2.3 IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-content/themes/k/js/site.js?ver=2.3 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:34 GMT content-type: application/javascript cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-bgj: minify cf-polished: origSize=7457 etag: W/"63a1d772-1d21" expires: Sat, 18 Feb 2023 04:47:44 GMT last-modified: Tue, 20 Dec 2022 15:40:34 GMT pragma: public vary: Accept-Encoding cf-cache-status: HIT age: 1082930 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aagthF6AbXz5i1PYHbZ4j%2B7gkBpwu%2FUC6PBC1BgYpOYxWU6rzVDYti1dZCfKd4HaDBwZL%2BFQiY9Q7urboKfwR9FRYY25YXqBR5mOI6%2FZU9k2epBHEMWXXjeLpyYp"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435d57a20b503-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/	104.26.5.97	200 OK	0 B
URL HTTP/2 romspure.cc/ IP 104.26.5.97:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:26 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding last-modified: Mon, 30 Jan 2023 20:12:45 GMT x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey%2FNrEDnqKct3bOU3dwkyB%2BQjPrCzce1CWCT%2Br2SNyVyzqiHij8xN9HKv6%2FDWKpduTH%2B%2FvMcm%2F%2FvGtfn2cSiMyY7Y3mnmuR4lS63cNRU6nTMbNNzHG7WKOwpOpoH"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435a2a886b529-OSL content-encoding: br X-Firefox-Spdy: h2

	romspure.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	104.26.4.97	200 OK	0 B
URL HTTP/2 romspure.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 104.26.4.97:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 Host: romspure.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Tue, 31 Jan 2023 17:36:34 GMT content-type: application/javascript last-modified: Sun, 20 Dec 2020 18:03:22 GMT vary: Accept-Encoding etag: W/"5fdf91ea-2bd8" expires: Wed, 15 Feb 2023 12:55:40 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate pragma: public cf-cache-status: HIT age: 1312854 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv2esltPPAo6yid5D%2F1aT5msECNyIS97gMK5gbngu2zbLuuF3FWuaiY4YZPte1cnJxCtm8LrC42gZrrNTF7Y12xz15%2BX5i5VDdKnQMvnVQI%2B84KdRSKcWHIBHaY%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 792435d559fab503-OSL content-encoding: br X-Firefox-Spdy: h2

	fundingchoicesmessages.google.com/f/AGSKWxWJBENSOU-WfmCfVfS8qPG2__0U8Qh7mapj5N6tEdpd23u4Zt37_DTFBWTtvmWSSKnTocYaWWrJDD6Dohx8B7k=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MTg2NjA4LDMzMDAwMDAwMF0sIjQ2NTFCRDNBLUM1MDYtNEZBRC1BOTQ2LTIxQzNGOUY1NzNBRSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcm9tc3B1cmUuY2MvIixudWxsLFtbOCwiUklMRTRrYThSMFEiXSxbOSwiZW4tVVMiXV1d	216.58.211.14	200 OK	0 B
URL HTTP/2 fundingchoicesmessages.google.com/f/AGSKWxWJBENSOU-WfmCfVfS8qPG2__0U8Qh7mapj5N6tEdpd23u4Zt37_DTFBWTtvmWSSKnTocYaWWrJDD6Dohx8B7k=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MTg2NjA4LDMzMDAwMDAwMF0sIjQ2NTFCRDNBLUM1MDYtNEZBRC1BOTQ2LTIxQzNGOUY1NzNBRSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcm9tc3B1cmUuY2MvIixudWxsLFtbOCwiUklMRTRrYThSMFEiXSxbOSwiZW4tVVMiXV1d IP 216.58.211.14:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers GET /f/AGSKWxWJBENSOU-WfmCfVfS8qPG2__0U8Qh7mapj5N6tEdpd23u4Zt37_DTFBWTtvmWSSKnTocYaWWrJDD6Dohx8B7k=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MTg2NjA4LDMzMDAwMDAwMF0sIjQ2NTFCRDNBLUM1MDYtNEZBRC1BOTQ2LTIxQzNGOUY1NzNBRSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcm9tc3B1cmUuY2MvIixudWxsLFtbOCwiUklMRTRrYThSMFEiXSxbOSwiZW4tVVMiXV1d HTTP/1.1 Host: fundingchoicesmessages.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://romspure.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK content-type: application/javascript; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Tue, 31 Jan 2023 17:36:30 GMT cross-origin-resource-policy: cross-origin accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-8CifMBQdjqZVeZn_FjNoWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= cross-origin-opener-policy: same-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML