romspure.cc Open in urlscan Pro
172.67.68.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Submission: On December 07 via manual (December 7th 2022, 1:47:24 am UTC) from AU — Scanned from AU

Summary HTTP 60 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 60 HTTP transactions. The main IP is 172.67.68.35, located in United States and belongs to CLOUDFLARENET, US. The main domain is romspure.cc. The Cisco Umbrella rank of the primary domain is 403645.
TLS certificate: Issued by E1 on October 19th 2022. Valid for: 3 months.

This is the only time romspure.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	172.67.68.35 172.67.68.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.4.156 142.250.4.156	15169 (GOOGLE) (GOOGLE)
8	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
1	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
1	142.250.4.154 142.250.4.154	15169 (GOOGLE) (GOOGLE)
2	74.125.24.95 74.125.24.95	15169 (GOOGLE) (GOOGLE)
8	74.125.200.132 74.125.200.132	15169 (GOOGLE) (GOOGLE)
2	142.251.12.138 142.251.12.138	15169 (GOOGLE) (GOOGLE)
2	142.251.10.157 142.251.10.157	15169 (GOOGLE) (GOOGLE)
2	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
1	74.125.24.139 74.125.24.139	() ()
60	12

9 172.67.68.35 (United States)

ASN13335 (CLOUDFLARENET, US)

romspure.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.138 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f138.1e100.net

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.139 (None, )

ASN- ()

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 tpc.googlesyndication.com — Cisco Umbrella Rank: 144	298 KB
9	romspure.cc romspure.cc — Cisco Umbrella Rank: 403645	82 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	147 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 87 mts0.google.com — Cisco Umbrella Rank: 4693 fundingchoicesmessages.google.com	117 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com Failed	28 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	94 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	2 KB
1	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 71188	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	698 B
60	9

	Domain	Requested by
9	romspure.cc	romspure.cc
8	tpc.googlesyndication.com	googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net romspure.cc
5	pagead2.googlesyndication.com	romspure.cc pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	mts0.google.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
1	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.com.au	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	fonts.gstatic.com Failed	fonts.googleapis.com
60	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
modyolo.com
facebook.com

Subject Issuer	Validity	Valid
*.romspure.cc E1	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Frame ID: A507AD1774F180EAFAEC0E79FF8B1B56
Requests: 17 HTTP requests in this frame

Frame: https://romspure.cc/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670371200
Frame ID: D5326CCF9E436142F9C97F4E2C8A5686
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: CBFA458F1F0B3938A7973C07CB693FB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&adk=1812271804&adf=3025194257&lmt=1670366301&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640376&bpp=5&bdt=899&idt=1010&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4604561591881&frm=20&pv=2&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1028
Frame ID: 0A3191893382F9433C12EBABD09ABF7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=2565714337&adf=1559032184&pi=t.ma~as.6419107180&w=1200&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=1200x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640381&bpp=2&bdt=905&idt=1031&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tWAfHdVDLt&p=https%3A//romspure.cc&dtd=1036
Frame ID: ABC03E85DD04D313203080577508E906
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045
Frame ID: 4D87A50B8B447EA828982809530EA440
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
Frame ID: 0367AAB560EEF8258F936BAE4AE3E84E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3A41186F1D1722B32935FA9B69D0340F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6C0D68F76147421F47432F0B24E09C6D
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pokémon Scarlet and Violet - NSW ROMs & XCI - Download

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

60
Requests

70 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

12
IPs

1
Countries

770 kB
Transfer

2338 kB
Size

4
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Title: Share On Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/&title=Pok%C3%A9mon%20Scarlet%20and%20Violet&summary=&source=
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://modyolo.com/
Title: MODYOLO – Best MOD APK Site

Search URL Search Domain Scan URL

URL: https://facebook.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://pinterest.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/ 76 KB
17 KB 718ms
507ms Document
text/html 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02dd885bd795984b4709c07f22ac77db71b33e1332be6d01a2cbbe5f102a30d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 775997b3d9ffa962-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 01:47:19 GMT
last-modified: Tue, 06 Dec 2022 22:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cu1ZTXI0d%2BrMONxv2WdYZLd%2B6e5GN6Gs7WbaC3gKmvg9kbadiV6dkqJkrGBJzzU2T83Rg5RmJPP0KeFHSOmey39mkjxljCsN6KWA4mJ2VuNz73unAdAoOvIvcoT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
romspure.cc/wp-includes/css/dist/block-library/ 93 KB
13 KB 135ms
134ms Stylesheet
text/css 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://romspure.cc/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: romspure.cc
URL: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: public
date: Wed, 07 Dec 2022 01:47:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 15:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1333471
etag: W/"637b974c-172a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vtt8e1G%2B%2FlmTfupR5wxwCQDFrTrSOuKjmuTg4agz1VJZkXXHT%2FWpfyx57TpSLN5uMtyObpg4dsKB96jCgtMO%2F9mpJQZLiCA1iSYdEG7o%2BtfKIJGKMHPp3YzaJCOr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 775997b70f39a962-SYD
expires: Wed, 21 Dec 2022 15:22:48 GMT

GET
H2 200 classic-themes.min.css
romspure.cc/wp-includes/css/ 217 B
488 B 132ms
132ms Stylesheet
text/css 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://romspure.cc/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: romspure.cc
URL: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: public
date: Wed, 07 Dec 2022 01:47:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 15:20:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1333471
etag: W/"637b974c-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BpoH%2BgEmAWs7%2BXId%2FiwiFtA3mBPyzoHAR67bF6Vecimny1nO9kM7yzl%2BGC5jiE%2B5HtLOnnrFMM93Ud4rFYWX9ISWiSkEdotXjc5D3fELaF9fuLGpGUczYTaUfQ6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 775997b70f3ca962-SYD
expires: Wed, 21 Dec 2022 15:22:48 GMT

GET
H2 200 bootstrap.min.css
romspure.cc/wp-content/themes/k/css/ 153 KB
24 KB 112ms
111ms Stylesheet
text/css 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://romspure.cc/wp-content/themes/k/css/bootstrap.min.css?ver=2
Requested by: Host: romspure.cc
URL: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d7737950114ba3476ad0f51b84dbbf7cf544be0e1cb0b2a471e966ec6def87c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: public
date: Wed, 07 Dec 2022 01:47:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Feb 2020 16:58:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13239
etag: W/"5e5a9837-26326"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0RGt7gExijBrOxQL6hSs7Ter33DaqOQUZd3Cj50HRD%2Bx05iHOKiwQbAGjPtbKcgAhfAHJ1s6nvAwC7Ldh3dopMnMD%2F0TheyhTNmjOdQU8xba6M6bGAGgtedQLL8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 775997b70f3da962-SYD
expires: Thu, 05 Jan 2023 22:06:40 GMT

GET
H2 200 style.css
romspure.cc/wp-content/themes/k/ 10 KB
3 KB 148ms
147ms Stylesheet
text/css 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://romspure.cc/wp-content/themes/k/style.css?ver=2.1
Requested by: Host: romspure.cc
URL: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf86061f13509e5d8666197e46be2b351c7e011a1895ec17b6ff6e82005fa76

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13239
cf-polished: origSize=15049
pragma: public
cf-bgj: minify
last-modified: Wed, 14 Apr 2021 14:04:25 GMT
server: cloudflare
etag: W/"6076f669-3ac9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRN05bl40CtXPLyqAOk3W32r2WNk%2Fi3Gvx3oY5VQXR3CpMy7ZmWE2XwxmBUVarQcn9%2BeVvskdykN03Ix2%2FqoqLlqPnrQ%2FFCi2kPnbLGT3fTIZOxTaDKWLtaIrGzE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 775997b70f43a962-SYD
expires: Thu, 05 Jan 2023 22:06:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 591ms
205ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6379699571015222

Requested by

Host: romspure.cc
URL: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

30a2506dc6eecbe81effe2cca3bd4eee521b3afd409eaa571a6a17289c24ac1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://romspure.cc/
Origin: https://romspure.cc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49656
x-xss-protection: 0
server: cafe
etag: 12653703737175022142
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 01:47:19 GMT

GET
H2 200 email-decode.min.js Show response
romspure.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1016 B 103ms
103ms Script
application/javascript 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://romspure.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: romspure.cc
URL: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6387a18d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tC6Z8MyrCaed7o2y7FIHQ8LBq60dBcKYpVCJayMIpOv2tU0frCIshEd676h27qtBlueqbKw4OVL9vKe3OAQHyNkSItRTi6mAOedLJmBbYyubMu69E9HFinkich9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 775997b838e3a962-SYD
expires: Fri, 09 Dec 2022 01:47:19 GMT

GET
H2 200 invisible.js Show response
romspure.cc/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame D532 38 KB
16 KB 107ms
107ms Script
application/javascript 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://romspure.cc/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670371200
Requested by: Host: romspure.cc
URL: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e870266e365832bcb61c68f97bdfc5c39a9c82946c92fb22f5c7518458f0d8

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:19 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gn56L329q7uEQLIAD0RvTRCT6inr4U3UU39yEEEIT%2FgIu2%2Bf5uV5g9NuTKwfNUtqTXqjTXlKQmITghbEkhn6JDmfwD4lgKOoFmxOxvwFHdVXWAZtsbfcYAkiZjeC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 775997b90a35a962-SYD

GET
H2 200 pica.js
romspure.cc/cdn-cgi/challenge-platform/h/g/scripts/ Frame D532 17 KB
7 KB 105ms
104ms Other
application/javascript 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://romspure.cc/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: romspure.cc
URL: https://romspure.cc/roms/nintendo-switch/pokemon-scarlet-and-violet/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f78638ef41abe08a00d805175aeab026c1594ca694d66c78d3aa17834179c3cf

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:19 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1htH5LyR4%2B43YZEYQw8VLJdHo7ZY1qU5HhqOy8IASg%2Bg82bMilZmrbCvq0YIcOujvXfNbLLWWictgdgbc9QdXsb1fpWW0%2FnOQVM%2BlhP%2BXF4UQpD7yXP%2BCWOASdz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 775997b9db97a962-SYD

POST
H2 200 775997b3d9ffa962 Show response
romspure.cc/cdn-cgi/challenge-platform/h/g/cv/result/ Frame D532 2 B
558 B 216ms
215ms XHR
text/plain 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://romspure.cc/cdn-cgi/challenge-platform/h/g/cv/result/775997b3d9ffa962
Requested by: Host: romspure.cc
URL: https://romspure.cc/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670371200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Dec 2022 01:47:20 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775997bc7f38a962-SYD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feUUy%2F%2Fxu%2FJTwCELNlHxHNVzLiiB6ELAln5k8yNJXmyDPmuC5Xhum2EIRcbOiz3c5u3Abd%2B4SbGj2v2D2FqHK4mxWavXQqJGxHh6Rfvy6DiVbBSO2b0h5mq7Kl6P"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 355 KB
117 KB 602ms
216ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6379699571015222

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

c0ec2fa02fd34020890039bc531b40618004c02d367357064244d4eac985949b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119781
x-xss-protection: 0
server: cafe
etag: 14261338759903450380
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 01:47:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame CBFA 10 KB
5 KB 576ms
191ms Document
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6379699571015222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://romspure.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 50698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:42:22 GMT
etag: 10353107486223812946
expires: Tue, 20 Dec 2022 11:42:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
698 B 578ms
192ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=romspure.cc&callback=_gfp_s_&client=ca-pub-6379699571015222&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

016c550c4b1da8947a19e9c99533a93ff7f3c70408c349307f45feb2e2dd54ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 585ms
194ms Script
application/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=romspure.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 580ms
193ms Script
application/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=romspure.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A31 277 KB
68 KB 1373ms
1071ms Document
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&adk=1812271804&adf=3025194257&lmt=1670366301&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640376&bpp=5&bdt=899&idt=1010&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4604561591881&frm=20&pv=2&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1028

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

ce03a6b10735d1f5e455b7946d986efc5e995f30d490c4122d7f79d12f5e704f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://romspure.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 69025
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 01:47:22 GMT
expires: Wed, 07 Dec 2022 01:47:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABC0 102 KB
33 KB 1055ms
754ms Document
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=2565714337&adf=1559032184&pi=t.ma~as.6419107180&w=1200&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=1200x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640381&bpp=2&bdt=905&idt=1031&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tWAfHdVDLt&p=https%3A//romspure.cc&dtd=1036

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

adf730b28e1429067c06ebe7f35f386a97b74815a8e7014ca5a249034c8f9b84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://romspure.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33711
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 01:47:22 GMT
expires: Wed, 07 Dec 2022 01:47:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D87 102 KB
33 KB 1191ms
890ms Document
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

76a2795077a32827303cf06c7355161eb7683b23deae8ad79d2400ed68d7b0ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://romspure.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33565
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 01:47:22 GMT
expires: Wed, 07 Dec 2022 01:47:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame ABC0 8 KB
1 KB 580ms
195ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=2565714337&adf=1559032184&pi=t.ma~as.6419107180&w=1200&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=1200x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640381&bpp=2&bdt=905&idt=1031&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tWAfHdVDLt&p=https%3A//romspure.cc&dtd=1036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 01:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 00:21:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 01:47:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame ABC0 2 KB
799 B 819ms
432ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 19:15:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABC0 0
0 204ms
203ms Fetch
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6RTdqfCPY4HJMtXX9QOw366ADrf60uVtxdL94c0QZBABINaUuChgpYCAgJABoAGc6rj7A8gBCakCwvTcyu1ypj6oAwHIA8sEqgSKAk_Qu53rITG1dlImx_VF3CwGcV9-O8qP0RrQ4vNDQJxvKnLoAGMyJ1d1Gi-1P0egEnoZnuoThKSc6FmCkaJkY6K3wRtpftTHh2p2KMPuBcvs2jhs3QT4B6UQRlbFsPcktvdn-NKMq-QwcZAwv-wFXu9gu25GEUnklDhkE3OnR8RhOzSR9BSzpvfFPQTXDRjwNZBnb5590UQfioGT_QlxTciJthe5LY1rAtNi9HDummleSBmw-35sdSgcWV5iNhr8Ms5RnU0B1MMNAXcfwiLBgj9fFwitHPu5vzVeujO_emWOKoYARPZ3gQXKo4MN-FNH-DPRXeExOB7fi8OJ-7Mi97jV1qp1f-KbDHADwASKie_3ggSSBQQIBBgBkgUECAUYBKAGLoAHzJXHBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMD1DdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAZgMx8zN4YgEuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi02Mzc5Njk5NTcxMDE1MjIyGAA&sigh=VvmxIdvlcSU&uach_m=[UACH]&cid=CAQSGwDq26N9EzPpR53xQPZVRYJG_d33r_fDwDW7kBgBIBM&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=2565714337&adf=1559032184&pi=t.ma~as.6419107180&w=1200&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=1200x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640381&bpp=2&bdt=905&idt=1031&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tWAfHdVDLt&p=https%3A//romspure.cc&dtd=1036
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Dec 2022 01:47:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Dec 2022 01:47:22 GMT

GET
H2 400 data=WZ6NwH9Tn9AWNZ4_aB3DQIm1UtEcXqMrTyy63bmkHGNFstULBB1nHgj1W5lRmfMPpXA7a2ZjFPKcQl9EGASO3wQw2jJuB8Q7oLmvLVqleyUkYXJxbHvEbNSw
mts0.google.com/vt/ Frame ABC0 0
0 776ms
386ms Image
text/html 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=WZ6NwH9Tn9AWNZ4_aB3DQIm1UtEcXqMrTyy63bmkHGNFstULBB1nHgj1W5lRmfMPpXA7a2ZjFPKcQl9EGASO3wQw2jJuB8Q7oLmvLVqleyUkYXJxbHvEbNSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=2565714337&adf=1559032184&pi=t.ma~as.6419107180&w=1200&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=1200x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640381&bpp=2&bdt=905&idt=1031&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=72&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tWAfHdVDLt&p=https%3A//romspure.cc&dtd=1036
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f138.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame ABC0 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ABC0 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame ABC0 23 KB
9 KB 554ms
217ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 13:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 13:28:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame ABC0 3 KB
1 KB 759ms
424ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 19:34:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame ABC0 18 KB
7 KB 729ms
394ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 14:56:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 14:56:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABC0 153 KB
47 KB 580ms
193ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 01:47:23 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame ABC0 34 KB
14 KB 578ms
191ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 18:50:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4D87 8 KB
968 B 398ms
196ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 01:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 00:15:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 01:47:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 4D87 2 KB
846 B 628ms
423ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 19:15:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D87 0
0 204ms
203ms Fetch
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS51sqfCPY4iVM5errQG61Z7gDbf60uVthdD94c0QZBABINaUuChgpYCAgJABoAGc6rj7A8gBCakCmn8oAh9zpj6oAwHIA8sEqgSJAk_QZUJRm4X9rjY9WFN24NBG1qTgXSUzcMqPE7dlUzAxyU1pIrztUeYnMf7xD-VM44Jwgw0HkgS_oIjhkAL15WkZVYfUT4-B2tyq-usFTMVw416G3i8eTFo4lV_hbBjTIjTWarsHmnp3M8oYtnJ7PhQNxq4T31QvJFsaNhrwapTfoHuCs6L0e4bPKEyIpqdS2p676zLJcfPs5h5N_1TsTQgnxDW-r7A2tGBrDVRJ5hN5FEXIErhiOi8-hlZoUPOZ8n8bMCgY3foIOYf3SZhVUUV4k_RF4PpKMQof015Joq6KwjLrVDiTWeDinZfT5nnI3O-Q3_qLeUEOxtl0SKuwOkgmDYZ-GzcYPKDABIqJ7_eCBJIFBAgEGAGSBQQIBRgEoAYugAfMlccEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6LEP0ggPCIBhEAEYHzICigI6AoBAgAoByAsBmAzHzM3hiAS4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTYzNzk2OTk1NzEwMTUyMjIYAA&sigh=Hgt3Js1Qgi0&uach_m=[UACH]&cid=CAQSGwDq26N97BlIKhLilLKjpeenUiscEQqYTt-RyBgBIBM&template_id=515

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Dec 2022 01:47:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Dec 2022 01:47:22 GMT

GET
H2 200 data=GUyfJKaE8rr7ldRE5VXYIuYbERWl8D6a1G8pKSfU7Ai9SAqTODeEYRGzWU4fOveNIMuQW8SrHG8omnKvePCX02TTFHfc0bdVY51KQwCaMpGTxR4M9yQRhlax
mts0.google.com/vt/ Frame 4D87 77 KB
77 KB 726ms
519ms Image
image/png 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=GUyfJKaE8rr7ldRE5VXYIuYbERWl8D6a1G8pKSfU7Ai9SAqTODeEYRGzWU4fOveNIMuQW8SrHG8omnKvePCX02TTFHfc0bdVY51KQwCaMpGTxR4M9yQRhlax

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d0e8e164be0db203777acced5f0777e2a0a7a36356b793b3fe052ac6ad143bc9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:23 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78441
x-xss-protection: 0
x-server-version-bin: CggIBBD+27acBg==
server: scaffolding on HTTPServer2
etag: 0b888ae08efd598ef
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Wed, 07 Dec 2022 02:47:23 GMT

GET
DATA 200
OK truncated
/ Frame 4D87 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4D87 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 4D87 23 KB
10 KB 370ms
194ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 13:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 13:28:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 4D87 3 KB
1 KB 609ms
433ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 19:34:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 4D87 18 KB
7 KB 427ms
253ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 14:56:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 14:56:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D87 153 KB
47 KB 702ms
475ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 01:47:23 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 4D87 34 KB
14 KB 455ms
229ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379699571015222&output=html&h=280&slotname=6419107180&adk=4285387226&adf=3992001438&pi=t.ma~as.6419107180&w=825&fwrn=4&fwrnh=100&lmt=1670366301&rafmt=1&format=825x280&url=https%3A%2F%2Fromspure.cc%2Froms%2Fnintendo-switch%2Fpokemon-scarlet-and-violet%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670377640383&bpp=1&bdt=906&idt=1042&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4604561591881&frm=20&pv=1&ga_vid=399685646.1670377641&ga_sid=1670377641&ga_hid=1133129267&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=4324076034214793&tmod=410170656&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hhqZnXuFZy&p=https%3A//romspure.cc&dtd=1045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 18:50:55 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 150 KB
51 KB 921ms
920ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

744dc78c11ce9812a66200e9f6419178e3308200c57e248262b538e88566a98f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52349
x-xss-protection: 0
server: cafe
etag: 5280788249565217220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 01:47:23 GMT

GET
H2 200 ca-pub-6379699571015222 Show response
fundingchoicesmessages.google.com/i/ 112 KB
39 KB 607ms
222ms Script
application/javascript 74.125.24.139

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6379699571015222?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.139 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

1059671630086d28b43b6f59809f3e1e5cfccc1dc5197d32c08e942f35daba74

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EhjIRKKVqlJ75-Kx6RDSPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EhjIRKKVqlJ75-Kx6RDSPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 80 KB
27 KB 201ms
200ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6379699571015222

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

7dc6710e63120f7361053613c0891335a81648ff13d8fc318de161814b996fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://romspure.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28111
x-xss-protection: 0
server: cafe
etag: 8484436544985244145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 01:47:23 GMT

GET
DATA 200
OK truncated
/ Frame 4D87 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 558764d9755fcf21ca3269ec874f288bc8caade1530cf4aad2e637c3a228119e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame ABC0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2ab2ce91b26c24358e4ad20983618819f1956fb21585d6200cd49c56e94f5a6

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame ABC0 0
0

GET
H3 200 T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js Show response
pagead2.googlesyndication.com/bg/ Frame 0367 36 KB
16 KB 193ms
192ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

sffe /

Resource Hash

4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 20:33:52 GMT

GET 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4D87 0
0

GET AGSKWxUoGHGtNCLJEqhoJT6o91GRGdKmqB5NTI_wmI1JIGgLYGs-xQCXjC2fgD-3gdveIT13iq3ZA1BmdI28ffcU1iI=
fundingchoicesmessages.google.com/f/ 0
0

GET integrator.js
adservice.google.com.au/adsid/ 0
0

GET integrator.js
adservice.google.com/adsid/ 0
0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame 3A41 10 KB
4 KB 191ms
191ms Document
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://romspure.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 50685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:42:39 GMT
etag: 10353107486223812946
expires: Tue, 20 Dec 2022 11:42:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame 6C0D 10 KB
4 KB 191ms
191ms Document
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://romspure.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 50685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:42:39 GMT
etag: 10353107486223812946
expires: Tue, 20 Dec 2022 11:42:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET css2
fonts.googleapis.com/ Frame 3A41 0
0

GET feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A41 0
0

GET settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A41 0
0

GET interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame 3A41 0
0

GET css
fonts.googleapis.com/ Frame 6C0D 0
0

GET load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6C0D 0
0

GET adview
googleads.g.doubleclick.net/pagead/ Frame 6C0D 0
0

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 6C0D 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6C0D 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 6C0D 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C0D 0
0

GET 83de75e735dabeddf4e705de6f0a2f41.js
www.gstatic.com/mysidia/ Frame 6C0D 0
0

GET 1947144469864387208
tpc.googlesyndication.com/simgad/ Frame 6C0D 0
0

GET
DATA 200
OK truncated
/ Frame 6C0D 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6C0D 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/f/AGSKWxUoGHGtNCLJEqhoJT6o91GRGdKmqB5NTI_wmI1JIGgLYGs-xQCXjC2fgD-3gdveIT13iq3ZA1BmdI28ffcU1iI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcwMzc3NjQzLDg0ODAwMDAwMF0sIjczM0IxNjgzLTFBODItNEY4RC04QUQ5LUExRDU3MUE3NzExMCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcm9tc3B1cmUuY2Mvcm9tcy9uaW50ZW5kby1zd2l0Y2gvcG9rZW1vbi1zY2FybGV0LWFuZC12aW9sZXQvIixudWxsLFtbOCwiZGRaQlpYbEpYclUiXSxbOSwiZW4tR0IiXV1d

Domain: adservice.google.com.au
URL: https://adservice.google.com.au/adsid/integrator.js?domain=romspure.cc

Domain: adservice.google.com
URL: https://adservice.google.com/adsid/integrator.js?domain=romspure.cc

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Domain: www.gstatic.com
URL: https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Domain: www.gstatic.com
URL: https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adview?ai=CiLCSqfCPY8ToMZqO9QO2zLTYCrf60uVt1cb94c0QZBABINaUuChgpYCAgJABoAGc6rj7A8gBCakCwvTcyu1ypj6oAwHIA8sEqgSQAk_QOG1FiyK_oNx_jiNJQVvOXHCKfyteWIdnbcvn5JBrJ7m4V23i2xeqLhCLNtB1lR4gyl-pVA5qSK0GG_2tmILJfGpBy4foXi7--HgogT9b6uUaWlvRQLGnXjj6vmnT9sH7olW8VRGLVddfFhoWrLQ9YkvmmQx_T3O_8mJHz1SH80Csr7AT-In5QlZ8E32_XAU-oFGAJlMm7BW58ZQyqT1nrb3_1AxjDLRZUM7QliqYmpyyQtlIZpeaLS8fK5mNtz0sO-PHm2hPF0nVKYsir7SQ8lLRo3kFbs2mHIRUeXoEw2K9ikjL66ycpMRx6_ZtFhVjeQ9nphtXRJ-EzWu-9wvli7KbGxJQ_woL-e-wgS98wASKie_3ggSSBQQIBBgBkgUECAUYBKAGLoAHzJXHBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENLjDNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAZgMx8zN4YgEuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi02Mzc5Njk5NTcxMDE1MjIyGAA&sigh=V-EhzEH6Mjg&uach_m=[UACH]&cid=CAQSGwDq26N9dT5Yq5177HFys4fzFVClmA0GrLQvThgBIBM&template_id=515

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/1947144469864387208?w=100&h=100

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.romspure.cc/	1970-01-20 07:59:39	Name: __cf_bm Value: RP2bLTQ1CzmPejpXn7l7RTKXqbTyaQsplt5rkym0kXk-1670377640-0-ATrnwZAhPO6MncvLvpyUL9S40Okij5ccNvOquXPzKBITZWCQcga1Gv/FgiIV8U4j+YBM1O0JX0QZ352Oml1bGnmVAgrJnSzGcBFVAv+plgiVqjELf2SmBPqXyTqpVGFNnKK9HyZ/vGgjICEgugO6X60=
.romspure.cc/	1970-01-20 17:21:13	Name: __gads Value: ID=7bc4fa64a7598900-22a387e8c2d80025:T=1670377641:RT=1670377641:S=ALNI_MYvNgMv-t85nW9RdeasR_fGHUTVmQ
.romspure.cc/	1970-01-20 17:21:13	Name: __gpi Value: UID=00000b8b7aac0638:T=1670377641:RT=1670377641:S=ALNI_MZKFE1Dj7cX7hDf_hmfwxjdgwZQWw
.doubleclick.net/	1970-01-20 17:35:37	Name: IDE Value: AHWqTUkTEBGFRntx7Vwxn95kBZE8Am_cHzgNhRxQTStrxLGRjUzMU_t0K2TkmNfboV0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=WZ6NwH9Tn9AWNZ4_aB3DQIm1UtEcXqMrTyy63bmkHGNFstULBB1nHgj1W5lRmfMPpXA7a2ZjFPKcQl9EGASO3wQw2jJuB8Q7oLmvLVqleyUkYXJxbHvEbNSw Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.au
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
romspure.cc
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
adservice.google.com
adservice.google.com.au
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
142.250.4.154
142.250.4.156
142.251.10.157
142.251.10.94
142.251.12.138
172.217.194.155
172.67.68.35
74.125.200.132
74.125.24.139
74.125.24.157
74.125.24.95
016c550c4b1da8947a19e9c99533a93ff7f3c70408c349307f45feb2e2dd54ea
02dd885bd795984b4709c07f22ac77db71b33e1332be6d01a2cbbe5f102a30d6
1059671630086d28b43b6f59809f3e1e5cfccc1dc5197d32c08e942f35daba74
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
30a2506dc6eecbe81effe2cca3bd4eee521b3afd409eaa571a6a17289c24ac1c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
558764d9755fcf21ca3269ec874f288bc8caade1530cf4aad2e637c3a228119e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
744dc78c11ce9812a66200e9f6419178e3308200c57e248262b538e88566a98f
76a2795077a32827303cf06c7355161eb7683b23deae8ad79d2400ed68d7b0ed
7dc6710e63120f7361053613c0891335a81648ff13d8fc318de161814b996fed
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8d7737950114ba3476ad0f51b84dbbf7cf544be0e1cb0b2a471e966ec6def87c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
adf730b28e1429067c06ebe7f35f386a97b74815a8e7014ca5a249034c8f9b84
b3e870266e365832bcb61c68f97bdfc5c39a9c82946c92fb22f5c7518458f0d8
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c0ec2fa02fd34020890039bc531b40618004c02d367357064244d4eac985949b
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
ce03a6b10735d1f5e455b7946d986efc5e995f30d490c4122d7f79d12f5e704f
d0e8e164be0db203777acced5f0777e2a0a7a36356b793b3fe052ac6ad143bc9
e2ab2ce91b26c24358e4ad20983618819f1956fb21585d6200cd49c56e94f5a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf86061f13509e5d8666197e46be2b351c7e011a1895ec17b6ff6e82005fa76
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f78638ef41abe08a00d805175aeab026c1594ca694d66c78d3aa17834179c3cf
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

romspure.cc Open in urlscan Pro 172.67.68.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

70 %HTTPS

0 %IPv6

9 Domains

13 Subdomains

12 IPs

1 Countries

770 kBTransfer

2338 kBSize

4 Cookies

8 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

romspure.cc Open in urlscan Pro
172.67.68.35 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

70 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

12
IPs

1
Countries

770 kB
Transfer

2338 kB
Size

4
Cookies

60 HTTP transactions
8 data transactions