24.rokedon.com/l/PA/12/?resubscription=76&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.77.191301 Moved Permanently 0 B URL HTTP/1.1 24.rokedon.com/l/PA/12/?resubscription=76&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.77.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/?resubscription=76&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 24.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 13:21:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 01 Dec 2022 14:21:10 GMT
Location: https://24.rokedon.com/l/PA/12/?resubscription=76&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c1fd97bfb0a21-ARN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2829
Expires: Thu, 01 Dec 2022 14:08:19 GMT
Date: Thu, 01 Dec 2022 13:21:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6556
Cache-Control: max-age=169158
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 13:21:10 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:20:28 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4723
Expires: Thu, 01 Dec 2022 14:39:53 GMT
Date: Thu, 01 Dec 2022 13:21:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 13:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 182
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eTvajpA3ZWEA8tgfrj3nks2Wc8gy10MmLlnMQRHQAg96AcP77inRGyQJJ3phMUIiTd03QbDHdd0=
x-amz-request-id: Y36S7XDSBJA91GJ4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 12:45:40 GMT
age: 2130
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 160d16cab4f56d84c998b4ccbfbe8e37
a461fcfdf87cb93c49e5a9589259ba2801360358
c04fed7a71c250e0c13b267c33ea8f2679e42981a8cdbfd2ac415cb705acfd14
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C04FED7A71C250E0C13B267C33EA8F2679E42981A8CDBFD2AC415CB705ACFD14"
Last-Modified: Thu, 01 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21281
Expires: Thu, 01 Dec 2022 19:15:51 GMT
Date: Thu, 01 Dec 2022 13:21:10 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7052d0be50b317ffa10af2cbb0bde662
0e15905e727c5e948a31d4e8a5f26a0572793be9
6a732ac60863fe5fcc261950bd10eeadf99f50f89449586cd54f99df8eeecc6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A732AC60863FE5FCC261950BD10EEADF99F50F89449586CD54F99DF8EEECC6C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2681
Expires: Thu, 01 Dec 2022 14:05:52 GMT
Date: Thu, 01 Dec 2022 13:21:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 13:08:56 GMT
cache-control: public,max-age=3600
age: 735
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6546
Cache-Control: max-age=164084
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 13:21:11 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:55:55 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12254
Expires: Thu, 01 Dec 2022 16:45:26 GMT
Date: Thu, 01 Dec 2022 13:21:12 GMT
Connection: keep-alive
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://24.rokedon.com/
Origin: https://24.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://24.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
29.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 320 B URL HTTP/2 29.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash eb7b6ab7a4941c2c6572b0f21a65e908
6cd80a6e70d9346990695f636963361666c21a04
85386bc13d0b35eda6b8a906397fefb0fe5b191a43315f0edae485c15c34a62c
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 29.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fe2184e98ee-ARN
age: 16433
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://26.rokedon.com/
Origin: https://26.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://26.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: v02oEerU9rbQhneT1CL2AA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Bdy2WWk25ByZeXgFFcr/FUxfV8w=
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://24.rokedon.com/
Origin: https://24.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://24.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://25.rokedon.com/
Origin: https://25.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://25.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://26.rokedon.com/
Origin: https://26.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://26.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
30.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 348 B URL HTTP/2 30.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 210bc44ed77bf120c52e93c1fb3449b8
a0d4ca8dee8378043b70addb5286514549ea5396
c1a147bfaf96472dd8e5573615aa9ba31baf08e19524b2f917f239dffc076ad7
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 30.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fe3699c98ee-ARN
age: 16432
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash fdddff4c3c44835d9114f6dbe45558a3
37a04073f1c8e5730e023a42ef8561c163682d41
baf0c18102b902aa7a3df33c5bcbbf8eadb3e9b5f41434f4bfdc3228da48e0a9
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://25.rokedon.com/
Content-Type: application/json
Origin: https://25.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 584f79d82ab564e1e82376d5ec01a0f1
access-control-allow-origin: https://25.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 9d1e7abb2e8ffb96bb1b73f238af6548
3652c64baccad1cd396e5bbcf2745736acb8cf31
78b49cfb1b87ccd10c2f2a1ac3fc7991b7de333fd3d9f36f5dfa4f190cac352c
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://26.rokedon.com/
Content-Type: application/json
Origin: https://26.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 6273afede4daf244a8b158040d17c375
access-control-allow-origin: https://26.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://27.rokedon.com/
Origin: https://27.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://27.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://28.rokedon.com/
Origin: https://28.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://28.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://27.rokedon.com/
Origin: https://27.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://27.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://28.rokedon.com/
Origin: https://28.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://28.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 3d04a2000c8081bc42dfc9a35545aaa3
684f24c9fae9bf5498578b7b9b4e50f8fda5fc77
6f09d3cd65e30c1e36718bd97889797f88d49afacdd55f0e122345670fd4ef32
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://27.rokedon.com/
Content-Type: application/json
Origin: https://27.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 8eecb8b0c441f4b8e6b293ca93cd8e4a
access-control-allow-origin: https://27.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 2b5834897d21d9444b2581e6d638e309
12637d183cb37f83e90fd44bec3cebcf4b645a90
7c22607bf306175e6331d4ae37a5bc512c9f4a1ef392f876ab888351099d39b1
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://28.rokedon.com/
Content-Type: application/json
Origin: https://28.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 0d7b467738a680fe9cc4081639f36284
access-control-allow-origin: https://28.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://33.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://30.rokedon.com/
Origin: https://30.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://30.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31.rokedon.com/
Origin: https://31.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://31.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:13 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://30.rokedon.com/
Origin: https://30.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://30.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 61ba5cccef9c29b0bad70d9e5de2c2e1
9b26561c7e2627e6b9bb90d2f8eddfa342553ca6
48bc39faf7242d26830760b14e24e2329f03e201064b128f5c5b9de41ec0245c
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://30.rokedon.com/
Content-Type: application/json
Origin: https://30.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 10e75953fb0120c639b6e8fd5fefe856
access-control-allow-origin: https://30.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://29.rokedon.com/
Origin: https://29.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://29.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:13 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://32.rokedon.com/
Origin: https://32.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://32.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:13 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
34.rokedon.com/l/PA/12/?resubscription=66&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 12 kB URL HTTP/2 34.rokedon.com/l/PA/12/?resubscription=66&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash dd184ac507067cd3af17ea86fec7c02b
ed82248d8911e56c34c4e5cf4f4795a34e5c6df3
b2c1915a09a0b86e4a48bd0c49e144942dd32f4a5473e8ee580ef4a17e8b98fb
GET /l/PA/12/?resubscription=66&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 34.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://33.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fe82e0698ee-ARN
age: 8036
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
33.rokedon.com/l/PA/12/?resubscription=67&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 12 kB URL HTTP/2 33.rokedon.com/l/PA/12/?resubscription=67&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash dd184ac507067cd3af17ea86fec7c02b
ed82248d8911e56c34c4e5cf4f4795a34e5c6df3
b2c1915a09a0b86e4a48bd0c49e144942dd32f4a5473e8ee580ef4a17e8b98fb
GET /l/PA/12/?resubscription=67&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 33.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://32.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fe6dce298ee-ARN
age: 7358
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://33.rokedon.com/
Origin: https://33.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://33.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
34.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 255 B URL HTTP/2 34.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 766cb7f3ba58dafee34a3028bf58374e
e81bd3c2341a2b69f88e26a535e39770538c9823
5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 34.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fe8eebd98ee-ARN
age: 8036
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
31.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 38 kB URL HTTP/2 31.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 37ec165fb9631afbb914538f6f65b427
8eed73b7d8a6f9da6d4de400a8dae2a302096eb2
8fa413d0abf5b1a7c26312e5a4e667a9de08d19906c64f1c3c648585a61698b6
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 31.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fe47abe98ee-ARN
age: 16431
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash a28e9d36daf416cb9ed565b8b3819f55
41b3af00c5090f5e07866cf158767485554f231c
3c427bccf119f3fedead485e8b70c4d5473452d58c9a15eadc6e1b8ce54049f4
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31.rokedon.com/
Content-Type: application/json
Origin: https://31.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: c0a1e02692b25e8b82f7e29ae4fde0f0
access-control-allow-origin: https://31.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash c67fa1cd307f39dd079d525939d7e0fe
a231feb1896d501b65ef77ed6a06f42b1065c41b
11f8b3df094f050d5d706dc2afc420e39e00d9a4ae0aaa270d6b69c6e0bf512d
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://29.rokedon.com/
Content-Type: application/json
Origin: https://29.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: e80e0f13d4c15bb3d3256ef4ec12cb7f
access-control-allow-origin: https://29.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash c3c5edacce37088094dec406ccbe211c
1f273646a75901d2f22331fcbf077575a3038b83
84a2b0f2ddf5d269d148c5cbabe9c913198d24db2cf85aa499339387971ee82f
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://33.rokedon.com/
Content-Type: application/json
Origin: https://33.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 5c588f81155538c8f68ae0fa6cdb68e1
access-control-allow-origin: https://33.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash e01c08b35cadf5af51c46df06bda98fe
51c8fa70189ec27a4138f26326218c9a6edb5104
0aa5a1b7f8e3f1cdf72c7d3ca381b537a9fbb01b268ed4cba4ad64ab67f581ea
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://32.rokedon.com/
Content-Type: application/json
Origin: https://32.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: f8b64a58c3f0ffaf39d98a6c12189bf3
access-control-allow-origin: https://32.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://34.rokedon.com/
Origin: https://34.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://34.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
35.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 255 B URL HTTP/2 35.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 766cb7f3ba58dafee34a3028bf58374e
e81bd3c2341a2b69f88e26a535e39770538c9823
5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 35.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fea983d98ee-ARN
age: 7358
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 0ec9ec798353d9929fd3a3d92f5a06cf
c3c1d0b1c3c97c115b4a362527ff6233b7581be6
50499b1742bf13a36024d722048261c8da9e38cfe8214fe1fe90e5758965b27a
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://34.rokedon.com/
Content-Type: application/json
Origin: https://34.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 127664fe65fb54cbb524b66b64a93601
access-control-allow-origin: https://34.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://35.rokedon.com/
Origin: https://35.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://35.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://36.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 1ae83e58b45560e0b65d3757e8761c05
a6bf7dbdfd3021e20c1d2a960b5a28217756b9e3
0690dad882b19e57d4a6ed32a50b101836009b3369cc4761c5dd026bd1cb1372
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://35.rokedon.com/
Content-Type: application/json
Origin: https://35.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 9b1c3780e9f9a20967f9200f450a8a8c
access-control-allow-origin: https://35.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12776
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 13:21:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12776
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 13:21:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12776
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 13:21:13 GMT
Connection: keep-alive
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash a81c46c0a5c3f1c2e3ebc79b14231191
d4fb13c8badb168334d8c204917245d6b3272a16
b3330126244435f5e9f388be2ba2899f91c819c98c1a6e8d31f3268bad122e23
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12776
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 13:21:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 56186
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 56140
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:21:34 GMT
age: 86379
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:29:35 GMT
age: 85898
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 55913
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 10:48:24 GMT
age: 9169
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
33.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191304 Not Modified 0 B URL HTTP/2 33.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 33.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fed6ad098ee-ARN
age: 7358
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://36.rokedon.com/
Origin: https://36.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://36.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://37.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7052d0be50b317ffa10af2cbb0bde662
0e15905e727c5e948a31d4e8a5f26a0572793be9
6a732ac60863fe5fcc261950bd10eeadf99f50f89449586cd54f99df8eeecc6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A732AC60863FE5FCC261950BD10EEADF99F50F89449586CD54F99DF8EEECC6C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2679
Expires: Thu, 01 Dec 2022 14:05:52 GMT
Date: Thu, 01 Dec 2022 13:21:13 GMT
Connection: keep-alive
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash abca83b6e3688f370dc80f70e77b3590
920d4bc9ddc1c8111da2770975a8bdfdc82ed99c
19d83953a498f756bac35b39da62cf5da5c41cbece7e2e011101d2722dfd3ca9
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://36.rokedon.com/
Content-Type: application/json
Origin: https://36.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: bd547778efe06b473082a09e3c90ed77
access-control-allow-origin: https://36.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
34.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191304 Not Modified 0 B URL HTTP/2 34.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 34.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fee9bdb98ee-ARN
age: 8037
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 498aa5b82891218a17839c0597ca0db9
187f8aa17b6dc83de7d16308df6cbdf0f15aae45
54639431183007ce1d4a331e38108985840349ea694d3d2bd4af898bbe3b5a17
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
38.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 255 B URL HTTP/2 38.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 766cb7f3ba58dafee34a3028bf58374e
e81bd3c2341a2b69f88e26a535e39770538c9823
5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 38.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fee7bc998ee-ARN
age: 8035
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://38.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:14 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 583052a3abb85b0af8fb3ca5d95f88fe
ea06a909ad146f4dcefd4c5115f126325f4d778a
89275d92c11e49dc85574bc6fcd3cec4cbd220d540a5e309d0782c959aed2b27
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://37.rokedon.com/
Content-Type: application/json
Origin: https://37.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: c61838c56733d2ff0b3ede0bc1a4a705
access-control-allow-origin: https://37.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
39.rokedon.com/l/PA/12/?resubscription=61&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 12 kB URL HTTP/2 39.rokedon.com/l/PA/12/?resubscription=61&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 836473c269312ec4377eb5348b0691d1
df72cc96040e76b6822f3091bd6c7d07c96c2414
d9e036699ee12b5cc22c3e4cbc110224fca2e3d9ba905ba7ceba3dcae9b3f2c8
GET /l/PA/12/?resubscription=61&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 39.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://38.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fef3caa98ee-ARN
age: 8035
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
35.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191304 Not Modified 0 B URL HTTP/2 35.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 35.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1ff01dc398ee-ARN
age: 7359
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:14 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:14 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
36.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191304 Not Modified 0 B URL HTTP/2 36.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 36.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1ff14eb698ee-ARN
age: 8036
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:14 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
2.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 255 B URL HTTP/2 2.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 766cb7f3ba58dafee34a3028bf58374e
e81bd3c2341a2b69f88e26a535e39770538c9823
5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 2.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1ff24fd198ee-ARN
age: 19265
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
1.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 255 B URL HTTP/2 1.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 766cb7f3ba58dafee34a3028bf58374e
e81bd3c2341a2b69f88e26a535e39770538c9823
5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 1.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1ff0be4a98ee-ARN
age: 19265
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:14 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
3.rokedon.com/l/PA/12/rnd.jpg
104.22.76.191200 OK 61 kB URL HTTP/2 3.rokedon.com/l/PA/12/rnd.jpg
IP 104.22.76.191:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 297x668, components 3\012- data
Hash 267ebadd2b686bdc1f52a5f502e8c093
ca9892a0b64fb44d9d779c9d34244b7641e89473
891dab1fc5b524854de645a1084f37dc8156cb59516808bd18559b4865dada65
GET /l/PA/12/rnd.jpg HTTP/1.1
Host: 3.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://3.rokedon.com/l/PA/12/?resubscription=58&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: image/jpeg
content-length: 60612
cf-ray: 772c1ff3a90a98ee-ARN
accept-ranges: bytes
age: 19265
etag: "l/PA/12/rnd.913476f985.jpg"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
3.rokedon.com/l/PA/12/skip-button.webp
104.22.76.191200 OK 5.0 kB URL HTTP/2 3.rokedon.com/l/PA/12/skip-button.webp
IP 104.22.76.191:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da2dc41d023f4fcc89675351f9117c3d
bff287be312236d01df91ec7db9a58c4bde224f4
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/skip-button.webp HTTP/1.1
Host: 3.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://3.rokedon.com/l/PA/12/?resubscription=58&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: image/webp
content-length: 5006
cf-ray: 772c1ff388f098ee-ARN
accept-ranges: bytes
age: 19265
etag: "l/PA/12/skip-button.31c9ae67f7.webp"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:14 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
38.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191304 Not Modified 0 B URL HTTP/2 38.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 38.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1ff4399698ee-ARN
age: 8035
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:14 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=16699008123640enshtpis&var=163_US
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=16699008123640enshtpis&var=163_US
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=16699008123640enshtpis&var=163_US HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39.rokedon.com/
Origin: https://39.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://39.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://38.rokedon.com/
Origin: https://38.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://38.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=16699008123640enshtpis&var=163_US
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=16699008123640enshtpis&var=163_US
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3bb2905a925cd43a7bfd4947c7ad3ca4
d50d9c19f30c2287f243d75acd7905084cfd1a93
522c9b8498579c1e778512194554504ba294e2d9dc9fa4848a7de49a3baf8585
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=16699008123640enshtpis&var=163_US HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.rokedon.com/
Origin: https://3.rokedon.com
Connection: keep-alive
Cookie: ID=a192cdac69d04477965010a487a88720
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://3.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a192cdac69d04477965010a487a88720; expires=Fri, 01 Dec 2023 13:21:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash f4a721cdf068489709442ebb9e43a829
962b4017647fd2a0b20faadffa00bee18e753a60
19a1b976e66dab0cee4991cbb323a37a53949f0d6a5a8eecf642cec0dc9d044f
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://38.rokedon.com/
Content-Type: application/json
Origin: https://38.rokedon.com
Content-Length: 386
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 5c5de75020f3216354592723599ac148
access-control-allow-origin: https://38.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5bd7cc049c5c691a84e8a11ce3ab8ae0
861ae3a2e77806761d1ab78c09f1297124cb6b1f
f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7819
Expires: Thu, 01 Dec 2022 15:31:34 GMT
Date: Thu, 01 Dec 2022 13:21:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5bd7cc049c5c691a84e8a11ce3ab8ae0
861ae3a2e77806761d1ab78c09f1297124cb6b1f
f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7819
Expires: Thu, 01 Dec 2022 15:31:34 GMT
Date: Thu, 01 Dec 2022 13:21:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5bd7cc049c5c691a84e8a11ce3ab8ae0
861ae3a2e77806761d1ab78c09f1297124cb6b1f
f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7819
Expires: Thu, 01 Dec 2022 15:31:34 GMT
Date: Thu, 01 Dec 2022 13:21:15 GMT
Connection: keep-alive
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
39.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191304 Not Modified 0 B URL HTTP/2 39.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 39.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1ff58aa398ee-ARN
age: 8036
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://2.rokedon.com/
Origin: https://2.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://2.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash 8114fa005846700e5e1edbf8f7e3544a
a65da6e28d53af5ae05b811af9b0f6dee8052262
e860070a0eb513331a452f4e1e9a57046ce313d8b5674ca54cd096bf09213b95
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=1.rokedon.com&var=163_US&ymid=16699008123640enshtpis&var_3=&dsig=&nt=true&action=prerequest
139.45.197.251200 OK 0 B URL HTTP/2 choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=1.rokedon.com&var=163_US&ymid=16699008123640enshtpis&var_3=&dsig=&nt=true&action=prerequest
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=1.rokedon.com&var=163_US&ymid=16699008123640enshtpis&var_3=&dsig=&nt=true&action=prerequest HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.rokedon.com/
Origin: https://1.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-length: 0
x-trace-id: 9ce0179d98975ecd6f7b6b2fe8d0b6c0
access-control-allow-origin: https://1.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=3.rokedon.com&var=163_US&ymid=16699008123640enshtpis&var_3=&dsig=&nt=true&action=prerequest
139.45.197.251200 OK 0 B URL HTTP/2 choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=3.rokedon.com&var=163_US&ymid=16699008123640enshtpis&var_3=&dsig=&nt=true&action=prerequest
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=3.rokedon.com&var=163_US&ymid=16699008123640enshtpis&var_3=&dsig=&nt=true&action=prerequest HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.rokedon.com/
Origin: https://3.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-length: 0
x-trace-id: 9039af4772180375a3bc4c74ce7461f4
access-control-allow-origin: https://3.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 2070972e785f02073d5fc78ce62ef23a
a39355bdbf1ba4b42b6219e87340d23e4e821a67
c8fe96133257bc3c5ea2c6837c480019fefc9f4b0467f7b1261e578f3e049d49
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2.rokedon.com/
Content-Type: application/json
Origin: https://2.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 91420d4ef882adfd5d3c187bd43599d8
access-control-allow-origin: https://2.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
4.rokedon.com/l/PA/12/?resubscription=57&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 13 kB URL HTTP/2 4.rokedon.com/l/PA/12/?resubscription=57&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 5a6a37b689306d988ff7295f53a8980a
2800f92514c59b6f925d8457ebc15519b880163f
70e0bf00b901e864819a6a86692e3a24e9ef4f8841a408219ce7b0d0fc462b95
GET /l/PA/12/?resubscription=57&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 4.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Referer: https://3.rokedon.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1ff449ab98ee-ARN
age: 11873
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
choupsee.com/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /event HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://3.rokedon.com/
Origin: https://3.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://3.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://39.rokedon.com/
Origin: https://39.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://39.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
1.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191304 Not Modified 0 B URL HTTP/2 1.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 1.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1ff69b7798ee-ARN
age: 19266
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
choupsee.com/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 51f6fc285d3efde94d9647139e239c71
e5fbcd8d28e27b3be08556685fd91d655dc14f99
bf75c199b54c2973a31218f82d6647a270382bd4b0e6e82341e48a73e536e459
Analyzer Verdict Alert fortinet Malware
POST /event HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.rokedon.com/
Content-Type: application/json
Origin: https://3.rokedon.com
Content-Length: 491
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 1fa8644ec280524828ee516156306d2a
access-control-allow-origin: https://3.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash f4b6e435cf7e38bf781d04eac61cee7b
8bcde18b28913475fa4a2689df169407396f3fa0
696ce79341449dc21e3eab4857bd26b1c5b7901dd098ce622726ea310555af9b
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39.rokedon.com/
Content-Type: application/json
Origin: https://39.rokedon.com
Content-Length: 386
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 50525e24c553f867b33bb2e155a66f19
access-control-allow-origin: https://39.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1.rokedon.com/
Origin: https://1.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://1.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 1bf860376a8aed3d33c6a00a277f2460
dc76375047ca34960b307887f3f51da868b35f24
c237063a872c3d2a4cc0648bf3155cf1234e534a0bb0e9df19e614932cd0c7d9
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.rokedon.com/
Content-Type: application/json
Origin: https://1.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 54a0d7976fba3c4d1be4f35307c3861e
access-control-allow-origin: https://1.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
2.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191304 Not Modified 0 B URL HTTP/2 2.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 2.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1ff7cc4798ee-ARN
age: 19266
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://3.rokedon.com/
Origin: https://3.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://3.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash cb1f38777e236e82bb5ff014271a47ec
687d90178465866c5777694ff4c55b1216f76092
5905deebeb32d300007c1784409fa51f7c06400bf81235ad5e0726690f8e8d89
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.rokedon.com/
Content-Type: application/json
Origin: https://3.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 6d6f230310737f5d1e5421800130da93
access-control-allow-origin: https://3.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
3.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191304 Not Modified 0 B URL HTTP/2 3.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 3.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:21:15 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1ff91dbf98ee-ARN
age: 19266
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:21:15 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://27.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
38.rokedon.com/l/PA/12/?resubscription=62&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 38.rokedon.com/l/PA/12/?resubscription=62&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=62&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 38.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://37.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1feddb2b98ee-ARN
age: 8034
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
2.rokedon.com/l/PA/12/?resubscription=59&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 2.rokedon.com/l/PA/12/?resubscription=59&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=59&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 2.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1ff18eea98ee-ARN
age: 11878
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
28.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 0 B URL HTTP/2 28.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 28.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fe12f9898ee-ARN
age: 16433
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
32.rokedon.com/l/PA/12/?resubscription=68&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 32.rokedon.com/l/PA/12/?resubscription=68&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=68&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 32.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://31.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fe48ace98ee-ARN
age: 8036
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
24.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 0 B URL HTTP/2 24.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 24.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fdcdbd698ee-ARN
age: 16436
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
25.rokedon.com/l/PA/12/?resubscription=75&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 25.rokedon.com/l/PA/12/?resubscription=75&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=75&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 25.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fdcfbe898ee-ARN
age: 11350
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
26.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 0 B URL HTTP/2 26.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 26.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fdecd6498ee-ARN
age: 16435
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
27.rokedon.com/l/PA/12/?resubscription=73&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 27.rokedon.com/l/PA/12/?resubscription=73&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=73&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 27.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fdedd6c98ee-ARN
age: 11350
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://25.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
27.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 0 B URL HTTP/2 27.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 27.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fdf9e2698ee-ARN
age: 16434
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
28.rokedon.com/l/PA/12/?resubscription=72&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 28.rokedon.com/l/PA/12/?resubscription=72&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=72&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 28.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://27.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fdfbe5698ee-ARN
age: 11350
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
31.rokedon.com/l/PA/12/?resubscription=69&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 31.rokedon.com/l/PA/12/?resubscription=69&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=69&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 31.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fe379d098ee-ARN
age: 11350
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://32.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
3.rokedon.com/l/PA/12/?resubscription=58&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 3.rokedon.com/l/PA/12/?resubscription=58&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=58&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 3.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1ff2d86098ee-ARN
age: 11875
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
26.rokedon.com/l/PA/12/?resubscription=74&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 26.rokedon.com/l/PA/12/?resubscription=74&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=74&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 26.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://25.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fde0ca498ee-ARN
age: 11350
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
30.rokedon.com/l/PA/12/?resubscription=70&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 30.rokedon.com/l/PA/12/?resubscription=70&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=70&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 30.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://29.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fe268a098ee-ARN
age: 11350
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
35.rokedon.com/l/PA/12/?resubscription=65&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 35.rokedon.com/l/PA/12/?resubscription=65&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=65&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 35.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://34.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fe9df8d98ee-ARN
age: 7358
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
33.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 0 B URL HTTP/2 33.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 33.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fe79d9598ee-ARN
age: 7357
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
37.rokedon.com/l/PA/12/?resubscription=63&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 37.rokedon.com/l/PA/12/?resubscription=63&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=63&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 37.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://36.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fec59a498ee-ARN
age: 8035
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
37.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 0 B URL HTTP/2 37.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 37.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fed3a9b98ee-ARN
age: 8034
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
1.rokedon.com/l/PA/12/?resubscription=60&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 1.rokedon.com/l/PA/12/?resubscription=60&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=60&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 1.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1ff05df098ee-ARN
age: 11878
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
3.rokedon.com/favicon.ico
104.22.76.191200 OK 0 B URL HTTP/2 3.rokedon.com/favicon.ico
IP 104.22.76.191:0
GET /favicon.ico HTTP/1.1
Host: 3.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://3.rokedon.com/l/PA/12/?resubscription=58&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:14 GMT
content-type: image/vnd.microsoft.icon
cf-ray: 772c1ff3a90f98ee-ARN
age: 18000
etag: W/"favicon.ff38969f14.ico"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
24.rokedon.com/l/PA/12/?resubscription=76&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 24.rokedon.com/l/PA/12/?resubscription=76&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=76&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 24.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:11 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1fdbaab598ee-ARN
age: 11350
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
32.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
104.22.76.191200 OK 0 B URL HTTP/2 32.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=164_CA&ymid=1669900812956evugm5mwd HTTP/1.1
Host: 32.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1fe59bac98ee-ARN
age: 8036
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
36.rokedon.com/l/PA/12/?resubscription=64&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 36.rokedon.com/l/PA/12/?resubscription=64&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=64&clickid=1669900812956evugm5mwd&source=164&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=CA&partner=PA&language=en-US&unixtime=1669900812&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 36.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://35.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:21:13 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1feb089698ee-ARN
age: 8035
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://28.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:21:12 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2