35.rokedon.com/l/PA/12/?resubscription=65&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.77.191301 Moved Permanently 0 B URL HTTP/1.1 35.rokedon.com/l/PA/12/?resubscription=65&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.77.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/?resubscription=65&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 35.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 18:19:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 01 Dec 2022 19:19:06 GMT
Location: https://35.rokedon.com/l/PA/12/?resubscription=65&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772dd442af3398f0-ARN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5809
Expires: Thu, 01 Dec 2022 19:55:55 GMT
Date: Thu, 01 Dec 2022 18:19:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2786
Expires: Thu, 01 Dec 2022 19:05:32 GMT
Date: Thu, 01 Dec 2022 18:19:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4624
Cache-Control: max-age=149350
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:19:06 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:48:16 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 858ccc37bb85c2810d29eec05e52d56a
04dd96e5f377cc33458fcd826d3a32b727db57cb
554df4b6886756d4db260b4def9388ef79f83ad23b9760c90465e8643c2dd3b4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "554DF4B6886756D4DB260B4DEF9388EF79F83AD23B9760C90465E8643C2DD3B4"
Last-Modified: Thu, 01 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3181
Expires: Thu, 01 Dec 2022 19:12:07 GMT
Date: Thu, 01 Dec 2022 18:19:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DACa23VMWdoG5wTS4gQ6niRTPRrwLUvl4azW2AOJB64xOpseSQZ1gPp2F4X6NFUa0unl+OCqh/o=
x-amz-request-id: 7YN1KTPBJQFMBP0D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 17:45:45 GMT
age: 2001
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 18:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 58
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c62523ca30605920594218fb706490c5
cac65b3ac81c635ddbd784393c84fa5f297db5c2
bc07280715717ebf0c72d05d018bd84837d26c4f89935e8598345f5f92f602b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC07280715717EBF0C72D05D018BD84837D26C4F89935E8598345F5F92F602B4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3265
Expires: Thu, 01 Dec 2022 19:13:31 GMT
Date: Thu, 01 Dec 2022 18:19:06 GMT
Connection: keep-alive
1.rokedon.com/l/PA/12/skip-button.webp
172.67.13.145200 OK 5.0 kB URL HTTP/2 1.rokedon.com/l/PA/12/skip-button.webp
IP 172.67.13.145:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da2dc41d023f4fcc89675351f9117c3d
bff287be312236d01df91ec7db9a58c4bde224f4
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/skip-button.webp HTTP/1.1
Host: 1.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.rokedon.com/l/PA/12/?resubscription=60&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: image/webp
content-length: 5006
cf-ray: 772dd449e90bb4fd-OSL
accept-ranges: bytes
age: 34957
etag: "l/PA/12/skip-button.31c9ae67f7.webp"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 18:08:56 GMT
cache-control: public,max-age=3600
age: 611
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3177
Expires: Thu, 01 Dec 2022 19:12:04 GMT
Date: Thu, 01 Dec 2022 18:19:07 GMT
Connection: keep-alive
2.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 39 kB URL HTTP/2 2.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
File type ASCII text, with very long lines (554)
Hash a5a82272ef791171fb77d271a88a84d5
99318026348b1cd9e38c0a6c480a9e6df874ef01
bca9b7f3de3f714ce182ad6f59e7936de28e2dca21ff0b3cd6dce64d07cb91e7
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 2.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd44b7b19b4fd-OSL
age: 34957
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3177
Expires: Thu, 01 Dec 2022 19:12:04 GMT
Date: Thu, 01 Dec 2022 18:19:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3177
Expires: Thu, 01 Dec 2022 19:12:04 GMT
Date: Thu, 01 Dec 2022 18:19:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4625
Cache-Control: max-age=144287
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 18:19:07 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:23:54 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3550cd1f826fe84067c7258b95c74b6a
0a137293e17b00350bc5baae5da5684f4845b24a
e86b3e08f6d87e354ed6980676043f65902c5d5b49bc4c79b25e49bf32f12c88
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://35.rokedon.com/
Origin: https://35.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://35.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f87deda828434eeb86286f77a54a69c5; expires=Fri, 01 Dec 2023 18:19:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7a4476b0c25c17c47848757ce1d3702a
fa5b6f0e199691bec50dbc40083e70dd12491e97
6c0047ec5723c94fc1fba16042acfe2cfa234a4513e0b7218007cf5257757a37
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://36.rokedon.com/
Origin: https://36.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://36.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=10fe4aa2d1b94e3687933036be3730fc; expires=Fri, 01 Dec 2023 18:19:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash a56033db61355e726a40c5f3451c97a2
5858a7ee1451fe8b8780ec2cb3d32f8b1dd24d93
dd04387f1d757803c1ed6f0747cbedbf1e9bd11b56f1766424774aa70faf6e2f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://37.rokedon.com/
Origin: https://37.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://37.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d33a8346e7af4f648c43241886e35d3e; expires=Fri, 01 Dec 2023 18:19:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://38.rokedon.com/
Origin: https://38.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://38.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://35.rokedon.com/
Origin: https://35.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://35.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://36.rokedon.com/
Origin: https://36.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://36.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://37.rokedon.com/
Origin: https://37.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://37.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39.rokedon.com/
Origin: https://39.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://39.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://38.rokedon.com/
Origin: https://38.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://38.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8aOfisicrb1gAziC4/HqNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B4twxb5ivONL+hHYfs3DkAF5ODY=
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 9c25257a896f793cb249b3596c56073e
e0483d0b745b297981e0283f90f311957c4ce4ec
4fbf042673040f7e9056b2fa45f7e9ef049956ab33421bc405b24ab19e3964d1
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://35.rokedon.com/
Content-Type: application/json
Origin: https://35.rokedon.com
Content-Length: 386
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 6be35f522c2de8dc1b080ba35796df5b
access-control-allow-origin: https://35.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 6fe8948cb222c053997289b2c1299a09
cc3f0e0a8d64a5c3782aea68239151195ed1d16f
e6e3796ef433041b727b47be5fcf0aa1b4455f1bcd0f2ca66d982b59725a6177
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://37.rokedon.com/
Content-Type: application/json
Origin: https://37.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: defc074226acdcf5c92c6c3aa3dd3125
access-control-allow-origin: https://37.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 0c5c46f25e9a5677f8bbe8774245d767
09f536593bc14325f2c806498651dc363abdac7e
88005d3abab0ee92327eac9bc6affcc03d0723bb0de461010877b6e29bfb2d01
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://36.rokedon.com/
Content-Type: application/json
Origin: https://36.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: bc33f9e9d86316c7ed5cf1205bf74138
access-control-allow-origin: https://36.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.rokedon.com/
Origin: https://1.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://1.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
6.rokedon.com/l/PA/12/skip-button.webp
172.67.13.145200 OK 5.0 kB URL HTTP/2 6.rokedon.com/l/PA/12/skip-button.webp
IP 172.67.13.145:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da2dc41d023f4fcc89675351f9117c3d
bff287be312236d01df91ec7db9a58c4bde224f4
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/skip-button.webp HTTP/1.1
Host: 6.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.rokedon.com/l/PA/12/?resubscription=55&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: image/webp
content-length: 5006
cf-ray: 772dd44e8ec7b4fd-OSL
accept-ranges: bytes
age: 34955
etag: "l/PA/12/skip-button.31c9ae67f7.webp"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash c2a0d7ec988e9daf6135c2212f5e4b3f
4b64e4f110bbb1b270cbc35ddc353767e08c4f17
c6e13732376534bcc693e02144b2f27f66688bf912d9c6429adff62f7109eb39
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://38.rokedon.com/
Content-Type: application/json
Origin: https://38.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 716c41960ac470c19fe650791e2d26b8
access-control-allow-origin: https://38.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2.rokedon.com/
Origin: https://2.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://2.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://39.rokedon.com/
Origin: https://39.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://39.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
7.rokedon.com/l/PA/12/skip-button.webp
172.67.13.145200 OK 5.0 kB URL HTTP/2 7.rokedon.com/l/PA/12/skip-button.webp
IP 172.67.13.145:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da2dc41d023f4fcc89675351f9117c3d
bff287be312236d01df91ec7db9a58c4bde224f4
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/skip-button.webp HTTP/1.1
Host: 7.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.rokedon.com/l/PA/12/?resubscription=54&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: image/webp
content-length: 5006
cf-ray: 772dd44f5fcbb4fd-OSL
accept-ranges: bytes
age: 34956
etag: "l/PA/12/skip-button.31c9ae67f7.webp"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 76 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash f264b37729b9f07a111872e2c76e9253
7b95546743b04a2b40aa8787fd7093badd678d8b
14077ed5be8f6c22aa375302b96d1073ae4136512b9cf62ef27f1935494e5b9a
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
7.rokedon.com/l/PA/12/?resubscription=54&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 12 kB URL HTTP/2 7.rokedon.com/l/PA/12/?resubscription=54&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash dd184ac507067cd3af17ea86fec7c02b
ed82248d8911e56c34c4e5cf4f4795a34e5c6df3
b2c1915a09a0b86e4a48bd0c49e144942dd32f4a5473e8ee580ef4a17e8b98fb
GET /l/PA/12/?resubscription=54&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 7.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd44eff31b4fd-OSL
age: 18356
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
8.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 255 B URL HTTP/2 8.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
File type ASCII text, with very long lines (554)
Hash 766cb7f3ba58dafee34a3028bf58374e
e81bd3c2341a2b69f88e26a535e39770538c9823
5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 8.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd4507914b4fd-OSL
age: 34955
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 7dcee746c9554cdd08514efe613a75ce
e6f381b858215f1c663b523d6521736025f7d793
1745e372b0c85ed069ee6bd821c6f8db87a87ee63ed6d5766a97f2f917140c4d
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.rokedon.com/
Content-Type: application/json
Origin: https://1.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 7f307474388cdd4d80ef0c189b17af5e
access-control-allow-origin: https://1.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
5.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 349 B URL HTTP/2 5.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
File type ASCII text, with very long lines (554)
Hash 2a49ec2e22515a000417b3e556b35dbf
ec2b6a9b36e84ef15da8506d41b7006c127a6b5e
6675a12f75a9e0c43ee3a7b5fe1077756870a174d44b839f3779b511d9884e48
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 5.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd44dee18b4fd-OSL
age: 34955
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.rokedon.com/
Origin: https://3.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://3.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4.rokedon.com/
Origin: https://4.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://4.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
36.rokedon.com/l/PA/12/?resubscription=64&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 12 kB URL HTTP/2 36.rokedon.com/l/PA/12/?resubscription=64&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash dd184ac507067cd3af17ea86fec7c02b
ed82248d8911e56c34c4e5cf4f4795a34e5c6df3
b2c1915a09a0b86e4a48bd0c49e144942dd32f4a5473e8ee580ef4a17e8b98fb
GET /l/PA/12/?resubscription=64&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 36.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://35.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd4457b8db4fd-OSL
age: 18355
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5.rokedon.com/
Origin: https://5.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://5.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 159fb4c763dd338f774052db02892701
859ef5980bd8191b60946fc441882a9411068758
0aae31a09cd38494915b511cd2756cc5d50491fbd22be9fc534d1377eb5c7260
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.rokedon.com/
Content-Type: application/json
Origin: https://3.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: fe4a4b427b73ff063a474a547742e44e
access-control-allow-origin: https://3.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://4.rokedon.com/
Origin: https://4.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://4.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5dd60b74c367c9ecee67a32bfd8e8227
7ffe803d5b56e4b97e70f2162b4b4c5aa706632c
aecae78a466e81871d00c7f609cf74a1822d5198262eef4a9fbe508cfe64dba1
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 4fdb88201e2b85d1cf89700a8b42d81d
62f4c53dc1f625c80edffca38515fc37415392a8
5d6c22f4c5bf6a1ac8dc212fd6719a14776bd349872bc16fc9f43c7e5a250fc0
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4.rokedon.com/
Content-Type: application/json
Origin: https://4.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 419d84116ee1d9787e2b5783c9b44a76
access-control-allow-origin: https://4.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 64fa339e8470a0070a80b2436f584e5e
f4f810b5e8cb5b8e3bd30bdd8bf47bc0d4f78330
1c512c82fedca988f72cf258a95b1a85f4ff994f75030642e45646e6355bee27
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5.rokedon.com/
Content-Type: application/json
Origin: https://5.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 2f86173c549cee76197574e9fbb82518
access-control-allow-origin: https://5.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 55 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash 7e485b36bda0c1fcbce777eb6fee0afb
c41fb54442a7d6282b50775dd343e5e837e80101
2908d6ee6c725689c580e7b5e9b6e2b20df87db09216c3fde81c9a091e6d6eb2
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
11.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 319 B URL HTTP/2 11.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
File type ASCII text, with very long lines (554)
Hash 9d3f266f39ca06abd816e605ddc1e667
55accf7c0887cae0c3e645f0ee529c19ba849fb5
35667eaadb0de129f846977095a06cc78d087524a87368c4f3de9b6ac6703245
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 11.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd4532cdeb4fd-OSL
age: 34954
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6.rokedon.com/
Origin: https://6.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://6.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.rokedon.com/
Origin: https://9.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://9.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
10.rokedon.com/l/PA/12/?resubscription=51&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 50 kB URL HTTP/2 10.rokedon.com/l/PA/12/?resubscription=51&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 27baa9ca0d7be4c7badc89a91aea8920
81ad1e97dfef725291b11d1c074a012950ae086a
d007acc48f22e5deb1a61711bec6df9e01a51563987072036f9ae8543daf9422
GET /l/PA/12/?resubscription=51&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 10.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd4517aa2b4fd-OSL
age: 18345
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
13.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 320 B URL HTTP/2 13.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
File type ASCII text, with very long lines (554)
Hash 74452c427ad9110be87cc6d258965bb3
7fcb37f63c98d20691571b6660cd583bb128e431
357772394b97deee4245c2d0520a2322e582feb86d2a3b81e695e81e7f2749cd
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 13.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd4553fccb4fd-OSL
age: 34954
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://6.rokedon.com/
Origin: https://6.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://6.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
9.rokedon.com/l/PA/12/?resubscription=52&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 12 kB URL HTTP/2 9.rokedon.com/l/PA/12/?resubscription=52&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash e88e6f3f237075c11b1c117df202a0c1
696136cf45c3b96b627bbda484ac04b807f21843
8f8d2f723da378bea3670dae80f4dca026e539335bd7d7a748a1c79a8d3e6687
GET /l/PA/12/?resubscription=52&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 9.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd450994ab4fd-OSL
age: 18232
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash 750a7d5b8bd1802c4990051ac3ae4500
d72a346125b243a4cea37d2aaa00e93016717c7e
c17e6c51cab057a04df21c77768f474ee96e349d72e86a72d7e6f3a7863f626b
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
14.rokedon.com/l/PA/12/skip-button.webp
172.67.13.145200 OK 5.0 kB URL HTTP/2 14.rokedon.com/l/PA/12/skip-button.webp
IP 172.67.13.145:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da2dc41d023f4fcc89675351f9117c3d
bff287be312236d01df91ec7db9a58c4bde224f4
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/skip-button.webp HTTP/1.1
Host: 14.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://14.rokedon.com/l/PA/12/?resubscription=47&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: image/webp
content-length: 5006
accept-ranges: bytes
etag: "l/PA/12/skip-button.31c9ae67f7.webp"
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 772dd45658e9b4fd-OSL
X-Firefox-Spdy: h2
11.rokedon.com/l/PA/12/?resubscription=50&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 73 kB URL HTTP/2 11.rokedon.com/l/PA/12/?resubscription=50&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 1fa686b24352c9673922815cb3c7bdb4
a342f0fe547bc1355610b0afa66502621a6b0e99
ec60bb1bcd280fa45d5093cf4c2e14149588b5bbd17386d5345a39a8abb7df70
GET /l/PA/12/?resubscription=50&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 11.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd4524beab4fd-OSL
age: 18345
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://8.rokedon.com/
Origin: https://8.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://8.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://9.rokedon.com/
Origin: https://9.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://9.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash a8dd10141e797acb98c404469b1dec7a
faa298e058e744f2c38608199fd7ed635e9dd837
f7e333bc1226538aafe424bef44e9c4a5d7f8e3d98589cad00bb983f4557386e
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8.rokedon.com/
Content-Type: application/json
Origin: https://8.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: d0bfb0d9d6f4226246335f299f0f3d95
access-control-allow-origin: https://8.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
15.rokedon.com/l/PA/12/?resubscription=46&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 12 kB URL HTTP/2 15.rokedon.com/l/PA/12/?resubscription=46&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash bed9a40cbf888ce38e0a4ede580dfcae
1261b9820ebc91d2f214b7871d7c2aa2c10b7817
6c025e264f390d31ca66998e6458f84f2aa9165ee417a0aa4e20b6aa8a06ca45
GET /l/PA/12/?resubscription=46&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 15.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://14.rokedon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd457caafb4fd-OSL
age: 18345
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6131
Expires: Thu, 01 Dec 2022 20:01:20 GMT
Date: Thu, 01 Dec 2022 18:19:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6131
Expires: Thu, 01 Dec 2022 20:01:20 GMT
Date: Thu, 01 Dec 2022 18:19:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6131
Expires: Thu, 01 Dec 2022 20:01:20 GMT
Date: Thu, 01 Dec 2022 18:19:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 73629
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
14.rokedon.com/favicon.ico
172.67.13.145200 OK 11 kB URL HTTP/2 14.rokedon.com/favicon.ico
IP 172.67.13.145:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 43bc7e4cb8599adcaba3abcad6f1132a
fa61797a7135be5fa4b1d6bad1fa7bb334bc87f4
83a0e06f0a4b1a974f2b52bc65bc1a64638e457483268fd49fdb46ec4a457985
GET /favicon.ico HTTP/1.1
Host: 14.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://14.rokedon.com/l/PA/12/?resubscription=47&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: image/vnd.microsoft.icon
etag: W/"favicon.ff38969f14.ico"
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 772dd45719cdb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 73899
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 05:45:16 GMT
age: 45233
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 84063
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 17:08:13 GMT
age: 4256
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10.rokedon.com/
Origin: https://10.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://10.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11.rokedon.com/
Origin: https://11.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://11.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://12.rokedon.com/
Origin: https://12.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://12.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://13.rokedon.com/
Origin: https://13.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://13.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://10.rokedon.com/
Origin: https://10.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://10.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://12.rokedon.com/
Origin: https://12.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://12.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669918634972x890hg2e3&var=163_OM
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669918634972x890hg2e3&var=163_OM
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7f8aa6239923bcf9bbd6f111f1d700a3
af401b33c56f922fbdf7b3474b36ce242bf82362
92c015fd1de74730f3ba9163c2122e4c7d1f6bca9fa51dbea323c04fcceb2b4a
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669918634972x890hg2e3&var=163_OM HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14.rokedon.com/
Origin: https://14.rokedon.com
Connection: keep-alive
Cookie: ID=deb172d406404c85bbd3b090be7725f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://14.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=deb172d406404c85bbd3b090be7725f1; expires=Fri, 01 Dec 2023 18:19:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://11.rokedon.com/
Origin: https://11.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://11.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 0c5a4b2cd43dc7a962d6983f4275c251
c3a81a82a22d0e7698e6ae202eb844c78b3026a4
609be0713c784afc8fc398b648e1f060648e395edba906e8842bda0e75b5f447
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10.rokedon.com/
Content-Type: application/json
Origin: https://10.rokedon.com
Content-Length: 386
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 4ea8bfda05b4fceebd1b21b1f4534cc2
access-control-allow-origin: https://10.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 119d195a6fbf6f85be2e6804bba58efa
4f4d779c97871d462dd4522ca5de64e89afaac79
0da446101f6c24823b7d4955d6636e51ac7bc0d9858ed5d68c36820caf6bd590
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://12.rokedon.com/
Content-Type: application/json
Origin: https://12.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 2505952f417b48cd62fb33514b87bbd5
access-control-allow-origin: https://12.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash bfb783a58f721c12d7dcb209cca229a0
c0a43dc1b5d35505b88c807d6f146dc3e1001ff7
79f5a9bc2922fcd430a4c2b7c7179bfae9295b6dc6f8852c9aa26fde6ee834c8
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11.rokedon.com/
Content-Type: application/json
Origin: https://11.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 319db58189641fc35e089c67bf08b6da
access-control-allow-origin: https://11.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5bd7cc049c5c691a84e8a11ce3ab8ae0
861ae3a2e77806761d1ab78c09f1297124cb6b1f
f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10939
Expires: Thu, 01 Dec 2022 21:21:28 GMT
Date: Thu, 01 Dec 2022 18:19:09 GMT
Connection: keep-alive
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://14.rokedon.com/
Origin: https://14.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://14.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=14.rokedon.com&var=163_OM&ymid=1669918634972x890hg2e3&var_3=&dsig=&nt=true&action=prerequest
139.45.197.251200 OK 0 B URL HTTP/2 choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=14.rokedon.com&var=163_OM&ymid=1669918634972x890hg2e3&var_3=&dsig=&nt=true&action=prerequest
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=14.rokedon.com&var=163_OM&ymid=1669918634972x890hg2e3&var_3=&dsig=&nt=true&action=prerequest HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14.rokedon.com/
Origin: https://14.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-length: 0
x-trace-id: 164b1aa53d88f254a56118d927456743
access-control-allow-origin: https://14.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 0a6b232c972b7eb725752f13eb2c2d38
90f066cd1feefff50585b04f2f31db3690c77653
d2357540a72b7b1906bda68fc4ed15ad6d114f66bf4e98ac273a870d0b65c717
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14.rokedon.com/
Content-Type: application/json
Origin: https://14.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 29d639db9f6d45deee7dd947627bbcd9
access-control-allow-origin: https://14.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
choupsee.com/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /event HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://14.rokedon.com/
Origin: https://14.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://14.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=14.rokedon.com&var=163_OM&ymid=1669918634972x890hg2e3&var_3=&dsig=&nt=true&action=settings
139.45.197.251200 OK 693 B URL HTTP/2 choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=14.rokedon.com&var=163_OM&ymid=1669918634972x890hg2e3&var_3=&dsig=&nt=true&action=settings
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (692)
Hash da5f93dde67263d753ca7508e89e4048
7c3a89017cde2422b1f840bb2e67bddc26d7d98c
f7242fa92beb69973bd122ad7c91becd07738a1a8a7f2678d2af829797e26e18
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=14.rokedon.com&var=163_OM&ymid=1669918634972x890hg2e3&var_3=&dsig=&nt=true&action=settings HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14.rokedon.com/
Origin: https://14.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/json; charset=utf-8
content-length: 693
x-trace-id: e6376d693d8720902ea2b0dbfc32e478
access-control-allow-origin: https://14.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://13.rokedon.com/
Origin: https://13.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://13.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
choupsee.com/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 0a6b232c972b7eb725752f13eb2c2d38
90f066cd1feefff50585b04f2f31db3690c77653
d2357540a72b7b1906bda68fc4ed15ad6d114f66bf4e98ac273a870d0b65c717
Analyzer Verdict Alert fortinet Malware
POST /event HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14.rokedon.com/
Content-Type: application/json
Origin: https://14.rokedon.com
Content-Length: 492
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:10 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: bd5f21e7ed001745e31af63891fd65b0
access-control-allow-origin: https://14.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 4e4891477a22f293dd578436ba5ed1a6
183e333a371f4763b67ff5c4568741b6bc118fde
cdf551eea7189cc51b0c0dda1c0a03c8cb6d6e98f36fbd960122829e5057ee88
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://13.rokedon.com/
Content-Type: application/json
Origin: https://13.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:10 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 6cad98576c66db18d187c33198247955
access-control-allow-origin: https://13.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
5.rokedon.com/l/PA/12/?resubscription=56&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 5.rokedon.com/l/PA/12/?resubscription=56&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=56&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 5.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd44d1d16b4fd-OSL
age: 386
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
37.rokedon.com/l/PA/12/?resubscription=63&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 37.rokedon.com/l/PA/12/?resubscription=63&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=63&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 37.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://36.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd446cd09b4fd-OSL
age: 18355
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://37.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://39.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
1.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 1.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 1.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd44a194bb4fd-OSL
age: 34957
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
4.rokedon.com/l/PA/12/?resubscription=57&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 4.rokedon.com/l/PA/12/?resubscription=57&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=57&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 4.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd44c6c47b4fd-OSL
age: 18355
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
14.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 14.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 14.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd45668f1b4fd-OSL
age: 18345
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
35.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 35.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 35.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd4456b76b4fd-OSL
age: 18355
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
39.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 39.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 39.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd4495843b4fd-OSL
age: 18356
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://35.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://38.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
12.rokedon.com/l/PA/12/?resubscription=49&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 12.rokedon.com/l/PA/12/?resubscription=49&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=49&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 12.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd4534d07b4fd-OSL
age: 18345
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
35.rokedon.com/l/PA/12/?resubscription=65&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 35.rokedon.com/l/PA/12/?resubscription=65&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=65&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 35.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd44419e5b4fd-OSL
age: 18355
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
36.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 36.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 36.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd446bcf2b4fd-OSL
age: 18355
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
37.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 37.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 37.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd4477dd3b4fd-OSL
age: 18355
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
39.rokedon.com/l/PA/12/?resubscription=61&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 39.rokedon.com/l/PA/12/?resubscription=61&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=61&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 39.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://38.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd4488f49b4fd-OSL
age: 18355
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://14.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
13.rokedon.com/l/PA/12/?resubscription=48&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 13.rokedon.com/l/PA/12/?resubscription=48&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=48&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 13.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd4547ec1b4fd-OSL
age: 18345
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
14.rokedon.com/l/PA/12/?resubscription=47&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 14.rokedon.com/l/PA/12/?resubscription=47&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=47&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 14.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://13.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:09 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd4559827b4fd-OSL
age: 18345
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
1.rokedon.com/l/PA/12/?resubscription=60&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 1.rokedon.com/l/PA/12/?resubscription=60&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=60&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 1.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://39.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd4496851b4fd-OSL
age: 20945
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
3.rokedon.com/l/PA/12/?resubscription=58&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 3.rokedon.com/l/PA/12/?resubscription=58&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=58&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 3.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd44b7b1db4fd-OSL
age: 18355
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
6.rokedon.com/l/PA/12/?resubscription=55&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
172.67.13.145200 OK 0 B URL HTTP/2 6.rokedon.com/l/PA/12/?resubscription=55&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 172.67.13.145:0
GET /l/PA/12/?resubscription=55&clickid=1669918634972x890hg2e3&source=163&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=OM&partner=PA&language=en-US&unixtime=1669918634&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 6.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: text/html; charset=utf-8
cf-ray: 772dd44dfe20b4fd-OSL
age: 18355
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
4.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 4.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 4.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd44cfcf5b4fd-OSL
age: 34956
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
12.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 12.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 12.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd453fe13b4fd-OSL
age: 34954
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
6.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 6.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 6.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd44ebee1b4fd-OSL
age: 34955
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
7.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 7.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 7.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd44f9814b4fd-OSL
age: 34956
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:08 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://36.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 18:19:06 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
3.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
172.67.13.145200 OK 0 B URL HTTP/2 3.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3
IP 172.67.13.145:0
GET /sw-check-permissions-4789821.js?z=4789821&var=163_OM&ymid=1669918634972x890hg2e3 HTTP/1.1
Host: 3.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 18:19:07 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772dd44c5c35b4fd-OSL
age: 34956
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2