urlquery - report: 13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
r3.o.lencr.org (10)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3380	8865	23.33.119.27
15.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1191	38787	104.22.76.191
my.rtmark.net (11)	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5589	8173	139.45.195.8
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	229	34.117.237.239
e1.o.lencr.org (1)	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338	729	23.33.119.27
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	52.41.253.170
21.rokedon.com (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488	562	104.22.76.191
25.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1234	13113	104.22.76.191
27.rokedon.com (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488	562	104.22.76.191
31.rokedon.com (6)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3737	67610	104.22.76.191
choupsee.com (3)	93673	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1529	2004	139.45.197.251
32.rokedon.com (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	647	281	104.22.76.191
ocsp.digicert.com (2)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682	1534	93.184.220.29
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5844	34.160.144.191
17.rokedon.com (3)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1725	1149	104.22.76.191
23.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1166	5608	104.22.76.191
22.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1234	13202	104.22.76.191
14.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1191	845	104.22.76.191
19.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1424	5582	104.22.76.191
18.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1234	590	104.22.76.191
foapsovi.net (53)	95036	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	24740	291757	139.45.197.251
29.rokedon.com (3)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1725	1243	104.22.76.191
28.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1280	586	104.22.76.191
20.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1234	590	104.22.76.191
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2373	34.102.187.140
16.rokedon.com (3)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1725	13097	104.22.76.191
26.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1234	938	104.22.76.191
30.rokedon.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1280	586	104.22.76.191
13.rokedon.com (4)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2307	14073	104.22.77.191
img-getpocket.cdn.mozilla.net (5)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2705	49296	34.120.237.76

Scan Date	Severity	Indicator	Comment
2022-12-01	medium	choupsee.com/event	Malware

Date	UQ / IDS / BL	URL	IP
2022-12-01 18:19:03 UTC	0 - 0 - 2	31.rokedon.com/l/PA/12/?resubscription=69&cli (...)	104.22.76.191
2022-12-01 18:18:34 UTC	0 - 0 - 2	32.rokedon.com/l/PA/12/?resubscription=68&cli (...)	104.22.76.191
2022-12-01 18:13:06 UTC	0 - 0 - 2	24.rokedon.com/l/PA/12/?resubscription=76&cli (...)	104.22.76.191
2022-12-01 13:24:21 UTC	0 - 0 - 2	34.rokedon.com/l/PA/12/?resubscription=66&cli (...)	104.22.76.191
2022-12-01 13:24:13 UTC	0 - 0 - 2	33.rokedon.com/l/PA/12/?resubscription=67&cli (...)	104.22.76.191

Date	UQ / IDS / BL	URL	IP
2023-05-30 13:40:39 UTC	0 - 0 - 2	www.livnej.monster/8f95s23p95QMt8617b2O3e7tUx (...)	104.21.72.174
2023-05-30 13:40:12 UTC	0 - 1 - 0	nos.spuent.top/	188.114.96.1
2023-05-30 13:39:59 UTC	0 - 3 - 0	bitpromining.website/go/94/44	104.21.22.253
2023-05-30 13:39:11 UTC	4 - 0 - 0	maildata-updates.info/word-document-preview/s (...)	172.67.178.242
2023-05-30 13:38:55 UTC	0 - 0 - 5	www.statefarmz.us/12182-130-5760-248934/mm/ri (...)	104.21.86.60

Date	UQ / IDS / BL	URL	IP
2022-12-26 06:48:32 UTC	0 - 0 - 2	25.rokedon.com/	104.21.90.111
2022-12-01 19:14:40 UTC	0 - 0 - 2	rokedon.com/camp5	104.22.77.191
2022-12-01 18:21:07 UTC	0 - 0 - 2	10.rokedon.com/l/PA/12/?resubscription=90&cli (...)	172.67.13.145
2022-12-01 18:20:49 UTC	0 - 0 - 3	28.rokedon.com/l/PA/12/?resubscription=72&cli (...)	104.22.77.191
2022-12-01 18:19:17 UTC	0 - 0 - 2	35.rokedon.com/l/PA/12/?resubscription=65&cli (...)	104.22.77.191

Date	UQ / IDS / BL	URL	IP
2022-12-01 18:18:34 UTC	0 - 0 - 2	32.rokedon.com/l/PA/12/?resubscription=68&cli (...)	104.22.76.191
2022-12-01 13:22:15 UTC	0 - 0 - 2	28.rokedon.com/l/PA/12/?resubscription=72&cli (...)	172.67.13.145
2022-11-17 15:28:49 UTC	0 - 0 - 3	22.malokom.com/l/PA/12/?resubscription=78&cli (...)	104.22.32.204

Request	Response
GET /l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 13.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	104.22.77.191 HTTP/1.1 301 Moved Permanently Date: Thu, 01 Dec 2022 13:17:58 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Thu, 01 Dec 2022 14:17:58 GMT Location: https://13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Vary: Accept-Encoding Server: cloudflare CF-RAY: 772c1b290d1009b4-ARN --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3021 Expires: Thu, 01 Dec 2022 14:08:19 GMT Date: Thu, 01 Dec 2022 13:17:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2d2e7649ce9e9ba6fc8b68aa89352e3c Sha1: 0153d1d3d830a457043e16bb40d48a0b9ddef4b8 Sha256: 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6362 Cache-Control: max-age=169156 Date: Thu, 01 Dec 2022 13:17:58 GMT Etag: "63888270-1d7" Expires: Sat, 03 Dec 2022 12:17:14 GMT Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 0c748388899e8a8d3680355da2ea5020 Sha1: 903c620cd137613daafb0da0508c37b2f4a67212 Sha256: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4915 Expires: Thu, 01 Dec 2022 14:39:53 GMT Date: Thu, 01 Dec 2022 13:17:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6d9d34c96b9a826ae5676640c966469c Sha1: 8052a16d41a637e420478b7de1ff5a2dc951fccd Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 01 Dec 2022 12:18:08 GMT cache-control: public,max-age=3600 age: 3590 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: eTvajpA3ZWEA8tgfrj3nks2Wc8gy10MmLlnMQRHQAg96AcP77inRGyQJJ3phMUIiTd03QbDHdd0= x-amz-request-id: Y36S7XDSBJA91GJ4 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 01 Dec 2022 12:45:40 GMT age: 1938 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 01 Dec 2022 13:17:58 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "C04FED7A71C250E0C13B267C33EA8F2679E42981A8CDBFD2AC415CB705ACFD14" Last-Modified: Thu, 01 Dec 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21472 Expires: Thu, 01 Dec 2022 19:15:51 GMT Date: Thu, 01 Dec 2022 13:17:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 160d16cab4f56d84c998b4ccbfbe8e37 Sha1: a461fcfdf87cb93c49e5a9589259ba2801360358 Sha256: c04fed7a71c250e0c13b267c33ea8f2679e42981a8cdbfd2ac415cb705acfd14
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A732AC60863FE5FCC261950BD10EEADF99F50F89449586CD54F99DF8EEECC6C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2873 Expires: Thu, 01 Dec 2022 14:05:52 GMT Date: Thu, 01 Dec 2022 13:17:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7052d0be50b317ffa10af2cbb0bde662 Sha1: 0e15905e727c5e948a31d4e8a5f26a0572793be9 Sha256: 6a732ac60863fe5fcc261950bd10eeadf99f50f89449586cd54f99df8eeecc6c
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 01 Dec 2022 13:11:15 GMT cache-control: public,max-age=3600 age: 404 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6355 Cache-Control: 'max-age=158059' Date: Thu, 01 Dec 2022 13:17:59 GMT Last-Modified: Thu, 01 Dec 2022 11:32:04 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 1f88399f3fdd89dbb9ca1229cb67143a Sha1: 325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3 Sha256: 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 14.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b305d8e09b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 255 Md5: 766cb7f3ba58dafee34a3028bf58374e Sha1: e81bd3c2341a2b69f88e26a535e39770538c9823 Sha256: 5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://13.rokedon.com/ Origin: https://13.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://13.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: U7FbzYkhhbaCN+n4slR4lA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.41.253.170 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: hw5M11KOOeFUb3NNaGSzlmiymgU= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 13.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b327fd309b3-ARN age: 18318 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://13.rokedon.com/ Content-Type: application/json Origin: https://13.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 94 x-trace-id: 2c3a551e78f52635170b03ad74fee8b9 access-control-allow-origin: https://13.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 48ce5da40d18cb3b13767e8bcffcac10 Sha1: 35ef533bccbb21802444b592a77c466a23b539c9 Sha256: 60b3a951b6d5af88130911a834af5a0f52b99b71bf91804baa84f7f5faaa6811
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://14.rokedon.com/ Origin: https://14.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://14.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 13.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 Connection: keep-alive	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b2cf9d909b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators Size: 12612 Md5: 453ec16daedd24cded61895bd8257815 Sha1: d38de75b6fd476d8ca471305f8ffb0d5605e3282 Sha256: 435a4aa318a991536d032ba24f3e3d245266395d9485ccfc38467f2c4ff63275
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://15.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://14.rokedon.com/ Content-Type: application/json Origin: https://14.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 94 x-trace-id: 3f31af429fa1ef300325a57d3209c737 access-control-allow-origin: https://14.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: b77c8d0d545058d4b6e6c415bf172e3c Sha1: 0affb7fb740b6690b1c3cf39b4163ef4c9b86159 Sha256: 658734d4c80dc8461cc94797bd7ca73c6ecd586facd7dbeed32f1025551101c2
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://15.rokedon.com/ Origin: https://15.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://15.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://15.rokedon.com/ Content-Type: application/json Origin: https://15.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 94 x-trace-id: 13c39efeb151f675b5d4905a125defd5 access-control-allow-origin: https://15.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: b561f5d1d13e55ae576db61f06de6c8d Sha1: 62cfd7ac5bdca1c90681a66f740ce836f62caa7b Sha256: 25e06a4505603f79683314961781996b174028c5f411b13de4eafd4d9118452f
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 15.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b323f8e09b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 38197 Md5: 37ec165fb9631afbb914538f6f65b427 Sha1: 8eed73b7d8a6f9da6d4de400a8dae2a302096eb2 Sha256: 8fa413d0abf5b1a7c26312e5a4e667a9de08d19906c64f1c3c648585a61698b6
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://16.rokedon.com/ Origin: https://16.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://16.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://16.rokedon.com/ Content-Type: application/json Origin: https://16.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 94 x-trace-id: 151c0969cd4a544b9c5f9aed8bc5c01e access-control-allow-origin: https://16.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: ea274b9d6d04e91fe60049338eb40701 Sha1: 986c233cff91d539986f0450ca7f6e43cc3d8ee9 Sha256: 6595239d227a712f367370a91519fc62e98685507d9e320386343fc147bf8725
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://17.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/skip-button.webp HTTP/1.1 Host: 19.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://19.rokedon.com/l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/webp date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 5006 cf-ray: 772c1b365c4f09b3-ARN accept-ranges: bytes age: 17311 etag: "l/PA/12/skip-button.31c9ae67f7.webp" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5006 Md5: da2dc41d023f4fcc89675351f9117c3d Sha1: bff287be312236d01df91ec7db9a58c4bde224f4 Sha256: 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://17.rokedon.com/ Origin: https://17.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://17.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 17.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b350abe09b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 255 Md5: 766cb7f3ba58dafee34a3028bf58374e Sha1: e81bd3c2341a2b69f88e26a535e39770538c9823 Sha256: 5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /l/PA/12/?resubscription=84&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 16.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://15.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b33087609b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators Size: 12203 Md5: 8e6cf812b764d632505d55544b3ac155 Sha1: df8767ae0e6b74750ac6c929c5a343d52c288f85 Sha256: 6419e1dfd51ce02a8652034ef84256e796a6d0340e8b5575fa230aec51ad291e
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 16.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b395f9e09b3-ARN age: 18318 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 21.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b387eb709b3-ARN age: 16248 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 254 Md5: 7d2d8d659c117ab107695ef968149e83 Sha1: 25f1f7fdef89ccd7205fd49c4a303012d3f00a78 Sha256: 84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322
GET /l/PA/12/skip-button.webp HTTP/1.1 Host: 23.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://23.rokedon.com/l/PA/12/?resubscription=77&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/webp date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 5006 cf-ray: 772c1b39f82109b3-ARN accept-ranges: bytes age: 16247 etag: "l/PA/12/skip-button.31c9ae67f7.webp" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5006 Md5: da2dc41d023f4fcc89675351f9117c3d Sha1: bff287be312236d01df91ec7db9a58c4bde224f4 Sha256: 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12445 Expires: Thu, 01 Dec 2022 16:45:26 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9caeefc49be26de4b50c14df1aace81f Sha1: ef836496e49f843f0e4c2dc991c314aad13f0f2e Sha256: 83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://18.rokedon.com/ Origin: https://18.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 65 access-control-allow-origin: https://18.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://19.rokedon.com/ Origin: https://19.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 65 access-control-allow-origin: https://19.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 17.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3ab8f709b3-ARN age: 18318 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12968 Expires: Thu, 01 Dec 2022 16:54:09 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12968 Expires: Thu, 01 Dec 2022 16:54:09 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12968 Expires: Thu, 01 Dec 2022 16:54:09 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
GET /l/PA/12/?resubscription=78&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 22.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://21.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b388ecb09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators Size: 12612 Md5: 9af6ff8f873b0833d0afd8051ee708f2 Sha1: ff8f19d695e582fd0be0239d07fb00213eac37f8 Sha256: 82cd47fd4cda6a023fe295adf99db83105c87869699ab0c7bee939809f5d88e5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12968 Expires: Thu, 01 Dec 2022 16:54:09 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9674 x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYgEoHVAoAMFvAQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:52:57 GMT age: 55504 etag: "53650399f9a986ba54addd668b4557109d12003b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9674 Md5: 5508d05a290b663fd89ead9b58f2efd8 Sha1: 53650399f9a986ba54addd668b4557109d12003b Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4803 x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cb1_hEJJIAMF4Vg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 22:43:35 GMT age: 52466 etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4803 Md5: cc0a257323f882caff067adb86d906e4 Sha1: cedf2f21be7cd366bd46055b62b5513db3011dfc Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4762 x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cP7TVG58oAMFQTw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 05:45:16 GMT age: 27165 etag: "fa2217bae05b7beca2e12597eaad835298276b82" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4762 Md5: d2dd5a4bcfd47db8f38544bf39ce3031 Sha1: fa2217bae05b7beca2e12597eaad835298276b82 Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://22.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 50840 Md5: 03b61fe3ff9de69cb1dbfb1b2da9cc89 Sha1: 2f1523588170176d236553396bc9a6c037ecc28c Sha256: 6e9bcca82694d3a1e9ace79c92cc233f5fd6bf7578a0eb46e936a1273b6b2de0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 16038 x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbz80EHboAMFtmQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:52:00 GMT age: 55561 etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 16038 Md5: ffd12f9c423ffc627d9e3b3145944fe4 Sha1: 5cf9a7a784952e1bb0cbe499104f1774b1269d08 Sha256: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8740 x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cP7uyE9CoAMF6Xg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 18:58:06 GMT age: 65995 etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8740 Md5: 26d6dffbf400da4803a2e76e2a8ef2f8 Sha1: 2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8 Sha256: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://20.rokedon.com/ Origin: https://20.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 65 access-control-allow-origin: https://20.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://18.rokedon.com/ Origin: https://18.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://18.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://19.rokedon.com/ Origin: https://19.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://19.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://18.rokedon.com/ Content-Type: application/json Origin: https://18.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 94 x-trace-id: 0859bbfc74305c8d87fb1241e61555bf access-control-allow-origin: https://18.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: bcb9d1eca6419422ba539c66fd05a98c Sha1: b5e8f55a97afaf253400ea6499a985771843496a Sha256: 54fbc4b7cb4998f4cd7600738b4ca4d7ab75fe6c9a7c0c86a2bf4a75ed199900
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://19.rokedon.com/ Content-Type: application/json Origin: https://19.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 94 x-trace-id: f3af407e4111c4df250ad9bf1283f7da access-control-allow-origin: https://19.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 011bd25907070ea0b61bcb220b152e1f Sha1: e93c09c896ed1379e757bd4aceaaf8009649abf1 Sha256: 6260a8cf728c4dbafbed63e79446bdd69c0c9c5d50d88e8aac93014692bd1fbc
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://21.rokedon.com/ Origin: https://21.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 65 access-control-allow-origin: https://21.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://20.rokedon.com/ Origin: https://20.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://20.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 25.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3d3bc209b3-ARN age: 16245 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 320 Md5: c5354edad3d150e78d4901c212fb0f48 Sha1: 2f7260d7685b0c78c79c8d929628c75b11f4770a Sha256: 0989496cb4c69a8c395db004700b51a9899f61abb3003750a6669eb0ec1bc1ac
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://20.rokedon.com/ Content-Type: application/json Origin: https://20.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 94 x-trace-id: 93d27e94a5b1c2f2ef613cb26884471e access-control-allow-origin: https://20.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: db443786e7bd006b50abf21dff8a8894 Sha1: ad205a1cd3ab33f8180a8a36024419ab5afe2290 Sha256: 8f63f86fc97d71b62502b61f2f08fdca4a001795aa1e4bd7f305c5fec8fe30ed
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://21.rokedon.com/ Origin: https://21.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://21.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/?resubscription=75&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 25.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3c5ae509b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators Size: 12203 Md5: 366c16f3a61ebe59c995b38d873f24b4 Sha1: 39e6ecc93638b62fe568963f3045e5f62e36b19a Sha256: 88f34153e864ebb5ec934148dfb55cff6a61f6a01de5cc2f74bb187d55718189
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://22.rokedon.com/ Origin: https://22.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://22.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 26.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3e2cbc09b3-ARN age: 16245 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 348 Md5: 2c47053b4cb8ad99d7e1e37ad037bcbd Sha1: 1b5f3f93fcc190caeba9a4076a4d1ee18d951acc Sha256: e77f646f7c2a8df08a2ce62e7a2b9c5d814c5d66058e6025053cc19c8dc29c98
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://23.rokedon.com/ Origin: https://23.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://23.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://25.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 42948 Md5: 839e006c414d1f002fa62ddfcaaeb32f Sha1: a4f31d87b7df62fb00db9ff08a5d7ee3aa9b379b Sha256: edb0aaecedce0fe40d97fae2dd6d9c61faa0649d75baefaf6e757147a535daa6
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://23.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 50116 Md5: e946fc519b70f24b260f753a83d34ea0 Sha1: e1048054998463308417b09da05f9a8c3a6d10f9 Sha256: 7209a4897cec1433736014f1537b4638fb1f202029df889e6424d553bf00680e
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 27.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b3f3dbe09b3-ARN age: 16245 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 254 Md5: 7d2d8d659c117ab107695ef968149e83 Sha1: 25f1f7fdef89ccd7205fd49c4a303012d3f00a78 Sha256: 84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://23.rokedon.com/ Content-Type: application/json Origin: https://23.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 94 x-trace-id: 573478e7d548b66f06e0f5084bce69e9 access-control-allow-origin: https://23.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: a2a0d65136bffb861e95bebd54e42e80 Sha1: 06c5c2f774e4ddcf12ba4ba3406f9739a1da2438 Sha256: 4daed859a5bbe638cf93050f4db4ba27ce4ccb1c2ae3af64a2b9ea314af90bc7
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://26.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 37942 Md5: 498aa5b82891218a17839c0597ca0db9 Sha1: 187f8aa17b6dc83de7d16308df6cbdf0f15aae45 Sha256: 54639431183007ce1d4a331e38108985840349ea694d3d2bd4af898bbe3b5a17
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://24.rokedon.com/ Content-Type: application/json Origin: https://24.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 94 x-trace-id: b9a4f8e39ae8127b9c56610ce90ff4e5 access-control-allow-origin: https://24.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 90cdf316c106c6e72f45e91f359741ca Sha1: e692f6befc60aaff0903bb9771eccfdca5efe41f Sha256: b2c166ce3fa169c69df0c37b223d73dd446919f62f0ae6509cf233c39c1f6c02
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://25.rokedon.com/ Origin: https://25.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://25.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://25.rokedon.com/ Origin: https://25.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 0 access-control-allow-origin: https://25.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://26.rokedon.com/ Origin: https://26.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://26.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://25.rokedon.com/ Content-Type: application/json Origin: https://25.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 94 x-trace-id: e18cbb12048ae5ff3b4ee4949af058c2 access-control-allow-origin: https://25.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 4e0d82603cace776c4269368f1a1332b Sha1: fce496cf9b197659844d9431d6cac935ae4ab64d Sha256: 13fcd14e1510ea1244bb6b0fea84144e686b65acad90deead842930a1d2a53bc
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://28.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://27.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 37942 Md5: 498aa5b82891218a17839c0597ca0db9 Sha1: 187f8aa17b6dc83de7d16308df6cbdf0f15aae45 Sha256: 54639431183007ce1d4a331e38108985840349ea694d3d2bd4af898bbe3b5a17
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 29.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b4309e809b3-ARN age: 16243 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 349 Md5: b27e979d7d515ee268ad542eab4fd706 Sha1: 0ece2b8f4577ff6e16e31ebbb99cdb42f60059f8 Sha256: 8dc05fb1005a6433683cb9e8a5e69de402bbfe9397d49ba273b61d842a183da7
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://29.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://28.rokedon.com/ Origin: https://28.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://28.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://27.rokedon.com/ Origin: https://27.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://27.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://30.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://27.rokedon.com/ Origin: https://27.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://27.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://29.rokedon.com/ Origin: https://29.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://29.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://28.rokedon.com/ Origin: https://28.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://28.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://27.rokedon.com/ Content-Type: application/json Origin: https://27.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: f655add77a204e3f29bdfa6cbe5cc8ab access-control-allow-origin: https://27.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: cf38ea26ac5fc79101bec8a99e1d994f Sha1: e00bc1a51425de29c7661ab5d34f5d3ef1bd7616 Sha256: 41117093ac0e0ee044af7c6fd34bca15c278f9fa3e293a491b7a18c3987fda0e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8074 Expires: Thu, 01 Dec 2022 15:32:37 GMT Date: Thu, 01 Dec 2022 13:18:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5bd7cc049c5c691a84e8a11ce3ab8ae0 Sha1: 861ae3a2e77806761d1ab78c09f1297124cb6b1f Sha256: f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://29.rokedon.com/ Content-Type: application/json Origin: https://29.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: 06b993fdb7cdde69115a1a173cc67470 access-control-allow-origin: https://29.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 5d14b241fa2ed78abe1a0fb820c33d8c Sha1: 69edbefe4fc5b0fa160b052e7fa1c81574f4efcb Sha256: 97d39969b1398bd7ccc1c16d1b937a08e34d07f840ff52946281815116443ce1
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://28.rokedon.com/ Content-Type: application/json Origin: https://28.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: 59b18e13ba7f5cac57b5e9e7db875287 access-control-allow-origin: https://28.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: f4bad3747779226fb7ced6fdbc389c84 Sha1: 56750f28d76ce5e4710c978949164cfc6fa73513 Sha256: a646df420d47c311b1622b1bc73d814b5a5e372a87e18f52413cdd3ebd3adee0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8011 Expires: Thu, 01 Dec 2022 15:31:34 GMT Date: Thu, 01 Dec 2022 13:18:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5bd7cc049c5c691a84e8a11ce3ab8ae0 Sha1: 861ae3a2e77806761d1ab78c09f1297124cb6b1f Sha256: f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
GET /l/PA/12/skip-button.webp HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/webp date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 5006 cf-ray: 772c1b458c7809b3-ARN accept-ranges: bytes age: 16243 etag: "l/PA/12/skip-button.31c9ae67f7.webp" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5006 Md5: da2dc41d023f4fcc89675351f9117c3d Sha1: bff287be312236d01df91ec7db9a58c4bde224f4 Sha256: 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/rnd.jpg HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/jpeg date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 60612 cf-ray: 772c1b458c8309b3-ARN accept-ranges: bytes age: 16243 etag: "l/PA/12/rnd.913476f985.jpg" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 297x668, components 3\012- data Size: 60612 Md5: 267ebadd2b686bdc1f52a5f502e8c093 Sha1: ca9892a0b64fb44d9d779c9d34244b7641e89473 Sha256: 891dab1fc5b524854de645a1084f37dc8156cb59516808bd18559b4865dada65
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b456c5d09b3-ARN age: 16242 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 254 Md5: 7d2d8d659c117ab107695ef968149e83 Sha1: 25f1f7fdef89ccd7205fd49c4a303012d3f00a78 Sha256: 84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 28.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b46ae2809b3-ARN age: 16245 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://30.rokedon.com/ Origin: https://30.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 65 access-control-allow-origin: https://30.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:03 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 29.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b48882109b3-ARN age: 16244 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://21.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 50305 Md5: dbe75599ebf13b2bcd133874d3751af2 Sha1: b5b1d52b27dda069707b18a635c502388f1a5e20 Sha256: 5c5eee202b273ae483f4df0b01dc4e725a4d0f2db502298cc2b395ff547967c0
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 65 access-control-allow-origin: https://31.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:03 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=prerequest HTTP/1.1 Host: choupsee.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	139.45.197.251 HTTP/2 200 OK server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 x-trace-id: 41c45f72c9a628f8e42ff610cdb8f568 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: choupsee.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Blocklists: - fortinet: Malware
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=settings HTTP/1.1 Host: choupsee.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 693 x-trace-id: 38c51b9de7b6635689101629f769e018 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (692) Size: 693 Md5: da5f93dde67263d753ca7508e89e4048 Sha1: 7c3a89017cde2422b1f840bb2e67bddc26d7d98c Sha256: f7242fa92beb69973bd122ad7c91becd07738a1a8a7f2678d2af829797e26e18
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://30.rokedon.com/ Origin: https://30.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://30.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://30.rokedon.com/ Content-Type: application/json Origin: https://30.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: bba17205f05407689cde1fca669e742d access-control-allow-origin: https://30.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 2e6bba82508cd4a972c25cb070ac03c7 Sha1: f07bfcdabb4d1f6a2fff43e332f35a8ec0eac289 Sha256: ae339a8b8935bd8138179914f838dec80f63307105f43400a48ef6fef007ed03
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 30.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b49d9b109b3-ARN age: 16243 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://31.rokedon.com/ Content-Type: application/json Origin: https://31.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: 4b267125d0e125994e8f8cbcbb6be295 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: cde1e83f7444fc28cc802abdb1eb910c Sha1: e8d6e7cb705bb0cf4a4263450dbb1adc7660d789 Sha256: 5a5b963704ddcce518d1dc066addccd5cf95da3df5dddcf22c327ed669197646
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:04 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:04 GMT cf-ray: 772c1b4b4ba209b3-ARN age: 16243 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 13.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b2e6b2909b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=82&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 18.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://17.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b352aec09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://20.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 22.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b393f7609b3-ARN age: 16248 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://30.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b450bfa09b3-ARN age: 11161 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=68&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 32.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Referer: https://31.rokedon.com/ Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b461d8809b3-ARN age: 7847 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=85&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 15.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://14.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b313e8309b3-ARN age: 11159 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 18.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b35dbba09b3-ARN age: 17312 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=83&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 17.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://16.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b3459db09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 19.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://18.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b35fbda09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://19.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=71&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 29.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://28.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b4238f809b3-ARN age: 11161 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=86&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 14.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://13.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b2f0c1509b3-ARN age: 11159 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 16.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b3388eb09b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=74&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 26.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://25.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3d8c0c09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=80&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 20.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://19.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b36dcbe09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=70&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 30.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://29.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b439a7409b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /favicon.ico HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/vnd.microsoft.icon date: Thu, 01 Dec 2022 13:18:03 GMT etag: W/"favicon.ff38969f14.ico" cf-cache-status: MISS vary: Accept-Encoding server: cloudflare cf-ray: 772c1b459c9b09b3-ARN content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://18.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 20.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b378da209b3-ARN age: 17310 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 23.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3a184809b3-ARN age: 16247 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=72&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 28.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://27.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b406f1b09b3-ARN age: 11161 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:

                                        
                                            GET /l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 13.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                        
                                             104.22.77.191

                                            
                                                HTTP/1.1 301 Moved Permanently

                                            

                                            
                                                
Date: Thu, 01 Dec 2022 13:17:58 GMT 

                                            
                                                
Transfer-Encoding: chunked 

                                            
                                                
Connection: keep-alive 

                                            
                                                
Cache-Control: max-age=3600 

                                            
                                                
Expires: Thu, 01 Dec 2022 14:17:58 GMT 

                                            
                                                
Location: https://13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} 

                                            
                                                
Vary: Accept-Encoding 

                                            
                                                
Server: cloudflare 

                                            
                                                
CF-RAY: 772c1b290d1009b4-ARN 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             93.184.220.29

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Accept-Ranges: bytes 

                                            
                                                
Age: 6362 

                                            
                                                
Cache-Control: max-age=169156 

                                            
                                                
Date: Thu, 01 Dec 2022 13:17:58 GMT 

                                            
                                                
Etag: "63888270-1d7" 

                                            
                                                
Expires: Sat, 03 Dec 2022 12:17:14 GMT 

                                            
                                                
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT 

                                            
                                                
Server: ECS (ska/F70A) 

                                            
                                                
X-Cache: HIT 

                                            
                                                
Content-Length: 471 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   471

                                                Md5:    0c748388899e8a8d3680355da2ea5020

                                                Sha1:   903c620cd137613daafb0da0508c37b2f4a67212

                                                Sha256: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json

                                            

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type 

                                            
                                                
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                            
                                                
strict-transport-security: max-age=31536000 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
content-length: 939 

                                            
                                                
via: 1.1 google 

                                            
                                                
date: Thu, 01 Dec 2022 12:18:08 GMT 

                                            
                                                
cache-control: public,max-age=3600 

                                            
                                                
age: 3590 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    14cd9a0afb6ba9a763651d5112760d1e

                                                Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa

                                                Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:17:58 GMT 

                                            
                                                
content-length: 12 

                                            
                                                
strict-transport-security: max-age=31536000 

                                            
                                                
via: 1.1 google 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.33.119.27

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "6A732AC60863FE5FCC261950BD10EEADF99F50F89449586CD54F99DF8EEECC6C" 

                                            
                                                
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=2873 

                                            
                                                
Expires: Thu, 01 Dec 2022 14:05:52 GMT 

                                            
                                                
Date: Thu, 01 Dec 2022 13:17:59 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    7052d0be50b317ffa10af2cbb0bde662

                                                Sha1:   0e15905e727c5e948a31d4e8a5f26a0572793be9

                                                Sha256: 6a732ac60863fe5fcc261950bd10eeadf99f50f89449586cd54f99df8eeecc6c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             93.184.220.29

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Accept-Ranges: bytes 

                                            
                                                
Age: 6355 

                                            
                                                
Cache-Control: 'max-age=158059' 

                                            
                                                
Date: Thu, 01 Dec 2022 13:17:59 GMT 

                                            
                                                
Last-Modified: Thu, 01 Dec 2022 11:32:04 GMT 

                                            
                                                
Server: ECS (ska/F70A) 

                                            
                                                
X-Cache: HIT 

                                            
                                                
Content-Length: 471 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   471

                                                Md5:    1f88399f3fdd89dbb9ca1229cb67143a

                                                Sha1:   325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3

                                                Sha256: 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

                                        
                                            OPTIONS /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Referer: https://13.rokedon.com/ 

                                        
                                            
Origin: https://13.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/plain; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
content-length: 0 

                                            
                                                
access-control-allow-origin: https://13.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-methods: GET, POST, OPTIONS 

                                            
                                                
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token 

                                            
                                                
access-control-max-age: 86400 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 13.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                        
                                            
Cache-Control: max-age=0 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 304 Not Modified 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
cf-ray: 772c1b327fd309b3-ARN 

                                            
                                                
age: 18318 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: REVALIDATED 

                                            
                                                
server: cloudflare 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            OPTIONS /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Referer: https://14.rokedon.com/ 

                                        
                                            
Origin: https://14.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/plain; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
content-length: 0 

                                            
                                                
access-control-allow-origin: https://14.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-methods: GET, POST, OPTIONS 

                                            
                                                
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token 

                                            
                                                
access-control-max-age: 86400 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://15.rokedon.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT 

                                        
                                            
If-None-Match: W/"63887d09-1c6f2" 

                                        
                                            
Cache-Control: max-age=0 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 304 Not Modified

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: "63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            OPTIONS /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Referer: https://15.rokedon.com/ 

                                        
                                            
Origin: https://15.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/plain; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
content-length: 0 

                                            
                                                
access-control-allow-origin: https://15.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-methods: GET, POST, OPTIONS 

                                            
                                                
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token 

                                            
                                                
access-control-max-age: 86400 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://15.rokedon.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: https://15.rokedon.com 

                                        
                                            
Content-Length: 385 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
content-length: 94 

                                            
                                                
x-trace-id: 13c39efeb151f675b5d4905a125defd5 

                                            
                                                
access-control-allow-origin: https://15.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   94

                                                Md5:    b561f5d1d13e55ae576db61f06de6c8d

                                                Sha1:   62cfd7ac5bdca1c90681a66f740ce836f62caa7b

                                                Sha256: 25e06a4505603f79683314961781996b174028c5f411b13de4eafd4d9118452f

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 15.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
cf-ray: 772c1b323f8e09b3-ARN 

                                            
                                                
age: 18317 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text, with very long lines (554)

                                                Size:   38197

                                                Md5:    37ec165fb9631afbb914538f6f65b427

                                                Sha1:   8eed73b7d8a6f9da6d4de400a8dae2a302096eb2

                                                Sha256: 8fa413d0abf5b1a7c26312e5a4e667a9de08d19906c64f1c3c648585a61698b6

                                        
                                            POST /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://16.rokedon.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: https://16.rokedon.com 

                                        
                                            
Content-Length: 385 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
content-length: 94 

                                            
                                                
x-trace-id: 151c0969cd4a544b9c5f9aed8bc5c01e 

                                            
                                                
access-control-allow-origin: https://16.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   94

                                                Md5:    ea274b9d6d04e91fe60049338eb40701

                                                Sha1:   986c233cff91d539986f0450ca7f6e43cc3d8ee9

                                                Sha256: 6595239d227a712f367370a91519fc62e98685507d9e320386343fc147bf8725

                                        
                                            GET /l/PA/12/skip-button.webp HTTP/1.1 

                                        
                                            
Host: 19.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://19.rokedon.com/l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/webp

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
content-length: 5006 

                                            
                                                
cf-ray: 772c1b365c4f09b3-ARN 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
age: 17311 

                                            
                                                
etag: "l/PA/12/skip-button.31c9ae67f7.webp" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data

                                                Size:   5006

                                                Md5:    da2dc41d023f4fcc89675351f9117c3d

                                                Sha1:   bff287be312236d01df91ec7db9a58c4bde224f4

                                                Sha256: 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT 

                                        
                                            
If-None-Match: W/"63887d09-1c6f2" 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 304 Not Modified

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: "63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /l/PA/12/?resubscription=84&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 16.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://15.rokedon.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
Connection: keep-alive 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
cf-ray: 772c1b33087609b3-ARN 

                                            
                                                
age: 11160 

                                            
                                                
etag: W/"l/PA/12/index.f25875168a.html" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators

                                                Size:   12203

                                                Md5:    8e6cf812b764d632505d55544b3ac155

                                                Sha1:   df8767ae0e6b74750ac6c929c5a343d52c288f85

                                                Sha256: 6419e1dfd51ce02a8652034ef84256e796a6d0340e8b5575fa230aec51ad291e

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 21.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
cf-ray: 772c1b387eb709b3-ARN 

                                            
                                                
age: 16248 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text, with very long lines (554)

                                                Size:   254

                                                Md5:    7d2d8d659c117ab107695ef968149e83

                                                Sha1:   25f1f7fdef89ccd7205fd49c4a303012d3f00a78

                                                Sha256: 84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.33.119.27

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0" 

                                            
                                                
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=12445 

                                            
                                                
Expires: Thu, 01 Dec 2022 16:45:26 GMT 

                                            
                                                
Date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    9caeefc49be26de4b50c14df1aace81f

                                                Sha1:   ef836496e49f843f0e4c2dc991c314aad13f0f2e

                                                Sha256: 83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0

                                        
                                            GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://19.rokedon.com/ 

                                        
                                            
Origin: https://19.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: ID=5315a201a09a4d478359bb0aba00cdba 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.195.8

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
content-length: 65 

                                            
                                                
access-control-allow-origin: https://19.rokedon.com 

                                            
                                                
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                            
                                                
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                            
                                                
access-control-expose-headers: Authorization 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
timing-allow-origin: *, * 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   65

                                                Md5:    badfaf98017c08b07960e5639595aae6

                                                Sha1:   27b5841a4fa159f0e92ee3842509938ed33d5d11

                                                Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 17.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                        
                                            
Cache-Control: max-age=0 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 304 Not Modified 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
cf-ray: 772c1b3ab8f709b3-ARN 

                                            
                                                
age: 18318 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: REVALIDATED 

                                            
                                                
server: cloudflare 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.33.119.27

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" 

                                            
                                                
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=12968 

                                            
                                                
Expires: Thu, 01 Dec 2022 16:54:09 GMT 

                                            
                                                
Date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    ecab83d593cc540b02689be5be7abc8a

                                                Sha1:   81cda579b7b9b22332b85266b0126585f3d3f73f

                                                Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

                                        
                                            GET /l/PA/12/?resubscription=78&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 22.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://21.rokedon.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
cf-ray: 772c1b388ecb09b3-ARN 

                                            
                                                
age: 11160 

                                            
                                                
etag: W/"l/PA/12/index.f25875168a.html" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators

                                                Size:   12612

                                                Md5:    9af6ff8f873b0833d0afd8051ee708f2

                                                Sha1:   ff8f19d695e582fd0be0239d07fb00213eac37f8

                                                Sha256: 82cd47fd4cda6a023fe295adf99db83105c87869699ab0c7bee939809f5d88e5

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 9674 

                                            
                                                
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: cYgEoHVAoAMFvAQ= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT 

                                            
                                                
x-amz-cf-pop: SEA19-C2 

                                            
                                                
x-cache: Hit from cloudfront 

                                            
                                                
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ== 

                                            
                                                
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Wed, 30 Nov 2022 21:52:57 GMT 

                                            
                                                
age: 55504 

                                            
                                                
etag: "53650399f9a986ba54addd668b4557109d12003b" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9674

                                                Md5:    5508d05a290b663fd89ead9b58f2efd8

                                                Sha1:   53650399f9a986ba54addd668b4557109d12003b

                                                Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 4762 

                                            
                                                
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: cP7TVG58oAMFQTw= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT 

                                            
                                                
x-amz-cf-pop: SEA19-C2 

                                            
                                                
x-cache: Miss from cloudfront 

                                            
                                                
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ== 

                                            
                                                
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Thu, 01 Dec 2022 05:45:16 GMT 

                                            
                                                
age: 27165 

                                            
                                                
etag: "fa2217bae05b7beca2e12597eaad835298276b82" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4762

                                                Md5:    d2dd5a4bcfd47db8f38544bf39ce3031

                                                Sha1:   fa2217bae05b7beca2e12597eaad835298276b82

                                                Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 16038 

                                            
                                                
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: cbz80EHboAMFtmQ= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT 

                                            
                                                
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                            
                                                
x-cache: Hit from cloudfront 

                                            
                                                
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg== 

                                            
                                                
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Wed, 30 Nov 2022 21:52:00 GMT 

                                            
                                                
age: 55561 

                                            
                                                
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   16038

                                                Md5:    ffd12f9c423ffc627d9e3b3145944fe4

                                                Sha1:   5cf9a7a784952e1bb0cbe499104f1774b1269d08

                                                Sha256: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

                                        
                                            GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://20.rokedon.com/ 

                                        
                                            
Origin: https://20.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: ID=5315a201a09a4d478359bb0aba00cdba 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.195.8

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
content-length: 65 

                                            
                                                
access-control-allow-origin: https://20.rokedon.com 

                                            
                                                
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                            
                                                
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                            
                                                
access-control-expose-headers: Authorization 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
timing-allow-origin: *, * 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   65

                                                Md5:    badfaf98017c08b07960e5639595aae6

                                                Sha1:   27b5841a4fa159f0e92ee3842509938ed33d5d11

                                                Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f

                                        
                                            OPTIONS /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Referer: https://19.rokedon.com/ 

                                        
                                            
Origin: https://19.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/plain; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
content-length: 0 

                                            
                                                
access-control-allow-origin: https://19.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-methods: GET, POST, OPTIONS 

                                            
                                                
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token 

                                            
                                                
access-control-max-age: 86400 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://19.rokedon.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: https://19.rokedon.com 

                                        
                                            
Content-Length: 385 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
content-length: 94 

                                            
                                                
x-trace-id: f3af407e4111c4df250ad9bf1283f7da 

                                            
                                                
access-control-allow-origin: https://19.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   94

                                                Md5:    011bd25907070ea0b61bcb220b152e1f

                                                Sha1:   e93c09c896ed1379e757bd4aceaaf8009649abf1

                                                Sha256: 6260a8cf728c4dbafbed63e79446bdd69c0c9c5d50d88e8aac93014692bd1fbc

                                        
                                            OPTIONS /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Referer: https://20.rokedon.com/ 

                                        
                                            
Origin: https://20.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/plain; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
content-length: 0 

                                            
                                                
access-control-allow-origin: https://20.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-methods: GET, POST, OPTIONS 

                                            
                                                
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token 

                                            
                                                
access-control-max-age: 86400 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://20.rokedon.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: https://20.rokedon.com 

                                        
                                            
Content-Length: 385 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
content-length: 94 

                                            
                                                
x-trace-id: 93d27e94a5b1c2f2ef613cb26884471e 

                                            
                                                
access-control-allow-origin: https://20.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   94

                                                Md5:    db443786e7bd006b50abf21dff8a8894

                                                Sha1:   ad205a1cd3ab33f8180a8a36024419ab5afe2290

                                                Sha256: 8f63f86fc97d71b62502b61f2f08fdca4a001795aa1e4bd7f305c5fec8fe30ed

                                        
                                            GET /l/PA/12/?resubscription=75&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 25.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://24.rokedon.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
cf-ray: 772c1b3c5ae509b3-ARN 

                                            
                                                
age: 11160 

                                            
                                                
etag: W/"l/PA/12/index.f25875168a.html" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators

                                                Size:   12203

                                                Md5:    366c16f3a61ebe59c995b38d873f24b4

                                                Sha1:   39e6ecc93638b62fe568963f3045e5f62e36b19a

                                                Sha256: 88f34153e864ebb5ec934148dfb55cff6a61f6a01de5cc2f74bb187d55718189

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 26.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
cf-ray: 772c1b3e2cbc09b3-ARN 

                                            
                                                
age: 16245 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text, with very long lines (554)

                                                Size:   348

                                                Md5:    2c47053b4cb8ad99d7e1e37ad037bcbd

                                                Sha1:   1b5f3f93fcc190caeba9a4076a4d1ee18d951acc

                                                Sha256: e77f646f7c2a8df08a2ce62e7a2b9c5d814c5d66058e6025053cc19c8dc29c98

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://25.rokedon.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: W/"63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
content-encoding: gzip 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   42948

                                                Md5:    839e006c414d1f002fa62ddfcaaeb32f

                                                Sha1:   a4f31d87b7df62fb00db9ff08a5d7ee3aa9b379b

                                                Sha256: edb0aaecedce0fe40d97fae2dd6d9c61faa0649d75baefaf6e757147a535daa6

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 27.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
cf-ray: 772c1b3f3dbe09b3-ARN 

                                            
                                                
age: 16245 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text, with very long lines (554)

                                                Size:   254

                                                Md5:    7d2d8d659c117ab107695ef968149e83

                                                Sha1:   25f1f7fdef89ccd7205fd49c4a303012d3f00a78

                                                Sha256: 84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://26.rokedon.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: W/"63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
content-encoding: gzip 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text, with very long lines (65536), with no line terminators

                                                Size:   37942

                                                Md5:    498aa5b82891218a17839c0597ca0db9

                                                Sha1:   187f8aa17b6dc83de7d16308df6cbdf0f15aae45

                                                Sha256: 54639431183007ce1d4a331e38108985840349ea694d3d2bd4af898bbe3b5a17

                                        
                                            GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://25.rokedon.com/ 

                                        
                                            
Origin: https://25.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: ID=5315a201a09a4d478359bb0aba00cdba 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.195.8

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
content-length: 65 

                                            
                                                
access-control-allow-origin: https://25.rokedon.com 

                                            
                                                
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                            
                                                
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                            
                                                
access-control-expose-headers: Authorization 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
timing-allow-origin: *, * 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   65

                                                Md5:    badfaf98017c08b07960e5639595aae6

                                                Sha1:   27b5841a4fa159f0e92ee3842509938ed33d5d11

                                                Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f

                                        
                                            GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://26.rokedon.com/ 

                                        
                                            
Origin: https://26.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: ID=5315a201a09a4d478359bb0aba00cdba 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.195.8

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
content-length: 65 

                                            
                                                
access-control-allow-origin: https://26.rokedon.com 

                                            
                                                
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                            
                                                
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                            
                                                
access-control-expose-headers: Authorization 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
timing-allow-origin: *, * 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   65

                                                Md5:    badfaf98017c08b07960e5639595aae6

                                                Sha1:   27b5841a4fa159f0e92ee3842509938ed33d5d11

                                                Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://28.rokedon.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT 

                                        
                                            
If-None-Match: W/"63887d09-1c6f2" 

                                        
                                            
Cache-Control: max-age=0 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 304 Not Modified

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: "63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 29.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
cf-ray: 772c1b4309e809b3-ARN 

                                            
                                                
age: 16243 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text, with very long lines (554)

                                                Size:   349

                                                Md5:    b27e979d7d515ee268ad542eab4fd706

                                                Sha1:   0ece2b8f4577ff6e16e31ebbb99cdb42f60059f8

                                                Sha256: 8dc05fb1005a6433683cb9e8a5e69de402bbfe9397d49ba273b61d842a183da7

                                        
                                            GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://28.rokedon.com/ 

                                        
                                            
Origin: https://28.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: ID=5315a201a09a4d478359bb0aba00cdba 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.195.8

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
content-length: 65 

                                            
                                                
access-control-allow-origin: https://28.rokedon.com 

                                            
                                                
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                            
                                                
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                            
                                                
access-control-expose-headers: Authorization 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
timing-allow-origin: *, * 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   65

                                                Md5:    badfaf98017c08b07960e5639595aae6

                                                Sha1:   27b5841a4fa159f0e92ee3842509938ed33d5d11

                                                Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://30.rokedon.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT 

                                        
                                            
If-None-Match: W/"63887d09-1c6f2" 

                                        
                                            
Cache-Control: max-age=0 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 304 Not Modified

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: "63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            OPTIONS /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Referer: https://29.rokedon.com/ 

                                        
                                            
Origin: https://29.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/plain; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
content-length: 0 

                                            
                                                
access-control-allow-origin: https://29.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-methods: GET, POST, OPTIONS 

                                            
                                                
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token 

                                            
                                                
access-control-max-age: 86400 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://27.rokedon.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: https://27.rokedon.com 

                                        
                                            
Content-Length: 385 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
content-length: 94 

                                            
                                                
x-trace-id: f655add77a204e3f29bdfa6cbe5cc8ab 

                                            
                                                
access-control-allow-origin: https://27.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   94

                                                Md5:    cf38ea26ac5fc79101bec8a99e1d994f

                                                Sha1:   e00bc1a51425de29c7661ab5d34f5d3ef1bd7616

                                                Sha256: 41117093ac0e0ee044af7c6fd34bca15c278f9fa3e293a491b7a18c3987fda0e

                                        
                                            POST /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://29.rokedon.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: https://29.rokedon.com 

                                        
                                            
Content-Length: 385 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
content-length: 94 

                                            
                                                
x-trace-id: 06b993fdb7cdde69115a1a173cc67470 

                                            
                                                
access-control-allow-origin: https://29.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   94

                                                Md5:    5d14b241fa2ed78abe1a0fb820c33d8c

                                                Sha1:   69edbefe4fc5b0fa160b052e7fa1c81574f4efcb

                                                Sha256: 97d39969b1398bd7ccc1c16d1b937a08e34d07f840ff52946281815116443ce1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.33.119.27

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988" 

                                            
                                                
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=8011 

                                            
                                                
Expires: Thu, 01 Dec 2022 15:31:34 GMT 

                                            
                                                
Date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    5bd7cc049c5c691a84e8a11ce3ab8ae0

                                                Sha1:   861ae3a2e77806761d1ab78c09f1297124cb6b1f

                                                Sha256: f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988

                                        
                                            GET /l/PA/12/rnd.jpg HTTP/1.1 

                                        
                                            
Host: 31.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} 

                                        
                                            
Connection: keep-alive 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
content-length: 60612 

                                            
                                                
cf-ray: 772c1b458c8309b3-ARN 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
age: 16243 

                                            
                                                
etag: "l/PA/12/rnd.913476f985.jpg" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 297x668, components 3\012- data

                                                Size:   60612

                                                Md5:    267ebadd2b686bdc1f52a5f502e8c093

                                                Sha1:   ca9892a0b64fb44d9d779c9d34244b7641e89473

                                                Sha256: 891dab1fc5b524854de645a1084f37dc8156cb59516808bd18559b4865dada65

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT 

                                        
                                            
If-None-Match: W/"63887d09-1c6f2" 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 304 Not Modified

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: "63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://30.rokedon.com/ 

                                        
                                            
Origin: https://30.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: ID=5315a201a09a4d478359bb0aba00cdba 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.195.8

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
content-length: 65 

                                            
                                                
access-control-allow-origin: https://30.rokedon.com 

                                            
                                                
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                            
                                                
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                            
                                                
access-control-expose-headers: Authorization 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:03 GMT; secure; SameSite=None 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
timing-allow-origin: *, * 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   65

                                                Md5:    badfaf98017c08b07960e5639595aae6

                                                Sha1:   27b5841a4fa159f0e92ee3842509938ed33d5d11

                                                Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://21.rokedon.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: W/"63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
content-encoding: gzip 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   50305

                                                Md5:    dbe75599ebf13b2bcd133874d3751af2

                                                Sha1:   b5b1d52b27dda069707b18a635c502388f1a5e20

                                                Sha256: 5c5eee202b273ae483f4df0b01dc4e725a4d0f2db502298cc2b395ff547967c0

                                        
                                            GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=prerequest HTTP/1.1 

                                        
                                            
Host: choupsee.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://31.rokedon.com/ 

                                        
                                            
Origin: https://31.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
content-length: 0 

                                            
                                                
x-trace-id: 41c45f72c9a628f8e42ff610cdb8f568 

                                            
                                                
access-control-allow-origin: https://31.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=settings HTTP/1.1 

                                        
                                            
Host: choupsee.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://31.rokedon.com/ 

                                        
                                            
Origin: https://31.rokedon.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
content-length: 693 

                                            
                                                
x-trace-id: 38c51b9de7b6635689101629f769e018 

                                            
                                                
access-control-allow-origin: https://31.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text, with very long lines (692)

                                                Size:   693

                                                Md5:    da5f93dde67263d753ca7508e89e4048

                                                Sha1:   7c3a89017cde2422b1f840bb2e67bddc26d7d98c

                                                Sha256: f7242fa92beb69973bd122ad7c91becd07738a1a8a7f2678d2af829797e26e18

                                        
                                            POST /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://30.rokedon.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: https://30.rokedon.com 

                                        
                                            
Content-Length: 385 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
content-length: 94 

                                            
                                                
x-trace-id: bba17205f05407689cde1fca669e742d 

                                            
                                                
access-control-allow-origin: https://30.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   94

                                                Md5:    2e6bba82508cd4a972c25cb070ac03c7

                                                Sha1:   f07bfcdabb4d1f6a2fff43e332f35a8ec0eac289

                                                Sha256: ae339a8b8935bd8138179914f838dec80f63307105f43400a48ef6fef007ed03

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT 

                                        
                                            
If-None-Match: W/"63887d09-1c6f2" 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 304 Not Modified

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: "63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /event HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://31.rokedon.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: https://31.rokedon.com 

                                        
                                            
Content-Length: 385 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
content-length: 94 

                                            
                                                
x-trace-id: 4b267125d0e125994e8f8cbcbb6be295 

                                            
                                                
access-control-allow-origin: https://31.rokedon.com 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=1 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text

                                                Size:   94

                                                Md5:    cde1e83f7444fc28cc802abdb1eb910c

                                                Sha1:   e8d6e7cb705bb0cf4a4263450dbb1adc7660d789

                                                Sha256: 5a5b963704ddcce518d1dc066addccd5cf95da3df5dddcf22c327ed669197646

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 31.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                        
                                            
Cache-Control: max-age=0 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 304 Not Modified 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:04 GMT 

                                            
                                                
cf-ray: 772c1b4b4ba209b3-ARN 

                                            
                                                
age: 16243 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: REVALIDATED 

                                            
                                                
server: cloudflare 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /l/PA/12/?resubscription=82&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 18.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://17.rokedon.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
cf-ray: 772c1b352aec09b3-ARN 

                                            
                                                
age: 11160 

                                            
                                                
etag: W/"l/PA/12/index.f25875168a.html" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 22.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
cf-ray: 772c1b393f7609b3-ARN 

                                            
                                                
age: 16248 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /l/PA/12/?resubscription=68&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 32.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
X-Moz: prefetch 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
Referer: https://31.rokedon.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:03 GMT 

                                            
                                                
cf-ray: 772c1b461d8809b3-ARN 

                                            
                                                
age: 7847 

                                            
                                                
etag: W/"l/PA/12/index.f25875168a.html" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 18.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
cf-ray: 772c1b35dbba09b3-ARN 

                                            
                                                
age: 17312 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 19.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://18.rokedon.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
cf-ray: 772c1b35fbda09b3-ARN 

                                            
                                                
age: 11160 

                                            
                                                
etag: W/"l/PA/12/index.f25875168a.html" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://24.rokedon.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: W/"63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
content-encoding: gzip 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /l/PA/12/?resubscription=86&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 14.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://13.rokedon.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
Connection: keep-alive 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:17:59 GMT 

                                            
                                                
cf-ray: 772c1b2f0c1509b3-ARN 

                                            
                                                
age: 11159 

                                            
                                                
etag: W/"l/PA/12/index.f25875168a.html" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /l/PA/12/?resubscription=74&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 26.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://25.rokedon.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
cf-ray: 772c1b3d8c0c09b3-ARN 

                                            
                                                
age: 11160 

                                            
                                                
etag: W/"l/PA/12/index.f25875168a.html" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /l/PA/12/?resubscription=70&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 

                                        
                                            
Host: 30.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://29.rokedon.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
Connection: keep-alive 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:02 GMT 

                                            
                                                
cf-ray: 772c1b439a7409b3-ARN 

                                            
                                                
age: 11160 

                                            
                                                
etag: W/"l/PA/12/index.f25875168a.html" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 

                                        
                                            
Host: foapsovi.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://18.rokedon.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             139.45.197.251

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Thu, 01 Dec 2022 13:18:00 GMT 

                                            
                                                
last-modified: Thu, 01 Dec 2022 10:08:09 GMT 

                                            
                                                
etag: W/"63887d09-1c6f2" 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
cache-control: no-cache 

                                            
                                                
pragma: no-cache 

                                            
                                                
content-encoding: gzip 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 

                                        
                                            
Host: 23.rokedon.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                        
                                             104.22.76.191

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/javascript; charset=utf-8

                                            

                                            
                                                
date: Thu, 01 Dec 2022 13:18:01 GMT 

                                            
                                                
cf-ray: 772c1b3a184809b3-ARN 

                                            
                                                
age: 16247 

                                            
                                                
etag: W/"sw-check-permissions-4789821.3caffe478a.js" 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
cf-cache-status: HIT 

                                            
                                                
server: cloudflare 

                                            
                                                
content-encoding: br 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

URL	13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP	104.22.76.191 ()
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access
Report completed	2022-12-01 13:18:09 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 13.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	104.22.77.191 HTTP/1.1 301 Moved Permanently Date: Thu, 01 Dec 2022 13:17:58 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Thu, 01 Dec 2022 14:17:58 GMT Location: https://13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Vary: Accept-Encoding Server: cloudflare CF-RAY: 772c1b290d1009b4-ARN --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3021 Expires: Thu, 01 Dec 2022 14:08:19 GMT Date: Thu, 01 Dec 2022 13:17:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2d2e7649ce9e9ba6fc8b68aa89352e3c Sha1: 0153d1d3d830a457043e16bb40d48a0b9ddef4b8 Sha256: 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6362 Cache-Control: max-age=169156 Date: Thu, 01 Dec 2022 13:17:58 GMT Etag: "63888270-1d7" Expires: Sat, 03 Dec 2022 12:17:14 GMT Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 0c748388899e8a8d3680355da2ea5020 Sha1: 903c620cd137613daafb0da0508c37b2f4a67212 Sha256: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4915 Expires: Thu, 01 Dec 2022 14:39:53 GMT Date: Thu, 01 Dec 2022 13:17:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6d9d34c96b9a826ae5676640c966469c Sha1: 8052a16d41a637e420478b7de1ff5a2dc951fccd Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 01 Dec 2022 12:18:08 GMT cache-control: public,max-age=3600 age: 3590 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: eTvajpA3ZWEA8tgfrj3nks2Wc8gy10MmLlnMQRHQAg96AcP77inRGyQJJ3phMUIiTd03QbDHdd0= x-amz-request-id: Y36S7XDSBJA91GJ4 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 01 Dec 2022 12:45:40 GMT age: 1938 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 01 Dec 2022 13:17:58 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "C04FED7A71C250E0C13B267C33EA8F2679E42981A8CDBFD2AC415CB705ACFD14" Last-Modified: Thu, 01 Dec 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21472 Expires: Thu, 01 Dec 2022 19:15:51 GMT Date: Thu, 01 Dec 2022 13:17:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 160d16cab4f56d84c998b4ccbfbe8e37 Sha1: a461fcfdf87cb93c49e5a9589259ba2801360358 Sha256: c04fed7a71c250e0c13b267c33ea8f2679e42981a8cdbfd2ac415cb705acfd14
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A732AC60863FE5FCC261950BD10EEADF99F50F89449586CD54F99DF8EEECC6C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2873 Expires: Thu, 01 Dec 2022 14:05:52 GMT Date: Thu, 01 Dec 2022 13:17:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7052d0be50b317ffa10af2cbb0bde662 Sha1: 0e15905e727c5e948a31d4e8a5f26a0572793be9 Sha256: 6a732ac60863fe5fcc261950bd10eeadf99f50f89449586cd54f99df8eeecc6c
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 01 Dec 2022 13:11:15 GMT cache-control: public,max-age=3600 age: 404 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6355 Cache-Control: 'max-age=158059' Date: Thu, 01 Dec 2022 13:17:59 GMT Last-Modified: Thu, 01 Dec 2022 11:32:04 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 1f88399f3fdd89dbb9ca1229cb67143a Sha1: 325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3 Sha256: 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 14.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b305d8e09b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 255 Md5: 766cb7f3ba58dafee34a3028bf58374e Sha1: e81bd3c2341a2b69f88e26a535e39770538c9823 Sha256: 5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://13.rokedon.com/ Origin: https://13.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://13.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: U7FbzYkhhbaCN+n4slR4lA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.41.253.170 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: hw5M11KOOeFUb3NNaGSzlmiymgU= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 13.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b327fd309b3-ARN age: 18318 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://13.rokedon.com/ Content-Type: application/json Origin: https://13.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 94 x-trace-id: 2c3a551e78f52635170b03ad74fee8b9 access-control-allow-origin: https://13.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 48ce5da40d18cb3b13767e8bcffcac10 Sha1: 35ef533bccbb21802444b592a77c466a23b539c9 Sha256: 60b3a951b6d5af88130911a834af5a0f52b99b71bf91804baa84f7f5faaa6811
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://14.rokedon.com/ Origin: https://14.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://14.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 13.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 Connection: keep-alive	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b2cf9d909b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators Size: 12612 Md5: 453ec16daedd24cded61895bd8257815 Sha1: d38de75b6fd476d8ca471305f8ffb0d5605e3282 Sha256: 435a4aa318a991536d032ba24f3e3d245266395d9485ccfc38467f2c4ff63275
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://15.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://14.rokedon.com/ Content-Type: application/json Origin: https://14.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 94 x-trace-id: 3f31af429fa1ef300325a57d3209c737 access-control-allow-origin: https://14.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: b77c8d0d545058d4b6e6c415bf172e3c Sha1: 0affb7fb740b6690b1c3cf39b4163ef4c9b86159 Sha256: 658734d4c80dc8461cc94797bd7ca73c6ecd586facd7dbeed32f1025551101c2
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://15.rokedon.com/ Origin: https://15.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://15.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://15.rokedon.com/ Content-Type: application/json Origin: https://15.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 94 x-trace-id: 13c39efeb151f675b5d4905a125defd5 access-control-allow-origin: https://15.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: b561f5d1d13e55ae576db61f06de6c8d Sha1: 62cfd7ac5bdca1c90681a66f740ce836f62caa7b Sha256: 25e06a4505603f79683314961781996b174028c5f411b13de4eafd4d9118452f
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 15.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b323f8e09b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 38197 Md5: 37ec165fb9631afbb914538f6f65b427 Sha1: 8eed73b7d8a6f9da6d4de400a8dae2a302096eb2 Sha256: 8fa413d0abf5b1a7c26312e5a4e667a9de08d19906c64f1c3c648585a61698b6
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://16.rokedon.com/ Origin: https://16.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://16.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://16.rokedon.com/ Content-Type: application/json Origin: https://16.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 94 x-trace-id: 151c0969cd4a544b9c5f9aed8bc5c01e access-control-allow-origin: https://16.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: ea274b9d6d04e91fe60049338eb40701 Sha1: 986c233cff91d539986f0450ca7f6e43cc3d8ee9 Sha256: 6595239d227a712f367370a91519fc62e98685507d9e320386343fc147bf8725
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://17.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/skip-button.webp HTTP/1.1 Host: 19.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://19.rokedon.com/l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/webp date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 5006 cf-ray: 772c1b365c4f09b3-ARN accept-ranges: bytes age: 17311 etag: "l/PA/12/skip-button.31c9ae67f7.webp" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5006 Md5: da2dc41d023f4fcc89675351f9117c3d Sha1: bff287be312236d01df91ec7db9a58c4bde224f4 Sha256: 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://17.rokedon.com/ Origin: https://17.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT content-length: 0 access-control-allow-origin: https://17.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 17.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b350abe09b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 255 Md5: 766cb7f3ba58dafee34a3028bf58374e Sha1: e81bd3c2341a2b69f88e26a535e39770538c9823 Sha256: 5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /l/PA/12/?resubscription=84&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 16.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://15.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b33087609b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators Size: 12203 Md5: 8e6cf812b764d632505d55544b3ac155 Sha1: df8767ae0e6b74750ac6c929c5a343d52c288f85 Sha256: 6419e1dfd51ce02a8652034ef84256e796a6d0340e8b5575fa230aec51ad291e
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 16.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b395f9e09b3-ARN age: 18318 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 21.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b387eb709b3-ARN age: 16248 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 254 Md5: 7d2d8d659c117ab107695ef968149e83 Sha1: 25f1f7fdef89ccd7205fd49c4a303012d3f00a78 Sha256: 84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322
GET /l/PA/12/skip-button.webp HTTP/1.1 Host: 23.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://23.rokedon.com/l/PA/12/?resubscription=77&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/webp date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 5006 cf-ray: 772c1b39f82109b3-ARN accept-ranges: bytes age: 16247 etag: "l/PA/12/skip-button.31c9ae67f7.webp" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5006 Md5: da2dc41d023f4fcc89675351f9117c3d Sha1: bff287be312236d01df91ec7db9a58c4bde224f4 Sha256: 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12445 Expires: Thu, 01 Dec 2022 16:45:26 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9caeefc49be26de4b50c14df1aace81f Sha1: ef836496e49f843f0e4c2dc991c314aad13f0f2e Sha256: 83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://18.rokedon.com/ Origin: https://18.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 65 access-control-allow-origin: https://18.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://19.rokedon.com/ Origin: https://19.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 65 access-control-allow-origin: https://19.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 17.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3ab8f709b3-ARN age: 18318 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12968 Expires: Thu, 01 Dec 2022 16:54:09 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12968 Expires: Thu, 01 Dec 2022 16:54:09 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12968 Expires: Thu, 01 Dec 2022 16:54:09 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
GET /l/PA/12/?resubscription=78&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 22.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://21.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b388ecb09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators Size: 12612 Md5: 9af6ff8f873b0833d0afd8051ee708f2 Sha1: ff8f19d695e582fd0be0239d07fb00213eac37f8 Sha256: 82cd47fd4cda6a023fe295adf99db83105c87869699ab0c7bee939809f5d88e5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12968 Expires: Thu, 01 Dec 2022 16:54:09 GMT Date: Thu, 01 Dec 2022 13:18:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9674 x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cYgEoHVAoAMFvAQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:52:57 GMT age: 55504 etag: "53650399f9a986ba54addd668b4557109d12003b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9674 Md5: 5508d05a290b663fd89ead9b58f2efd8 Sha1: 53650399f9a986ba54addd668b4557109d12003b Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4803 x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cb1_hEJJIAMF4Vg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 22:43:35 GMT age: 52466 etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4803 Md5: cc0a257323f882caff067adb86d906e4 Sha1: cedf2f21be7cd366bd46055b62b5513db3011dfc Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4762 x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cP7TVG58oAMFQTw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 05:45:16 GMT age: 27165 etag: "fa2217bae05b7beca2e12597eaad835298276b82" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4762 Md5: d2dd5a4bcfd47db8f38544bf39ce3031 Sha1: fa2217bae05b7beca2e12597eaad835298276b82 Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://22.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 50840 Md5: 03b61fe3ff9de69cb1dbfb1b2da9cc89 Sha1: 2f1523588170176d236553396bc9a6c037ecc28c Sha256: 6e9bcca82694d3a1e9ace79c92cc233f5fd6bf7578a0eb46e936a1273b6b2de0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 16038 x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbz80EHboAMFtmQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:52:00 GMT age: 55561 etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 16038 Md5: ffd12f9c423ffc627d9e3b3145944fe4 Sha1: 5cf9a7a784952e1bb0cbe499104f1774b1269d08 Sha256: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8740 x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cP7uyE9CoAMF6Xg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 18:58:06 GMT age: 65995 etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8740 Md5: 26d6dffbf400da4803a2e76e2a8ef2f8 Sha1: 2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8 Sha256: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://20.rokedon.com/ Origin: https://20.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 65 access-control-allow-origin: https://20.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://18.rokedon.com/ Origin: https://18.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://18.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://19.rokedon.com/ Origin: https://19.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://19.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://18.rokedon.com/ Content-Type: application/json Origin: https://18.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 94 x-trace-id: 0859bbfc74305c8d87fb1241e61555bf access-control-allow-origin: https://18.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: bcb9d1eca6419422ba539c66fd05a98c Sha1: b5e8f55a97afaf253400ea6499a985771843496a Sha256: 54fbc4b7cb4998f4cd7600738b4ca4d7ab75fe6c9a7c0c86a2bf4a75ed199900
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://19.rokedon.com/ Content-Type: application/json Origin: https://19.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 94 x-trace-id: f3af407e4111c4df250ad9bf1283f7da access-control-allow-origin: https://19.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 011bd25907070ea0b61bcb220b152e1f Sha1: e93c09c896ed1379e757bd4aceaaf8009649abf1 Sha256: 6260a8cf728c4dbafbed63e79446bdd69c0c9c5d50d88e8aac93014692bd1fbc
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://21.rokedon.com/ Origin: https://21.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 65 access-control-allow-origin: https://21.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://20.rokedon.com/ Origin: https://20.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://20.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 25.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3d3bc209b3-ARN age: 16245 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 320 Md5: c5354edad3d150e78d4901c212fb0f48 Sha1: 2f7260d7685b0c78c79c8d929628c75b11f4770a Sha256: 0989496cb4c69a8c395db004700b51a9899f61abb3003750a6669eb0ec1bc1ac
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://20.rokedon.com/ Content-Type: application/json Origin: https://20.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 94 x-trace-id: 93d27e94a5b1c2f2ef613cb26884471e access-control-allow-origin: https://20.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: db443786e7bd006b50abf21dff8a8894 Sha1: ad205a1cd3ab33f8180a8a36024419ab5afe2290 Sha256: 8f63f86fc97d71b62502b61f2f08fdca4a001795aa1e4bd7f305c5fec8fe30ed
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://21.rokedon.com/ Origin: https://21.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://21.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/?resubscription=75&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 25.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3c5ae509b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators Size: 12203 Md5: 366c16f3a61ebe59c995b38d873f24b4 Sha1: 39e6ecc93638b62fe568963f3045e5f62e36b19a Sha256: 88f34153e864ebb5ec934148dfb55cff6a61f6a01de5cc2f74bb187d55718189
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://22.rokedon.com/ Origin: https://22.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT content-length: 0 access-control-allow-origin: https://22.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 26.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3e2cbc09b3-ARN age: 16245 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 348 Md5: 2c47053b4cb8ad99d7e1e37ad037bcbd Sha1: 1b5f3f93fcc190caeba9a4076a4d1ee18d951acc Sha256: e77f646f7c2a8df08a2ce62e7a2b9c5d814c5d66058e6025053cc19c8dc29c98
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://23.rokedon.com/ Origin: https://23.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://23.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://25.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 42948 Md5: 839e006c414d1f002fa62ddfcaaeb32f Sha1: a4f31d87b7df62fb00db9ff08a5d7ee3aa9b379b Sha256: edb0aaecedce0fe40d97fae2dd6d9c61faa0649d75baefaf6e757147a535daa6
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://23.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 50116 Md5: e946fc519b70f24b260f753a83d34ea0 Sha1: e1048054998463308417b09da05f9a8c3a6d10f9 Sha256: 7209a4897cec1433736014f1537b4638fb1f202029df889e6424d553bf00680e
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 27.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b3f3dbe09b3-ARN age: 16245 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 254 Md5: 7d2d8d659c117ab107695ef968149e83 Sha1: 25f1f7fdef89ccd7205fd49c4a303012d3f00a78 Sha256: 84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://23.rokedon.com/ Content-Type: application/json Origin: https://23.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 94 x-trace-id: 573478e7d548b66f06e0f5084bce69e9 access-control-allow-origin: https://23.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: a2a0d65136bffb861e95bebd54e42e80 Sha1: 06c5c2f774e4ddcf12ba4ba3406f9739a1da2438 Sha256: 4daed859a5bbe638cf93050f4db4ba27ce4ccb1c2ae3af64a2b9ea314af90bc7
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://26.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 37942 Md5: 498aa5b82891218a17839c0597ca0db9 Sha1: 187f8aa17b6dc83de7d16308df6cbdf0f15aae45 Sha256: 54639431183007ce1d4a331e38108985840349ea694d3d2bd4af898bbe3b5a17
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://24.rokedon.com/ Content-Type: application/json Origin: https://24.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 94 x-trace-id: b9a4f8e39ae8127b9c56610ce90ff4e5 access-control-allow-origin: https://24.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 90cdf316c106c6e72f45e91f359741ca Sha1: e692f6befc60aaff0903bb9771eccfdca5efe41f Sha256: b2c166ce3fa169c69df0c37b223d73dd446919f62f0ae6509cf233c39c1f6c02
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://25.rokedon.com/ Origin: https://25.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://25.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://25.rokedon.com/ Origin: https://25.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 0 access-control-allow-origin: https://25.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://26.rokedon.com/ Origin: https://26.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://26.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://25.rokedon.com/ Content-Type: application/json Origin: https://25.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 94 x-trace-id: e18cbb12048ae5ff3b4ee4949af058c2 access-control-allow-origin: https://25.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 4e0d82603cace776c4269368f1a1332b Sha1: fce496cf9b197659844d9431d6cac935ae4ab64d Sha256: 13fcd14e1510ea1244bb6b0fea84144e686b65acad90deead842930a1d2a53bc
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://28.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://27.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 37942 Md5: 498aa5b82891218a17839c0597ca0db9 Sha1: 187f8aa17b6dc83de7d16308df6cbdf0f15aae45 Sha256: 54639431183007ce1d4a331e38108985840349ea694d3d2bd4af898bbe3b5a17
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 29.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b4309e809b3-ARN age: 16243 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 349 Md5: b27e979d7d515ee268ad542eab4fd706 Sha1: 0ece2b8f4577ff6e16e31ebbb99cdb42f60059f8 Sha256: 8dc05fb1005a6433683cb9e8a5e69de402bbfe9397d49ba273b61d842a183da7
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://29.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://28.rokedon.com/ Origin: https://28.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://28.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://27.rokedon.com/ Origin: https://27.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT content-length: 65 access-control-allow-origin: https://27.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://30.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" Cache-Control: max-age=0 TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:02 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://27.rokedon.com/ Origin: https://27.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://27.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://29.rokedon.com/ Origin: https://29.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://29.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://28.rokedon.com/ Origin: https://28.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://28.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://27.rokedon.com/ Content-Type: application/json Origin: https://27.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: f655add77a204e3f29bdfa6cbe5cc8ab access-control-allow-origin: https://27.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: cf38ea26ac5fc79101bec8a99e1d994f Sha1: e00bc1a51425de29c7661ab5d34f5d3ef1bd7616 Sha256: 41117093ac0e0ee044af7c6fd34bca15c278f9fa3e293a491b7a18c3987fda0e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8074 Expires: Thu, 01 Dec 2022 15:32:37 GMT Date: Thu, 01 Dec 2022 13:18:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5bd7cc049c5c691a84e8a11ce3ab8ae0 Sha1: 861ae3a2e77806761d1ab78c09f1297124cb6b1f Sha256: f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://29.rokedon.com/ Content-Type: application/json Origin: https://29.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: 06b993fdb7cdde69115a1a173cc67470 access-control-allow-origin: https://29.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 5d14b241fa2ed78abe1a0fb820c33d8c Sha1: 69edbefe4fc5b0fa160b052e7fa1c81574f4efcb Sha256: 97d39969b1398bd7ccc1c16d1b937a08e34d07f840ff52946281815116443ce1
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://28.rokedon.com/ Content-Type: application/json Origin: https://28.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: 59b18e13ba7f5cac57b5e9e7db875287 access-control-allow-origin: https://28.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: f4bad3747779226fb7ced6fdbc389c84 Sha1: 56750f28d76ce5e4710c978949164cfc6fa73513 Sha256: a646df420d47c311b1622b1bc73d814b5a5e372a87e18f52413cdd3ebd3adee0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8011 Expires: Thu, 01 Dec 2022 15:31:34 GMT Date: Thu, 01 Dec 2022 13:18:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5bd7cc049c5c691a84e8a11ce3ab8ae0 Sha1: 861ae3a2e77806761d1ab78c09f1297124cb6b1f Sha256: f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
GET /l/PA/12/skip-button.webp HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/webp date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 5006 cf-ray: 772c1b458c7809b3-ARN accept-ranges: bytes age: 16243 etag: "l/PA/12/skip-button.31c9ae67f7.webp" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5006 Md5: da2dc41d023f4fcc89675351f9117c3d Sha1: bff287be312236d01df91ec7db9a58c4bde224f4 Sha256: 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/rnd.jpg HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/jpeg date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 60612 cf-ray: 772c1b458c8309b3-ARN accept-ranges: bytes age: 16243 etag: "l/PA/12/rnd.913476f985.jpg" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 297x668, components 3\012- data Size: 60612 Md5: 267ebadd2b686bdc1f52a5f502e8c093 Sha1: ca9892a0b64fb44d9d779c9d34244b7641e89473 Sha256: 891dab1fc5b524854de645a1084f37dc8156cb59516808bd18559b4865dada65
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b456c5d09b3-ARN age: 16242 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 254 Md5: 7d2d8d659c117ab107695ef968149e83 Sha1: 25f1f7fdef89ccd7205fd49c4a303012d3f00a78 Sha256: 84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 28.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b46ae2809b3-ARN age: 16245 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://30.rokedon.com/ Origin: https://30.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 65 access-control-allow-origin: https://30.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:03 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 29.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b48882109b3-ARN age: 16244 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://21.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 50305 Md5: dbe75599ebf13b2bcd133874d3751af2 Sha1: b5b1d52b27dda069707b18a635c502388f1a5e20 Sha256: 5c5eee202b273ae483f4df0b01dc4e725a4d0f2db502298cc2b395ff547967c0
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Cookie: ID=5315a201a09a4d478359bb0aba00cdba Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.195.8 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 65 access-control-allow-origin: https://31.rokedon.com access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:03 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 65 Md5: badfaf98017c08b07960e5639595aae6 Sha1: 27b5841a4fa159f0e92ee3842509938ed33d5d11 Sha256: 6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=prerequest HTTP/1.1 Host: choupsee.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	139.45.197.251 HTTP/2 200 OK server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 x-trace-id: 41c45f72c9a628f8e42ff610cdb8f568 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: choupsee.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Blocklists: - fortinet: Malware
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=settings HTTP/1.1 Host: choupsee.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 693 x-trace-id: 38c51b9de7b6635689101629f769e018 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (692) Size: 693 Md5: da5f93dde67263d753ca7508e89e4048 Sha1: 7c3a89017cde2422b1f840bb2e67bddc26d7d98c Sha256: f7242fa92beb69973bd122ad7c91becd07738a1a8a7f2678d2af829797e26e18
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://30.rokedon.com/ Origin: https://30.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://30.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://30.rokedon.com/ Content-Type: application/json Origin: https://30.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: bba17205f05407689cde1fca669e742d access-control-allow-origin: https://30.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: 2e6bba82508cd4a972c25cb070ac03c7 Sha1: f07bfcdabb4d1f6a2fff43e332f35a8ec0eac289 Sha256: ae339a8b8935bd8138179914f838dec80f63307105f43400a48ef6fef007ed03
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 30.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b49d9b109b3-ARN age: 16243 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://31.rokedon.com/ Origin: https://31.rokedon.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 0 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token access-control-max-age: 86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://31.rokedon.com/ Content-Type: application/json Origin: https://31.rokedon.com Content-Length: 385 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 13:18:03 GMT content-length: 94 x-trace-id: 4b267125d0e125994e8f8cbcbb6be295 access-control-allow-origin: https://31.rokedon.com access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 94 Md5: cde1e83f7444fc28cc802abdb1eb910c Sha1: e8d6e7cb705bb0cf4a4263450dbb1adc7660d789 Sha256: 5a5b963704ddcce518d1dc066addccd5cf95da3df5dddcf22c327ed669197646
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT If-None-Match: W/"63887d09-1c6f2" TE: trailers	139.45.197.251 HTTP/2 304 Not Modified server: nginx date: Thu, 01 Dec 2022 13:18:04 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: "63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js" Cache-Control: max-age=0 TE: trailers	104.22.76.191 HTTP/2 304 Not Modified content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:04 GMT cf-ray: 772c1b4b4ba209b3-ARN age: 16243 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: REVALIDATED server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 13.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b2e6b2909b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=82&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 18.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://17.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b352aec09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://20.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 22.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b393f7609b3-ARN age: 16248 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://30.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b450bfa09b3-ARN age: 11161 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=68&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 32.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Referer: https://31.rokedon.com/ Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:03 GMT cf-ray: 772c1b461d8809b3-ARN age: 7847 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=85&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 15.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://14.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b313e8309b3-ARN age: 11159 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 18.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b35dbba09b3-ARN age: 17312 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=83&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 17.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://16.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b3459db09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 19.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://18.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b35fbda09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://19.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:01 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=71&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 29.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://28.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b4238f809b3-ARN age: 11161 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=86&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 14.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://13.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:17:59 GMT cf-ray: 772c1b2f0c1509b3-ARN age: 11159 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 16.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b3388eb09b3-ARN age: 18317 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=74&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 26.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://25.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3d8c0c09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=80&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 20.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://19.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b36dcbe09b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=70&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 30.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://29.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b439a7409b3-ARN age: 11160 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /favicon.ico HTTP/1.1 Host: 31.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: image/vnd.microsoft.icon date: Thu, 01 Dec 2022 13:18:03 GMT etag: W/"favicon.ff38969f14.ico" cf-cache-status: MISS vary: Accept-Encoding server: cloudflare cf-ray: 772c1b459c9b09b3-ARN content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1 Host: foapsovi.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://18.rokedon.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	139.45.197.251 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 13:18:00 GMT last-modified: Thu, 01 Dec 2022 10:08:09 GMT etag: W/"63887d09-1c6f2" access-control-allow-credentials: true cache-control: no-cache pragma: no-cache content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 20.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:00 GMT cf-ray: 772c1b378da209b3-ARN age: 17310 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1 Host: 23.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 01 Dec 2022 13:18:01 GMT cf-ray: 772c1b3a184809b3-ARN age: 16247 etag: W/"sw-check-permissions-4789821.3caffe478a.js" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /l/PA/12/?resubscription=72&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1 Host: 28.rokedon.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://27.rokedon.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Connection: keep-alive TE: trailers	104.22.76.191 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Dec 2022 13:18:02 GMT cf-ray: 772c1b406f1b09b3-ARN age: 11161 etag: W/"l/PA/12/index.f25875168a.html" vary: Accept-Encoding cf-cache-status: HIT server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:

Overview

Domain Summary (30)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.22.76.191

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: rokedon.com

Last 3 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (4)

#1 JavaScript::Eval (size: 80) - SHA256: bea41a92a1be1b81cbbb0f161e62af1af3ad2a054aa2fbcbdad19d3cd600e81d

#2 JavaScript::Eval (size: 24) - SHA256: 74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3

#3 JavaScript::Eval (size: 2873) - SHA256: ce79318783ffabad8ea876d92239d3bc4466deda5883dafb82a57a883a4d7c96

#4 JavaScript::Eval (size: 2613) - SHA256: 06816c1cda65dc0482c5c2325b944acb9cf08cb5812fd85634023b96d3a72520

Executed Writes (0)

HTTP Transactions (134)

Overview

Domain Summary (30)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.22.76.191

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: rokedon.com

Last 3 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (4)

#1 JavaScript::Eval (size: 80) - SHA256: bea41a92a1be1b81cbbb0f161e62af1af3ad2a054aa2fbcbdad19d3cd600e81d

#2 JavaScript::Eval (size: 24) - SHA256: 74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3

#3 JavaScript::Eval (size: 2873) - SHA256: ce79318783ffabad8ea876d92239d3bc4466deda5883dafb82a57a883a4d7c96

#4 JavaScript::Eval (size: 2613) - SHA256: 06816c1cda65dc0482c5c2325b944acb9cf08cb5812fd85634023b96d3a72520

Executed Writes (0)

HTTP Transactions (134)

Network Intrusion Detection Systems