13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.77.191301 Moved Permanently 0 B URL HTTP/1.1 13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.77.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 13.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 13:17:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 01 Dec 2022 14:17:58 GMT
Location: https://13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c1b290d1009b4-ARN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3021
Expires: Thu, 01 Dec 2022 14:08:19 GMT
Date: Thu, 01 Dec 2022 13:17:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6362
Cache-Control: max-age=169156
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 13:17:58 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:17:14 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4915
Expires: Thu, 01 Dec 2022 14:39:53 GMT
Date: Thu, 01 Dec 2022 13:17:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 12:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3590
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eTvajpA3ZWEA8tgfrj3nks2Wc8gy10MmLlnMQRHQAg96AcP77inRGyQJJ3phMUIiTd03QbDHdd0=
x-amz-request-id: Y36S7XDSBJA91GJ4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 12:45:40 GMT
age: 1938
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:17:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 160d16cab4f56d84c998b4ccbfbe8e37
a461fcfdf87cb93c49e5a9589259ba2801360358
c04fed7a71c250e0c13b267c33ea8f2679e42981a8cdbfd2ac415cb705acfd14
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C04FED7A71C250E0C13B267C33EA8F2679E42981A8CDBFD2AC415CB705ACFD14"
Last-Modified: Thu, 01 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21472
Expires: Thu, 01 Dec 2022 19:15:51 GMT
Date: Thu, 01 Dec 2022 13:17:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7052d0be50b317ffa10af2cbb0bde662
0e15905e727c5e948a31d4e8a5f26a0572793be9
6a732ac60863fe5fcc261950bd10eeadf99f50f89449586cd54f99df8eeecc6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A732AC60863FE5FCC261950BD10EEADF99F50F89449586CD54F99DF8EEECC6C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2873
Expires: Thu, 01 Dec 2022 14:05:52 GMT
Date: Thu, 01 Dec 2022 13:17:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 13:11:15 GMT
cache-control: public,max-age=3600
age: 404
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 13:17:59 GMT
Last-Modified: Thu, 01 Dec 2022 11:32:04 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
14.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 255 B URL HTTP/2 14.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 766cb7f3ba58dafee34a3028bf58374e
e81bd3c2341a2b69f88e26a535e39770538c9823
5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 14.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:17:59 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b305d8e09b3-ARN
age: 18317
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://13.rokedon.com/
Origin: https://13.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://13.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: U7FbzYkhhbaCN+n4slR4lA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hw5M11KOOeFUb3NNaGSzlmiymgU=
13.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191304 Not Modified 0 B URL HTTP/2 13.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 13.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b327fd309b3-ARN
age: 18318
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 48ce5da40d18cb3b13767e8bcffcac10
35ef533bccbb21802444b592a77c466a23b539c9
60b3a951b6d5af88130911a834af5a0f52b99b71bf91804baa84f7f5faaa6811
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://13.rokedon.com/
Content-Type: application/json
Origin: https://13.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 2c3a551e78f52635170b03ad74fee8b9
access-control-allow-origin: https://13.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://14.rokedon.com/
Origin: https://14.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://14.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 13 kB URL HTTP/2 13.rokedon.com/l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 453ec16daedd24cded61895bd8257815
d38de75b6fd476d8ca471305f8ffb0d5605e3282
435a4aa318a991536d032ba24f3e3d245266395d9485ccfc38467f2c4ff63275
GET /l/PA/12/?resubscription=87&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 13.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Connection: keep-alive
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:17:59 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b2cf9d909b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://15.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash b77c8d0d545058d4b6e6c415bf172e3c
0affb7fb740b6690b1c3cf39b4163ef4c9b86159
658734d4c80dc8461cc94797bd7ca73c6ecd586facd7dbeed32f1025551101c2
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14.rokedon.com/
Content-Type: application/json
Origin: https://14.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 3f31af429fa1ef300325a57d3209c737
access-control-allow-origin: https://14.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://15.rokedon.com/
Origin: https://15.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://15.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://16.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash b561f5d1d13e55ae576db61f06de6c8d
62cfd7ac5bdca1c90681a66f740ce836f62caa7b
25e06a4505603f79683314961781996b174028c5f411b13de4eafd4d9118452f
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://15.rokedon.com/
Content-Type: application/json
Origin: https://15.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 13c39efeb151f675b5d4905a125defd5
access-control-allow-origin: https://15.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
15.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 38 kB URL HTTP/2 15.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 37ec165fb9631afbb914538f6f65b427
8eed73b7d8a6f9da6d4de400a8dae2a302096eb2
8fa413d0abf5b1a7c26312e5a4e667a9de08d19906c64f1c3c648585a61698b6
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 15.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b323f8e09b3-ARN
age: 18317
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://16.rokedon.com/
Origin: https://16.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://16.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash ea274b9d6d04e91fe60049338eb40701
986c233cff91d539986f0450ca7f6e43cc3d8ee9
6595239d227a712f367370a91519fc62e98685507d9e320386343fc147bf8725
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://16.rokedon.com/
Content-Type: application/json
Origin: https://16.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 151c0969cd4a544b9c5f9aed8bc5c01e
access-control-allow-origin: https://16.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
19.rokedon.com/l/PA/12/skip-button.webp
104.22.76.191200 OK 5.0 kB URL HTTP/2 19.rokedon.com/l/PA/12/skip-button.webp
IP 104.22.76.191:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da2dc41d023f4fcc89675351f9117c3d
bff287be312236d01df91ec7db9a58c4bde224f4
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/skip-button.webp HTTP/1.1
Host: 19.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://19.rokedon.com/l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: image/webp
content-length: 5006
cf-ray: 772c1b365c4f09b3-ARN
accept-ranges: bytes
age: 17311
etag: "l/PA/12/skip-button.31c9ae67f7.webp"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://17.rokedon.com/
Origin: https://17.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://17.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
17.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 255 B URL HTTP/2 17.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 766cb7f3ba58dafee34a3028bf58374e
e81bd3c2341a2b69f88e26a535e39770538c9823
5926d9c6a56e194d8a5fb32f5de7216e7c086439bcb53db44537221285fc1129
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 17.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b350abe09b3-ARN
age: 18317
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
16.rokedon.com/l/PA/12/?resubscription=84&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 12 kB URL HTTP/2 16.rokedon.com/l/PA/12/?resubscription=84&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 8e6cf812b764d632505d55544b3ac155
df8767ae0e6b74750ac6c929c5a343d52c288f85
6419e1dfd51ce02a8652034ef84256e796a6d0340e8b5575fa230aec51ad291e
GET /l/PA/12/?resubscription=84&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 16.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://15.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b33087609b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
16.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191304 Not Modified 0 B URL HTTP/2 16.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 16.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b395f9e09b3-ARN
age: 18318
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
21.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 254 B URL HTTP/2 21.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 7d2d8d659c117ab107695ef968149e83
25f1f7fdef89ccd7205fd49c4a303012d3f00a78
84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 21.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b387eb709b3-ARN
age: 16248
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
23.rokedon.com/l/PA/12/skip-button.webp
104.22.76.191200 OK 5.0 kB URL HTTP/2 23.rokedon.com/l/PA/12/skip-button.webp
IP 104.22.76.191:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da2dc41d023f4fcc89675351f9117c3d
bff287be312236d01df91ec7db9a58c4bde224f4
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/skip-button.webp HTTP/1.1
Host: 23.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://23.rokedon.com/l/PA/12/?resubscription=77&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: image/webp
content-length: 5006
cf-ray: 772c1b39f82109b3-ARN
accept-ranges: bytes
age: 16247
etag: "l/PA/12/skip-button.31c9ae67f7.webp"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12445
Expires: Thu, 01 Dec 2022 16:45:26 GMT
Date: Thu, 01 Dec 2022 13:18:01 GMT
Connection: keep-alive
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18.rokedon.com/
Origin: https://18.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://18.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://19.rokedon.com/
Origin: https://19.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://19.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
17.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191304 Not Modified 0 B URL HTTP/2 17.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 17.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b3ab8f709b3-ARN
age: 18318
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12968
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 13:18:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12968
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 13:18:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12968
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 13:18:01 GMT
Connection: keep-alive
22.rokedon.com/l/PA/12/?resubscription=78&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 13 kB URL HTTP/2 22.rokedon.com/l/PA/12/?resubscription=78&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 9af6ff8f873b0833d0afd8051ee708f2
ff8f19d695e582fd0be0239d07fb00213eac37f8
82cd47fd4cda6a023fe295adf99db83105c87869699ab0c7bee939809f5d88e5
GET /l/PA/12/?resubscription=78&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 22.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b388ecb09b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12968
Expires: Thu, 01 Dec 2022 16:54:09 GMT
Date: Thu, 01 Dec 2022 13:18:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:57 GMT
age: 55504
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:43:35 GMT
age: 52466
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 05:45:16 GMT
age: 27165
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 51 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash 03b61fe3ff9de69cb1dbfb1b2da9cc89
2f1523588170176d236553396bc9a6c037ecc28c
6e9bcca82694d3a1e9ace79c92cc233f5fd6bf7578a0eb46e936a1273b6b2de0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://22.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 55561
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 65995
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20.rokedon.com/
Origin: https://20.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://20.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://18.rokedon.com/
Origin: https://18.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://18.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://19.rokedon.com/
Origin: https://19.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://19.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash bcb9d1eca6419422ba539c66fd05a98c
b5e8f55a97afaf253400ea6499a985771843496a
54fbc4b7cb4998f4cd7600738b4ca4d7ab75fe6c9a7c0c86a2bf4a75ed199900
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18.rokedon.com/
Content-Type: application/json
Origin: https://18.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 0859bbfc74305c8d87fb1241e61555bf
access-control-allow-origin: https://18.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 011bd25907070ea0b61bcb220b152e1f
e93c09c896ed1379e757bd4aceaaf8009649abf1
6260a8cf728c4dbafbed63e79446bdd69c0c9c5d50d88e8aac93014692bd1fbc
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://19.rokedon.com/
Content-Type: application/json
Origin: https://19.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: f3af407e4111c4df250ad9bf1283f7da
access-control-allow-origin: https://19.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://21.rokedon.com/
Origin: https://21.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://21.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://20.rokedon.com/
Origin: https://20.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://20.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
25.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 320 B URL HTTP/2 25.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash c5354edad3d150e78d4901c212fb0f48
2f7260d7685b0c78c79c8d929628c75b11f4770a
0989496cb4c69a8c395db004700b51a9899f61abb3003750a6669eb0ec1bc1ac
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 25.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b3d3bc209b3-ARN
age: 16245
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash db443786e7bd006b50abf21dff8a8894
ad205a1cd3ab33f8180a8a36024419ab5afe2290
8f63f86fc97d71b62502b61f2f08fdca4a001795aa1e4bd7f305c5fec8fe30ed
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20.rokedon.com/
Content-Type: application/json
Origin: https://20.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 93d27e94a5b1c2f2ef613cb26884471e
access-control-allow-origin: https://20.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://21.rokedon.com/
Origin: https://21.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://21.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
25.rokedon.com/l/PA/12/?resubscription=75&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 12 kB URL HTTP/2 25.rokedon.com/l/PA/12/?resubscription=75&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 366c16f3a61ebe59c995b38d873f24b4
39e6ecc93638b62fe568963f3045e5f62e36b19a
88f34153e864ebb5ec934148dfb55cff6a61f6a01de5cc2f74bb187d55718189
GET /l/PA/12/?resubscription=75&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 25.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b3c5ae509b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://22.rokedon.com/
Origin: https://22.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://22.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
26.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 348 B URL HTTP/2 26.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 2c47053b4cb8ad99d7e1e37ad037bcbd
1b5f3f93fcc190caeba9a4076a4d1ee18d951acc
e77f646f7c2a8df08a2ce62e7a2b9c5d814c5d66058e6025053cc19c8dc29c98
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 26.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b3e2cbc09b3-ARN
age: 16245
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://23.rokedon.com/
Origin: https://23.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://23.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 43 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash 839e006c414d1f002fa62ddfcaaeb32f
a4f31d87b7df62fb00db9ff08a5d7ee3aa9b379b
edb0aaecedce0fe40d97fae2dd6d9c61faa0649d75baefaf6e757147a535daa6
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://25.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 50 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash e946fc519b70f24b260f753a83d34ea0
e1048054998463308417b09da05f9a8c3a6d10f9
7209a4897cec1433736014f1537b4638fb1f202029df889e6424d553bf00680e
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://23.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
27.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 254 B URL HTTP/2 27.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 7d2d8d659c117ab107695ef968149e83
25f1f7fdef89ccd7205fd49c4a303012d3f00a78
84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 27.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b3f3dbe09b3-ARN
age: 16245
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash a2a0d65136bffb861e95bebd54e42e80
06c5c2f774e4ddcf12ba4ba3406f9739a1da2438
4daed859a5bbe638cf93050f4db4ba27ce4ccb1c2ae3af64a2b9ea314af90bc7
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://23.rokedon.com/
Content-Type: application/json
Origin: https://23.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 573478e7d548b66f06e0f5084bce69e9
access-control-allow-origin: https://23.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 498aa5b82891218a17839c0597ca0db9
187f8aa17b6dc83de7d16308df6cbdf0f15aae45
54639431183007ce1d4a331e38108985840349ea694d3d2bd4af898bbe3b5a17
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://26.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 90cdf316c106c6e72f45e91f359741ca
e692f6befc60aaff0903bb9771eccfdca5efe41f
b2c166ce3fa169c69df0c37b223d73dd446919f62f0ae6509cf233c39c1f6c02
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://24.rokedon.com/
Content-Type: application/json
Origin: https://24.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: b9a4f8e39ae8127b9c56610ce90ff4e5
access-control-allow-origin: https://24.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://25.rokedon.com/
Origin: https://25.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://25.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://25.rokedon.com/
Origin: https://25.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://25.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://26.rokedon.com/
Origin: https://26.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://26.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 4e0d82603cace776c4269368f1a1332b
fce496cf9b197659844d9431d6cac935ae4ab64d
13fcd14e1510ea1244bb6b0fea84144e686b65acad90deead842930a1d2a53bc
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://25.rokedon.com/
Content-Type: application/json
Origin: https://25.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: e18cbb12048ae5ff3b4ee4949af058c2
access-control-allow-origin: https://25.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://28.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 498aa5b82891218a17839c0597ca0db9
187f8aa17b6dc83de7d16308df6cbdf0f15aae45
54639431183007ce1d4a331e38108985840349ea694d3d2bd4af898bbe3b5a17
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://27.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
29.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 349 B URL HTTP/2 29.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash b27e979d7d515ee268ad542eab4fd706
0ece2b8f4577ff6e16e31ebbb99cdb42f60059f8
8dc05fb1005a6433683cb9e8a5e69de402bbfe9397d49ba273b61d842a183da7
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 29.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b4309e809b3-ARN
age: 16243
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://29.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://28.rokedon.com/
Origin: https://28.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://28.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://27.rokedon.com/
Origin: https://27.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://27.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:02 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://27.rokedon.com/
Origin: https://27.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://27.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://29.rokedon.com/
Origin: https://29.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://29.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://28.rokedon.com/
Origin: https://28.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://28.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash cf38ea26ac5fc79101bec8a99e1d994f
e00bc1a51425de29c7661ab5d34f5d3ef1bd7616
41117093ac0e0ee044af7c6fd34bca15c278f9fa3e293a491b7a18c3987fda0e
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://27.rokedon.com/
Content-Type: application/json
Origin: https://27.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: f655add77a204e3f29bdfa6cbe5cc8ab
access-control-allow-origin: https://27.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5bd7cc049c5c691a84e8a11ce3ab8ae0
861ae3a2e77806761d1ab78c09f1297124cb6b1f
f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8074
Expires: Thu, 01 Dec 2022 15:32:37 GMT
Date: Thu, 01 Dec 2022 13:18:03 GMT
Connection: keep-alive
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 5d14b241fa2ed78abe1a0fb820c33d8c
69edbefe4fc5b0fa160b052e7fa1c81574f4efcb
97d39969b1398bd7ccc1c16d1b937a08e34d07f840ff52946281815116443ce1
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://29.rokedon.com/
Content-Type: application/json
Origin: https://29.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 06b993fdb7cdde69115a1a173cc67470
access-control-allow-origin: https://29.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash f4bad3747779226fb7ced6fdbc389c84
56750f28d76ce5e4710c978949164cfc6fa73513
a646df420d47c311b1622b1bc73d814b5a5e372a87e18f52413cdd3ebd3adee0
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://28.rokedon.com/
Content-Type: application/json
Origin: https://28.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 59b18e13ba7f5cac57b5e9e7db875287
access-control-allow-origin: https://28.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5bd7cc049c5c691a84e8a11ce3ab8ae0
861ae3a2e77806761d1ab78c09f1297124cb6b1f
f4613783b800770734db2c8237665ee9b3bfeb9e58ac0df5273d4cf5fb639988
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4613783B800770734DB2C8237665EE9B3BFEB9E58AC0DF5273D4CF5FB639988"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8011
Expires: Thu, 01 Dec 2022 15:31:34 GMT
Date: Thu, 01 Dec 2022 13:18:03 GMT
Connection: keep-alive
31.rokedon.com/l/PA/12/skip-button.webp
104.22.76.191200 OK 5.0 kB URL HTTP/2 31.rokedon.com/l/PA/12/skip-button.webp
IP 104.22.76.191:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da2dc41d023f4fcc89675351f9117c3d
bff287be312236d01df91ec7db9a58c4bde224f4
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
GET /l/PA/12/skip-button.webp HTTP/1.1
Host: 31.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: image/webp
content-length: 5006
cf-ray: 772c1b458c7809b3-ARN
accept-ranges: bytes
age: 16243
etag: "l/PA/12/skip-button.31c9ae67f7.webp"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
31.rokedon.com/l/PA/12/rnd.jpg
104.22.76.191200 OK 61 kB URL HTTP/2 31.rokedon.com/l/PA/12/rnd.jpg
IP 104.22.76.191:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 297x668, components 3\012- data
Hash 267ebadd2b686bdc1f52a5f502e8c093
ca9892a0b64fb44d9d779c9d34244b7641e89473
891dab1fc5b524854de645a1084f37dc8156cb59516808bd18559b4865dada65
GET /l/PA/12/rnd.jpg HTTP/1.1
Host: 31.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: image/jpeg
content-length: 60612
cf-ray: 772c1b458c8309b3-ARN
accept-ranges: bytes
age: 16243
etag: "l/PA/12/rnd.913476f985.jpg"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
31.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 254 B URL HTTP/2 31.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
File type ASCII text, with very long lines (554)
Hash 7d2d8d659c117ab107695ef968149e83
25f1f7fdef89ccd7205fd49c4a303012d3f00a78
84a7f551ad665125a794d2af9b73001c325b4d4a82c57ec30cc6d0b289ae7322
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 31.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b456c5d09b3-ARN
age: 16242
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
28.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191304 Not Modified 0 B URL HTTP/2 28.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 28.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b46ae2809b3-ARN
age: 16245
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://30.rokedon.com/
Origin: https://30.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://30.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
29.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191304 Not Modified 0 B URL HTTP/2 29.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 29.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b48882109b3-ARN
age: 16244
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 50 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash dbe75599ebf13b2bcd133874d3751af2
b5b1d52b27dda069707b18a635c502388f1a5e20
5c5eee202b273ae483f4df0b01dc4e725a4d0f2db502298cc2b395ff547967c0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://21.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash badfaf98017c08b07960e5639595aae6
27b5841a4fa159f0e92ee3842509938ed33d5d11
6971e47a4da869858468dbef41d8a6003aae52fcebe6b3df28e665c5a39a346f
GET /gid.js?pub=0&userId=&zoneId=4789821&checkDuplicate=true&ymid=1669900298614j3lp15592&var=163_MY HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31.rokedon.com/
Origin: https://31.rokedon.com
Connection: keep-alive
Cookie: ID=5315a201a09a4d478359bb0aba00cdba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://31.rokedon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5315a201a09a4d478359bb0aba00cdba; expires=Fri, 01 Dec 2023 13:18:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=prerequest
139.45.197.251200 OK 0 B URL HTTP/2 choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=prerequest
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=prerequest HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31.rokedon.com/
Origin: https://31.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-length: 0
x-trace-id: 41c45f72c9a628f8e42ff610cdb8f568
access-control-allow-origin: https://31.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
choupsee.com/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /event HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://31.rokedon.com/
Origin: https://31.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://31.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=settings
139.45.197.251200 OK 693 B URL HTTP/2 choupsee.com/zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=settings
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (692)
Hash da5f93dde67263d753ca7508e89e4048
7c3a89017cde2422b1f840bb2e67bddc26d7d98c
f7242fa92beb69973bd122ad7c91becd07738a1a8a7f2678d2af829797e26e18
GET /zone?&pub=0&zone_id=4789821&is_mobile=false&domain=31.rokedon.com&var=163_MY&ymid=1669900298614j3lp15592&var_3=&dsig=&nt=true&action=settings HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31.rokedon.com/
Origin: https://31.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/json; charset=utf-8
content-length: 693
x-trace-id: 38c51b9de7b6635689101629f769e018
access-control-allow-origin: https://31.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://30.rokedon.com/
Origin: https://30.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://30.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 2e6bba82508cd4a972c25cb070ac03c7
f07bfcdabb4d1f6a2fff43e332f35a8ec0eac289
ae339a8b8935bd8138179914f838dec80f63307105f43400a48ef6fef007ed03
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://30.rokedon.com/
Content-Type: application/json
Origin: https://30.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: bba17205f05407689cde1fca669e742d
access-control-allow-origin: https://30.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
30.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191304 Not Modified 0 B URL HTTP/2 30.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 30.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b49d9b109b3-ARN
age: 16243
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://31.rokedon.com/
Origin: https://31.rokedon.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://31.rokedon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash cde1e83f7444fc28cc802abdb1eb910c
e8d6e7cb705bb0cf4a4263450dbb1adc7660d789
5a5b963704ddcce518d1dc066addccd5cf95da3df5dddcf22c327ed669197646
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31.rokedon.com/
Content-Type: application/json
Origin: https://31.rokedon.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 4b267125d0e125994e8f8cbcbb6be295
access-control-allow-origin: https://31.rokedon.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251304 Not Modified 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Dec 2022 10:08:09 GMT
If-None-Match: W/"63887d09-1c6f2"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Thu, 01 Dec 2022 13:18:04 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: "63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
31.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191304 Not Modified 0 B URL HTTP/2 31.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 31.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-None-Match: W/"sw-check-permissions-4789821.3caffe478a.js"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 01 Dec 2022 13:18:04 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b4b4ba209b3-ARN
age: 16243
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
X-Firefox-Spdy: h2
13.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 0 B URL HTTP/2 13.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 13.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:17:59 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b2e6b2909b3-ARN
age: 18317
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
18.rokedon.com/l/PA/12/?resubscription=82&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 18.rokedon.com/l/PA/12/?resubscription=82&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=82&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 18.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://17.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b352aec09b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
22.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 0 B URL HTTP/2 22.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 22.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b393f7609b3-ARN
age: 16248
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 31.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://30.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b450bfa09b3-ARN
age: 11161
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
32.rokedon.com/l/PA/12/?resubscription=68&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 32.rokedon.com/l/PA/12/?resubscription=68&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=68&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 32.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Referer: https://31.rokedon.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b461d8809b3-ARN
age: 7847
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
15.rokedon.com/l/PA/12/?resubscription=85&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 15.rokedon.com/l/PA/12/?resubscription=85&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=85&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 15.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://14.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:17:59 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b313e8309b3-ARN
age: 11159
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
18.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 0 B URL HTTP/2 18.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 18.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b35dbba09b3-ARN
age: 17312
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
17.rokedon.com/l/PA/12/?resubscription=83&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 17.rokedon.com/l/PA/12/?resubscription=83&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=83&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 17.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://16.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b3459db09b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
19.rokedon.com/l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 19.rokedon.com/l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=81&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 19.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b35fbda09b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://19.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://24.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
29.rokedon.com/l/PA/12/?resubscription=71&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 29.rokedon.com/l/PA/12/?resubscription=71&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=71&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 29.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://28.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b4238f809b3-ARN
age: 11161
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
14.rokedon.com/l/PA/12/?resubscription=86&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 14.rokedon.com/l/PA/12/?resubscription=86&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=86&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 14.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://13.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:17:59 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b2f0c1509b3-ARN
age: 11159
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
16.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 0 B URL HTTP/2 16.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 16.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b3388eb09b3-ARN
age: 18317
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
26.rokedon.com/l/PA/12/?resubscription=74&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 26.rokedon.com/l/PA/12/?resubscription=74&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=74&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 26.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://25.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b3d8c0c09b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
20.rokedon.com/l/PA/12/?resubscription=80&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 20.rokedon.com/l/PA/12/?resubscription=80&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=80&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 20.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://19.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b36dcbe09b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
30.rokedon.com/l/PA/12/?resubscription=70&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 30.rokedon.com/l/PA/12/?resubscription=70&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=70&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 30.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://29.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b439a7409b3-ARN
age: 11160
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
31.rokedon.com/favicon.ico
104.22.76.191200 OK 0 B URL HTTP/2 31.rokedon.com/favicon.ico
IP 104.22.76.191:0
GET /favicon.ico HTTP/1.1
Host: 31.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://31.rokedon.com/l/PA/12/?resubscription=69&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:03 GMT
content-type: image/vnd.microsoft.icon
etag: W/"favicon.ff38969f14.ico"
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 772c1b459c9b09b3-ARN
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://18.rokedon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-1c6f2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
20.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 0 B URL HTTP/2 20.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 20.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:00 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b378da209b3-ARN
age: 17310
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
23.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
104.22.76.191200 OK 0 B URL HTTP/2 23.rokedon.com/sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc
IP 104.22.76.191:0
GET /sw-check-permissions-4789821.js?z=4789821&var=165_TR&ymid=16699006439999141poblc HTTP/1.1
Host: 23.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:01 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 772c1b3a184809b3-ARN
age: 16247
etag: W/"sw-check-permissions-4789821.3caffe478a.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
28.rokedon.com/l/PA/12/?resubscription=72&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
104.22.76.191200 OK 0 B URL HTTP/2 28.rokedon.com/l/PA/12/?resubscription=72&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}}
IP 104.22.76.191:0
GET /l/PA/12/?resubscription=72&clickid=16699006439999141poblc&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=TR&partner=PA&language=en-US&unixtime=1669900643&tb={https://oodrampi.com/afu.php?zoneid=5178792&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 28.rokedon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://27.rokedon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 13:18:02 GMT
content-type: text/html; charset=utf-8
cf-ray: 772c1b406f1b09b3-ARN
age: 11161
etag: W/"l/PA/12/index.f25875168a.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2