r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6026
Expires: Sun, 02 Oct 2022 18:07:01 GMT
Date: Sun, 02 Oct 2022 16:26:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
18.165.201.17200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.17:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 16:03:11 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 99blQjVVBDCHMlw9SOKeEJ0P4i2TSOFdD33fF7I5a5cSoP7trsLvKQ==
Age: 1404
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.102200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.102:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d32d70ba49809b2292cca689969507a0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 1lhpuCmQ3BSs6dueztpTg_22HgPslU3hx6xyOn7WkhQ1XJFeutz60w==
age: 46399
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7a79cce7a0bb87778425e156ee5f6f8b
a8737cec68b73e910719702f563f92167cbe9994
9b6d4db1040b6b8891a914b997a0342922c5e7634f495aed54665336593bc057
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B6D4DB1040B6B8891A914B997A0342922C5E7634F495AED54665336593BC057"
Last-Modified: Sun, 02 Oct 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Sun, 02 Oct 2022 22:26:26 GMT
Date: Sun, 02 Oct 2022 16:26:35 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:26:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.17200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.17:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Cache-Control, Alert, Last-Modified, Backoff, Retry-After, Expires, Content-Length, Pragma, ETag
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 02 Oct 2022 15:32:53 GMT
Expires: Sun, 02 Oct 2022 15:32:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 3ffc494014d1d1ba7644f6707a2cf696.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: OUujK6y4FYP1cYESSU4LcV47feltIFT2uNIiMULM3Mlo89g0Ak7zpw==
Age: 3223
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7a79cce7a0bb87778425e156ee5f6f8b
a8737cec68b73e910719702f563f92167cbe9994
9b6d4db1040b6b8891a914b997a0342922c5e7634f495aed54665336593bc057
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B6D4DB1040B6B8891A914B997A0342922C5E7634F495AED54665336593BC057"
Last-Modified: Sun, 02 Oct 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Sun, 02 Oct 2022 22:26:26 GMT
Date: Sun, 02 Oct 2022 16:26:36 GMT
Connection: keep-alive
bloxy.pro/sitepad-data/themes/gohost/style.css?ver=5.1.6
198.251.89.164200 OK 966 B URL HTTP/2 bloxy.pro/sitepad-data/themes/gohost/style.css?ver=5.1.6
IP 198.251.89.164:0
File type ASCII text, with very long lines (1739)
Hash de2bf5994cf95fed253bc91fef042d63
ef01b85360d994a4e311e3d1ec17d8e62566fa95
c148736c0914ce7050aa3533953b4f1211b0b83bd40640630078c485802e91d3
GET /sitepad-data/themes/gohost/style.css?ver=5.1.6 HTTP/1.1
Host: bloxy.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 09 Oct 2022 16:26:36 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 21:40:58 GMT
etag: "a38-62eaeb6a-d36b96f9997f9a60;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 966
date: Sun, 02 Oct 2022 16:26:36 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4657
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:36 GMT
Last-Modified: Sun, 02 Oct 2022 15:09:00 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bloxy.pro/sitepad-data/uploads/2022/08/cropped-Bloxy_Trans.png
198.251.89.164200 OK 8.1 kB URL HTTP/2 bloxy.pro/sitepad-data/uploads/2022/08/cropped-Bloxy_Trans.png
IP 198.251.89.164:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash df92f020e405bb60686476d88f9e354e
5580ec996b34a6e14cf14808593dafb0a871beb9
c77c27a789c8e005e4c50fd0a2a42c8880f155d55258c535ebf3f0000926ac89
GET /sitepad-data/uploads/2022/08/cropped-Bloxy_Trans.png HTTP/1.1
Host: bloxy.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 09 Oct 2022 16:26:36 GMT
content-type: image/png
last-modified: Wed, 03 Aug 2022 21:40:58 GMT
etag: "1f7c-62eaeb6a-2a30c716b052dcd;;;"
accept-ranges: bytes
content-length: 8060
date: Sun, 02 Oct 2022 16:26:36 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-F2FEGZXGVV
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-F2FEGZXGVV
IP 142.250.74.168:0
File type ASCII text, with very long lines (21348)
Hash 1c242623083b3a6677f80183ad6b93c1
2f11a538107ae0a02a3f8e4e11ab0b0968894716
6cbf735c33146875302ebe1fe36927b71ad54d355a40e90efbab5e557a93a457
GET /gtag/js?id=G-F2FEGZXGVV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 16:26:36 GMT
expires: Sun, 02 Oct 2022 16:26:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75775
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bloxy.pro/sitepad-data/uploads/2022/08/image1.png
198.251.89.164200 OK 14 kB URL HTTP/2 bloxy.pro/sitepad-data/uploads/2022/08/image1.png
IP 198.251.89.164:0
File type PNG image data, 582 x 429, 8-bit colormap, non-interlaced\012- data
Hash 54c7ab3f8e1ff990c0042551e3d2a341
76b7cee7b104f7eedc43a588b820067c457c3352
8d570844a27e9ddc0f62c0cc135c46fd9e8976e8e4abe92376627e4e46cf48f2
GET /sitepad-data/uploads/2022/08/image1.png HTTP/1.1
Host: bloxy.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 09 Oct 2022 16:26:36 GMT
content-type: image/png
last-modified: Wed, 03 Aug 2022 21:40:58 GMT
etag: "3596-62eaeb6a-93217ae424d3136b;;;"
accept-ranges: bytes
content-length: 13718
date: Sun, 02 Oct 2022 16:26:36 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8dqKB90SQ5oLaDPzpuauug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /GHcg5oc6YaZTxZfuG1diYXqWdU=
fonts.googleapis.com/css?family=Quicksand%3A400%2C500%2C700%2C600&ver=1.7.0
142.250.74.10200 OK 923 B URL HTTP/2 fonts.googleapis.com/css?family=Quicksand%3A400%2C500%2C700%2C600&ver=1.7.0
IP 142.250.74.10:0
Hash 8ef357e588d11a9888fb99aa222280e2
3e2d6b64762e26f10dba6366f05676c7a9ebbbc6
1129b82c747e228a5133fe51967ab51579cea486234707e96e6e0ae73a09f4d7
GET /css?family=Quicksand%3A400%2C500%2C700%2C600&ver=1.7.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 16:26:36 GMT
date: Sun, 02 Oct 2022 16:26:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data
Hash fe3e5be2baa0126122ba9367ebab73c8
40bec99106dfab5f3721ed725483eb618a9016cd
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:16:00 GMT
expires: Tue, 26 Sep 2023 21:16:00 GMT
cache-control: public, max-age=31536000
age: 501036
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.d.adup-tech.com/jsapi
54.230.111.12200 OK 23 kB IP 54.230.111.12:0
Hash e07184094a3ec894bf50fff1b9352544
a649a82f1570a0b6ace4a3d10069a8d74086b0af
c512271a2eef2515aa8b023d18bc256fb5584264f36d1fadc3fca5f06490ce2a
GET /jsapi HTTP/1.1
Host: s.d.adup-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Thu, 29 Sep 2022 12:52:40 GMT
content-encoding: gzip
date: Sun, 02 Oct 2022 15:57:05 GMT
expires: Sun, 02 Oct 2022 16:57:01 GMT
cache-control: max-age=3600
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: clPkld4zAqYSMBcBUXAcAxgbZ111YCZU7BEd-phiS2WGQDKmStU_ZQ==
age: 1775
X-Firefox-Spdy: h2
bloxy.pro/site-data/plugins/pagelayer-pro/css/givecss.php?give=pagelayer-frontend.css%2Cnivo-lightbox.css%2Canimate.min.css%2Cowl.carousel.min.css%2Cowl.theme.default.min.css%2Cfont-awesome5.min.css&premium=%2Cpremium-frontend.css&ver=1.7.0
198.251.89.164200 OK 65 kB URL HTTP/2 bloxy.pro/site-data/plugins/pagelayer-pro/css/givecss.php?give=pagelayer-frontend.css%2Cnivo-lightbox.css%2Canimate.min.css%2Cowl.carousel.min.css%2Cowl.theme.default.min.css%2Cfont-awesome5.min.css&premium=%2Cpremium-frontend.css&ver=1.7.0
IP 198.251.89.164:0
Hash dbf7636cf14be567489eba373bc247db
eb2f72b7eda26414e77c2339ef0addd884a7a808
a845a8b764673044a7e053535c15988c50640dfeced2bf148e53ab7bff02bf56
GET /site-data/plugins/pagelayer-pro/css/givecss.php?give=pagelayer-frontend.css%2Cnivo-lightbox.css%2Canimate.min.css%2Cowl.carousel.min.css%2Cowl.theme.default.min.css%2Cfont-awesome5.min.css&premium=%2Cpremium-frontend.css&ver=1.7.0 HTTP/1.1
Host: bloxy.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: text/css; charset: UTF-8;charset=UTF-8
cache-control: must-revalidate
last-modified: Tue, 23 Aug 2022 09:03:21 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
date: Sun, 02 Oct 2022 16:26:36 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c120ef4802f4eb64e93225496ba6944a
cdebb30349fa79f7ddb7d13aac47735565ac0ba2
1bcd7dc722018962f16783f0f888742a7926c0a7e466deef174f0f4fc5eb4a4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-F2FEGZXGVV>m=2oe9s0&_p=1165943092&cid=1712025060.1664727997&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664727997&sct=1&seg=0&dl=https%3A%2F%2Fbloxy.pro%2F&dt=Bloxy.Pro%20-%20Free%20Premium%20Hosting&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-F2FEGZXGVV>m=2oe9s0&_p=1165943092&cid=1712025060.1664727997&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664727997&sct=1&seg=0&dl=https%3A%2F%2Fbloxy.pro%2F&dt=Bloxy.Pro%20-%20Free%20Premium%20Hosting&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F2FEGZXGVV>m=2oe9s0&_p=1165943092&cid=1712025060.1664727997&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664727997&sct=1&seg=0&dl=https%3A%2F%2Fbloxy.pro%2F&dt=Bloxy.Pro%20-%20Free%20Premium%20Hosting&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://bloxy.pro
date: Sun, 02 Oct 2022 16:26:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4435059955275558
142.250.74.162200 OK 55 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4435059955275558
IP 142.250.74.162:0
File type ASCII text, with very long lines (2910)
Hash d54146ba563adeaf46cf655ed5e1fe69
5b308d8f595d5ae37b6e0ce583839327c0f0913d
4ae3a51c1e5ff09830d5b213eccd61a5b01e0c17ca00f78c487c5f93f4017a9a
GET /pagead/js/adsbygoogle.js?client=ca-pub-4435059955275558 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sun, 02 Oct 2022 16:26:37 GMT
expires: Sun, 02 Oct 2022 16:26:37 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11454531397469384919
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54627
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c120ef4802f4eb64e93225496ba6944a
cdebb30349fa79f7ddb7d13aac47735565ac0ba2
1bcd7dc722018962f16783f0f888742a7926c0a7e466deef174f0f4fc5eb4a4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5167
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:26:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5167
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:26:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5167
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:26:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5167
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:26:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b11c8ecfed53e302ab48fa5f757513a4
b3cb36455b3cb0a160c705958add6c422a0a48a2
fb66239038dddd134d3c5c7a656c91c57737bc784fabefe15a5ef2981e68e2b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 4ea2bfb1-fc99-4777-aa98-0605d4a704ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpmEBlIAMFj2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-039358f5691f895941f485fd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l0e62S36B9SFUKCi0WA22gXNhfdCLjqD7c3cg_I_Y8-OVKkfwiJFgQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:25:06 GMT
etag: "b3cb36455b3cb0a160c705958add6c422a0a48a2"
content-type: image/jpeg
age: 64892
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 67081
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 42338
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 67082
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 67085
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91d14136-4e81-4e18-80ca-f688f18110b7.png
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91d14136-4e81-4e18-80ca-f688f18110b7.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c43e8f8caa27091b10fc006c309e96
377251ce16059a304e1ada7e7bdade2eee86bfdb
81d98f635686a13e149a86149db28f794097b35fc0b7af82beb0199edfc82a38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91d14136-4e81-4e18-80ca-f688f18110b7.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9073
x-amzn-requestid: 6337e85e-904c-4346-b11d-1cf213eba1a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8EyIIAMF_Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-05c231ba25850508201eda0d;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2WCasBR9fFvqGZ61uURK1W4vhzCBO81FTvpSCs6eKH8HBClVUFybpQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:26 GMT
etag: "377251ce16059a304e1ada7e7bdade2eee86bfdb"
content-type: image/jpeg
age: 67092
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4f94a2722366412417efbb65aa368b8
f2942fbd2a6f0326f99c3a271de2dab12c881b15
97805013c570f1c9ad0158d99dfc6f521628bfb4b72a2a5d79526ec7b04df2f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3959239fe93cc41b701cbce99e546170
1ce0c0d216fd2a4eccd12b87b765b7593ad560dc
b12fecab79eb348a730bf255623a86305606a803b595998a050f0458966e8106
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=bloxy.pro
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=bloxy.pro
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bloxy.pro HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 16:26:39 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=bloxy.pro&callback=_gfp_s_&client=ca-pub-4435059955275558
172.217.21.162200 OK 199 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=bloxy.pro&callback=_gfp_s_&client=ca-pub-4435059955275558
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 30e6c48e7a815e7d94d9c67f58193e93
d413585c8e46157a567dc5a77b1de245d608220b
32e93f7db444fac17d4dc42a8279fd2e65bdb023612cfb648e6d4d4dca005c0d
GET /gampad/cookie.js?domain=bloxy.pro&callback=_gfp_s_&client=ca-pub-4435059955275558 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 16:26:39 GMT
server: cafe
cache-control: private
content-length: 199
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=bloxy.pro
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=bloxy.pro
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bloxy.pro HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 16:26:39 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b8bbcf8d1aa0bb18cc23dea324f56b77
6ed68a9b076fb1abd3c435ffc89a3ca8633e1a54
fe44bf96466d2c41c6c1efba56e6e2a29b98e1e33ebaabf18d95ef5901acfee2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4f94a2722366412417efbb65aa368b8
f2942fbd2a6f0326f99c3a271de2dab12c881b15
97805013c570f1c9ad0158d99dfc6f521628bfb4b72a2a5d79526ec7b04df2f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d02925f5fccd56002a03d09aa37c055c
800956d1472fb24009a55c1c357af2e993315d04
62c4a277d8742a7750b0eb382fff973dae56e2e19a134e5a99f318cac64979a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62C4A277D8742A7750B0EB382FFF973DAE56E2E19A134E5A99F318CAC64979A9"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8814
Expires: Sun, 02 Oct 2022 18:53:33 GMT
Date: Sun, 02 Oct 2022 16:26:39 GMT
Connection: keep-alive
pl17769863.profitablegatetocontent.com/e4640b19c7743ace207ad985fd7823c0/invoke.js
192.243.61.225200 OK 9.3 kB URL HTTP/1.1 pl17769863.profitablegatetocontent.com/e4640b19c7743ace207ad985fd7823c0/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25102), with no line terminators
Hash e3162219d48adeb8b314edc3911436fd
0f2edb97117bec144d55f99d03dfa2d502d66ac3
e276450b4aa571d551edb653a059add333bcc3783913e66034beaf3ec13f045c
Analyzer Verdict Alert quad9 Sinkholed
GET /e4640b19c7743ace207ad985fd7823c0/invoke.js HTTP/1.1
Host: pl17769863.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:26:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a9611a105e30b925708aff4b932147c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
108.138.212.113200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.138.212.113:0
Hash 606c558669146ba6d99d416b814455a8
9c49aea5039dcfdf01abba48f538350cf87f05ab
83b80756cb4f138174ba1020c487b4d10b6153bc994aba5b2d2ada322892da55
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 16:26:39 GMT
Last-Modified: Sun, 02 Oct 2022 16:15:20 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 7cb11ed28173c541fc01b012ea9b85aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: _Wxr5n9I7mdSJ-WqokcL-kDxct6W3cG67snh6DF2HhnbOK_JbthQUw==
Age: 679
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 5b2a4d6713a158b934c1b56b1ca6ee8b
db1cee1297fc3154181ef14efac8d8c7dab3d882
79d7ad3c2e1ffcf6598a6ba841c8f0d4ad80a9620b64cd9a4ce641f0487ffec5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://bloxy.pro
access-control-allow-credentials: true
set-cookie: uid_id2=cc602c8d-b7f0-4780-965f-ab2b853808f1:1:1; expires=Wed, 29 Sep 2032 16:26:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 965dbe069e3e58a25ce2427c194b4ae9
09a16433f504264c2ded38873043e3c9372aca87
504e63d35987f4dfffb0fdf25db56d0c9bfd1df7396f7375e468bfdfd137a71a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "504E63D35987F4DFFFB0FDF25DB56D0C9BFD1DF7396F7375E468BFDFD137A71A"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2468
Expires: Sun, 02 Oct 2022 17:07:48 GMT
Date: Sun, 02 Oct 2022 16:26:40 GMT
Connection: keep-alive
familiarkindlyshuffle.com/ntv.json?key=e4640b19c7743ace207ad985fd7823c0&vstc=4
192.243.61.225200 OK 17 kB URL HTTP/1.1 familiarkindlyshuffle.com/ntv.json?key=e4640b19c7743ace207ad985fd7823c0&vstc=4
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16913), with no line terminators
Hash dae43df47a03a3b026db2a8fe58f6a64
0e9e025cf1ae4a8d9e6daa633f2160c2ac6ce197
c1728b864017c30336b52116912a33b3620f393e5e10f0e2f94869a872ada18c
GET /ntv.json?key=e4640b19c7743ace207ad985fd7823c0&vstc=4 HTTP/1.1
Host: familiarkindlyshuffle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:26:40 GMT
Content-Type: application/json
Content-Length: 16913
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bloxy.pro
Access-Control-Allow-Origin: https://bloxy.pro
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17669364; expires=Mon, 03 Oct 2022 16:26:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 03 Oct 2022 16:26:40 GMT; secure; SameSite=None
uncs=1; expires=Mon, 03 Oct 2022 16:26:40 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 03 Oct 2022 16:26:40 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 03 Oct 2022 16:26:40 GMT; secure; SameSite=None
nlece4640b19c7743ace207ad985fd7823c0=[2229337,2229333,2019380,2229329]; expires=Sun, 02 Oct 2022 16:26:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c47f3a804d53ba2abffb655f7f50198
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.85.229200 OK 54 kB URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (32014)
Hash ea53ffc3c20542881a2735a62c0426d7
365e24ffd4a54e4c019a47c94204ad90a8538eb5
e4f801f6cd7462489966e441ff53795823a607656497f9d0ce8cbfc08f6c7448
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 02 Oct 2022 16:26:40 GMT
age: 16874357
x-served-by: cache-fra19156-FRA, cache-bma1621-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2
familiarkindlyshuffle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3p2DRBb8sRcvyyAsKMiku2fSPeOiizFmCcbN%2FnBRT1JdVTMpU93VVHVPT3IKLsge5%2BBF8dD5Jtm4uoiexWWZLCwSFDMXycH8Cx6UxaP0GBx9UPW%2BV993%2BN579clOfkJc5PR46R29JZWi8wsNt%2F7S%2B553qb4qk3xQH7SDD4PWpbrpv9oJGu7L9SuCbeh53%2FVc13O9%2BrI0oqsH8xUJmd7veI2O22j5DW%2BhhYH5f21zB5Y64P0T8hwkn9QeOech2RhJ%2FO2SsBuZTl95K84VzbRBn%2B%2FfSjYSXSSIZ7BrHHST%2FVM1tD1afgCd7E3tQvf%2FFUZyQpzHDxAl%2B6cmEfV3pz4jBZEg4k%2Bj6I8h1BiSjsH0bUh%2BRADGcXUNSXz3qjYF3fyHpRU7IbUnf0AWE1L77TyS%2BJtFJQf1m1rlmdSJxaBbQg7GkL0x0vwA2dYZyOIALPsYkv9M5p%2BsIol316zSkLyc9i7lGLI7hhJDUOsgr450kHcd5KmDmB%2FXmed5ocsZddsdxpo8FFHAXY%2BGXY96btBGzip7Q2TpEEwNwcw2UrONDTmEyR%2FCrpew3IHNJsS5vo0%2BL1EIgsISFJSgkARFRlD0yz2urG%2FLu1zZPPJOs3%2Bam%2BVIZ70duqeznkjITnpCnq3m4pz74k9siOO6aAUtN%2FI6LAxbTcqE74aUd9oLXR62%2FSZzYWUJac9MW92SE3Lh9S%2BRygl56so5RPQAVh2AyYuguQdajELfBV0ftdoutpJ7kdKDzUZqNLgukWY1ZJvOjjohL0yX82LtAwh2ePnx3Gvp6Nc5MFMiNSU%2Bko8IeurO6IYuyO4NXVjy3VqayVhu0WpxNzOaibNfvS02C234ypId3nuDVUQF778rbLZKEy6TniVfL0rOhVnWhgnyw4p9T0TXcru%2BmJskT1evvbm8EqdGWCt1MgaVR2t%2FgckJqV18fvojn%2Fnpd0gzhslLxPkhOQ1IfQCWbsOmM%2FdWn4VRM02UOijycmT8aPaoJIESs5pGJex%2F6miGd%2Bwd9IwPmt1GEpfomxJ9VYKqIWw%2BN8pSc3j5x8%2Bq%2BByRqo0iZWq7kTLq0%2Bloq%2BvWhFz4pVWh67DyuB42my4NOgteGFIRRi2%2F3Q08TqnfCvwgoE1kdsI63z%2F8GwAA%2F%2F8BAAD%2F%2FzLgCSJrBAAA
192.243.61.225200 OK 11 kB URL HTTP/1.1 familiarkindlyshuffle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3p2DRBb8sRcvyyAsKMiku2fSPeOiizFmCcbN%2FnBRT1JdVTMpU93VVHVPT3IKLsge5%2BBF8dD5Jtm4uoiexWWZLCwSFDMXycH8Cx6UxaP0GBx9UPW%2BV993%2BN579clOfkJc5PR46R29JZWi8wsNt%2F7S%2B553qb4qk3xQH7SDD4PWpbrpv9oJGu7L9SuCbeh53%2FVc13O9%2BrI0oqsH8xUJmd7veI2O22j5DW%2BhhYH5f21zB5Y64P0T8hwkn9QeOech2RhJ%2FO2SsBuZTl95K84VzbRBn%2B%2FfSjYSXSSIZ7BrHHST%2FVM1tD1afgCd7E3tQvf%2FFUZyQpzHDxAl%2B6cmEfV3pz4jBZEg4k%2Bj6I8h1BiSjsH0bUh%2BRADGcXUNSXz3qjYF3fyHpRU7IbUnf0AWE1L77TyS%2BJtFJQf1m1rlmdSJxaBbQg7GkL0x0vwA2dYZyOIALPsYkv9M5p%2BsIol316zSkLyc9i7lGLI7hhJDUOsgr450kHcd5KmDmB%2FXmed5ocsZddsdxpo8FFHAXY%2BGXY96btBGzip7Q2TpEEwNwcw2UrONDTmEyR%2FCrpew3IHNJsS5vo0%2BL1EIgsISFJSgkARFRlD0yz2urG%2FLu1zZPPJOs3%2Bam%2BVIZ70duqeznkjITnpCnq3m4pz74k9siOO6aAUtN%2FI6LAxbTcqE74aUd9oLXR62%2FSZzYWUJac9MW92SE3Lh9S%2BRygl56so5RPQAVh2AyYuguQdajELfBV0ftdoutpJ7kdKDzUZqNLgukWY1ZJvOjjohL0yX82LtAwh2ePnx3Gvp6Nc5MFMiNSU%2Bko8IeurO6IYuyO4NXVjy3VqayVhu0WpxNzOaibNfvS02C234ypId3nuDVUQF778rbLZKEy6TniVfL0rOhVnWhgnyw4p9T0TXcru%2BmJskT1evvbm8EqdGWCt1MgaVR2t%2FgckJqV18fvojn%2Fnpd0gzhslLxPkhOQ1IfQCWbsOmM%2FdWn4VRM02UOijycmT8aPaoJIESs5pGJex%2F6miGd%2Bwd9IwPmt1GEpfomxJ9VYKqIWw%2BN8pSc3j5x8%2Bq%2BByRqo0iZWq7kTLq0%2Bloq%2BvWhFz4pVWh67DyuB42my4NOgteGFIRRi2%2F3Q08TqnfCvwgoE1kdsI63z%2F8GwAA%2F%2F8BAAD%2F%2FzLgCSJrBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash fd9717f7f38f7085b49362e3366b28b1
07992831eb7a86a5854c47d9a94add3010b5caad
17508f8a0b6f54f426a347752c3145be7674de2c84920a3076123dbcde3d756a
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3p2DRBb8sRcvyyAsKMiku2fSPeOiizFmCcbN%2FnBRT1JdVTMpU93VVHVPT3IKLsge5%2BBF8dD5Jtm4uoiexWWZLCwSFDMXycH8Cx6UxaP0GBx9UPW%2BV993%2BN579clOfkJc5PR46R29JZWi8wsNt%2F7S%2B553qb4qk3xQH7SDD4PWpbrpv9oJGu7L9SuCbeh53%2FVc13O9%2BrI0oqsH8xUJmd7veI2O22j5DW%2BhhYH5f21zB5Y64P0T8hwkn9QeOech2RhJ%2FO2SsBuZTl95K84VzbRBn%2B%2FfSjYSXSSIZ7BrHHST%2FVM1tD1afgCd7E3tQvf%2FFUZyQpzHDxAl%2B6cmEfV3pz4jBZEg4k%2Bj6I8h1BiSjsH0bUh%2BRADGcXUNSXz3qjYF3fyHpRU7IbUnf0AWE1L77TyS%2BJtFJQf1m1rlmdSJxaBbQg7GkL0x0vwA2dYZyOIALPsYkv9M5p%2BsIol316zSkLyc9i7lGLI7hhJDUOsgr450kHcd5KmDmB%2FXmed5ocsZddsdxpo8FFHAXY%2BGXY96btBGzip7Q2TpEEwNwcw2UrONDTmEyR%2FCrpew3IHNJsS5vo0%2BL1EIgsISFJSgkARFRlD0yz2urG%2FLu1zZPPJOs3%2Bam%2BVIZ70duqeznkjITnpCnq3m4pz74k9siOO6aAUtN%2FI6LAxbTcqE74aUd9oLXR62%2FSZzYWUJac9MW92SE3Lh9S%2BRygl56so5RPQAVh2AyYuguQdajELfBV0ftdoutpJ7kdKDzUZqNLgukWY1ZJvOjjohL0yX82LtAwh2ePnx3Gvp6Nc5MFMiNSU%2Bko8IeurO6IYuyO4NXVjy3VqayVhu0WpxNzOaibNfvS02C234ypId3nuDVUQF778rbLZKEy6TniVfL0rOhVnWhgnyw4p9T0TXcru%2BmJskT1evvbm8EqdGWCt1MgaVR2t%2FgckJqV18fvojn%2Fnpd0gzhslLxPkhOQ1IfQCWbsOmM%2FdWn4VRM02UOijycmT8aPaoJIESs5pGJex%2F6miGd%2Bwd9IwPmt1GEpfomxJ9VYKqIWw%2BN8pSc3j5x8%2Bq%2BByRqo0iZWq7kTLq0%2Bloq%2BvWhFz4pVWh67DyuB42my4NOgteGFIRRi2%2F3Q08TqnfCvwgoE1kdsI63z%2F8GwAA%2F%2F8BAAD%2F%2FzLgCSJrBAAA HTTP/1.1
Host: familiarkindlyshuffle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Cookie: u_pl=17669364; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlece4640b19c7743ace207ad985fd7823c0=[2229337,2229333,2019380,2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:26:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c69bf1d524a59db5af9db05cd5d818f
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab57c388b9a191ad382f6cc4772f3d4c
37c632b7fbe7c4019afdacc3af1d14ebc81d2edb
580db6b0d7fdf10a9b718ee65dc5b59749d358719fec8530820425c0fc4833cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "580DB6B0D7FDF10A9B718EE65DC5B59749D358719FEC8530820425C0FC4833CF"
Last-Modified: Fri, 30 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9659
Expires: Sun, 02 Oct 2022 19:07:39 GMT
Date: Sun, 02 Oct 2022 16:26:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab57c388b9a191ad382f6cc4772f3d4c
37c632b7fbe7c4019afdacc3af1d14ebc81d2edb
580db6b0d7fdf10a9b718ee65dc5b59749d358719fec8530820425c0fc4833cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "580DB6B0D7FDF10A9B718EE65DC5B59749D358719FEC8530820425C0FC4833CF"
Last-Modified: Fri, 30 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9659
Expires: Sun, 02 Oct 2022 19:07:39 GMT
Date: Sun, 02 Oct 2022 16:26:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab57c388b9a191ad382f6cc4772f3d4c
37c632b7fbe7c4019afdacc3af1d14ebc81d2edb
580db6b0d7fdf10a9b718ee65dc5b59749d358719fec8530820425c0fc4833cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "580DB6B0D7FDF10A9B718EE65DC5B59749D358719FEC8530820425C0FC4833CF"
Last-Modified: Fri, 30 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9659
Expires: Sun, 02 Oct 2022 19:07:39 GMT
Date: Sun, 02 Oct 2022 16:26:40 GMT
Connection: keep-alive
bloxy.pro/site-data/plugins/pagelayer-pro/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium=%2Cchart.min.js%2Cpremium-frontend.js%2Cshuffle.min.js&ver=1.7.0
198.251.89.164200 OK 93 kB URL HTTP/2 bloxy.pro/site-data/plugins/pagelayer-pro/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium=%2Cchart.min.js%2Cpremium-frontend.js%2Cshuffle.min.js&ver=1.7.0
IP 198.251.89.164:0
Hash 4b6cedf86d9218e9a81dde324f1fa995
dd9f2b78919166972945c030f13b1b7b301dfcf1
cff37711504e3e42176a05097e1c41d96c58e695ed2dbe098e896651edebf23d
GET /site-data/plugins/pagelayer-pro/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium=%2Cchart.min.js%2Cpremium-frontend.js%2Cshuffle.min.js&ver=1.7.0 HTTP/1.1
Host: bloxy.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: text/javascript; charset: UTF-8;charset=UTF-8
cache-control: must-revalidate
last-modified: Tue, 23 Aug 2022 09:03:21 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
date: Sun, 02 Oct 2022 16:26:36 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 6ad4932c224640504facfcf7f7483f65
0e2f35737efe7f497f262555dff8d039d6896bc3
e4aff05242a709684f1b16b6072c1d2d318ae9529bc403e8d1a2d0f325892561
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:26:40 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4BAB8B22C44D1511D4D63B611EC92360E6634467"
Expires: Mon, 03 Oct 2022 03:00:00 GMT
Last-Modified: Sun, 02 Oct 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2066
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753ecd15bd9cb50c-OSL
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
172.67.38.66200 OK 60 kB URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
IP 172.67.38.66:0
File type ASCII text, with very long lines (65472)
Hash 1b11cf2069012646948540cc0989f0b2
eab10302908384dd549dffce1aab928849dee092
de5b91aafdc951529201d7677b34df657ba66ae50cea6a2f27a033eb594a3582
GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:40 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753ecd0ebf90fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:40 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Tue, 04 Oct 2022 16:26:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:40 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Tue, 04 Oct 2022 16:26:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
familiarkindlyshuffle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3p3DsrKCuhdBlkFYUZFJd8%2Bke8ZFF2PMEoyb%2FXFRT1JdVTMpU93VVHVPT3IKLsge5%2BBF8dD5Jtm4axA9i8syWVgkIGYukoO5e1YWj9JjMPqg6n2vvu%2Fwvffqs838iLjI6eH8e3pdKkVnZhtu%2FeUPPe9SfUkm%2BaA%2BaAcfB61LddN%2FvRM03FfqVwRb1TO%2B67mu53r1BWlEVw9mKhIy3e14jY7baPkNb7aFgfl%2FbXMHljrg%2FSPyLCSf1B455yHZGEn83bywq5lOX3snzhXNtEGf79xKVhNdJIhPYNc46CY7x2poe7DwADrZntqF7v8rjOSEOI8fIEp2jk0i6m9NfUYKIkHEn0LRH0OoMSQdg%2BnbkPyAAIzj6jKS%2BO5VbQq69g9LK3ZCak%2F%2BgCwmpPbbeSTxt3NKDuo3tcozqROLQbeEHIwhe2Ok%2BR6y9VOQxR5Y9ikk%2F5nMPFlCEm8tW6UheTntXcoxZHcMJYag1kFeHekg7zrIUwcxP6wzz%2FNClzPqtjuMNXkoooC7Hg27HvXcoI2cVfaGyNIhmBqCmQ2kZgOrcgiTP4RdKWG5A5tNiHN9A31eohAEhSUoKEEhCYqMoOiX21xZ35Z3ubJ55B1n%2Fzg3y5HOept0W2c9kZDN9Ig8U83FOffVn1gVh3XRClpu5HVYGLaalAnfDSnvtGe7PGz7TebCyhLSnpq2ui4n5MKbXyOVE3LmyjlEdA9W7YHJi6C5B1qMQt8FXRm12i7Wk3uR0oO1Rmo0uC6RZjVka86mOiLPT5dz4ZcWBNu%2F%2FPjsG%2Bno17NgpkRqSnwiHxH01J3RDV2QrRu6sOT75TSTsVyn1eJuZjQTp%2B%2B%2FK9YKbfjivB3ee4tVRAV33xc2W6IJl0nPkm%2FmJOfCLGjDBPlx0X4gomu5XZnLTZKnS9feXliMUyOslToZg8qD5b%2FA5ITULj43%2FZFPH7wKacYweYk43yfHAan3wNIN2HT%2F8v0Xds94L%2F0Oq0%2FDqBNNlJ5GkZcj40cnj0oSKHFS06iE%2FU8dneBNewc944Nmt5HEJfqmRF%2BVoGoIm58dZanZv%2FzTF1V8iUjVRpEyta1IGfX5hLxY%2B6i6bk2HXKHrsPKwHjabLg06s14YUhFGLb%2FdDTxOqd8K%2FCCgTWR2wjo%2FPPwbAAD%2F%2FwEAAP%2F%2FSEa4cWsEAAA%3D
192.243.61.225200 OK 4.5 kB URL HTTP/1.1 familiarkindlyshuffle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3p3DsrKCuhdBlkFYUZFJd8%2Bke8ZFF2PMEoyb%2FXFRT1JdVTMpU93VVHVPT3IKLsge5%2BBF8dD5Jtm4axA9i8syWVgkIGYukoO5e1YWj9JjMPqg6n2vvu%2Fwvffqs838iLjI6eH8e3pdKkVnZhtu%2FeUPPe9SfUkm%2BaA%2BaAcfB61LddN%2FvRM03FfqVwRb1TO%2B67mu53r1BWlEVw9mKhIy3e14jY7baPkNb7aFgfl%2FbXMHljrg%2FSPyLCSf1B455yHZGEn83bywq5lOX3snzhXNtEGf79xKVhNdJIhPYNc46CY7x2poe7DwADrZntqF7v8rjOSEOI8fIEp2jk0i6m9NfUYKIkHEn0LRH0OoMSQdg%2BnbkPyAAIzj6jKS%2BO5VbQq69g9LK3ZCak%2F%2BgCwmpPbbeSTxt3NKDuo3tcozqROLQbeEHIwhe2Ok%2BR6y9VOQxR5Y9ikk%2F5nMPFlCEm8tW6UheTntXcoxZHcMJYag1kFeHekg7zrIUwcxP6wzz%2FNClzPqtjuMNXkoooC7Hg27HvXcoI2cVfaGyNIhmBqCmQ2kZgOrcgiTP4RdKWG5A5tNiHN9A31eohAEhSUoKEEhCYqMoOiX21xZ35Z3ubJ55B1n%2Fzg3y5HOept0W2c9kZDN9Ig8U83FOffVn1gVh3XRClpu5HVYGLaalAnfDSnvtGe7PGz7TebCyhLSnpq2ui4n5MKbXyOVE3LmyjlEdA9W7YHJi6C5B1qMQt8FXRm12i7Wk3uR0oO1Rmo0uC6RZjVka86mOiLPT5dz4ZcWBNu%2F%2FPjsG%2Bno17NgpkRqSnwiHxH01J3RDV2QrRu6sOT75TSTsVyn1eJuZjQTp%2B%2B%2FK9YKbfjivB3ee4tVRAV33xc2W6IJl0nPkm%2FmJOfCLGjDBPlx0X4gomu5XZnLTZKnS9feXliMUyOslToZg8qD5b%2FA5ITULj43%2FZFPH7wKacYweYk43yfHAan3wNIN2HT%2F8v0Xds94L%2F0Oq0%2FDqBNNlJ5GkZcj40cnj0oSKHFS06iE%2FU8dneBNewc944Nmt5HEJfqmRF%2BVoGoIm58dZanZv%2FzTF1V8iUjVRpEyta1IGfX5hLxY%2B6i6bk2HXKHrsPKwHjabLg06s14YUhFGLb%2FdDTxOqd8K%2FCCgTWR2wjo%2FPPwbAAD%2F%2FwEAAP%2F%2FSEa4cWsEAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash 212b1fe154b3e10201dc3ddedd8dc5c2
dd4d20b6773633c294dd2d41110a4baad95cebbc
cbf2dc4db35e6a8b44c5509f4b4e7607c109f9740d609ea5d5fe0aa8c240d852
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3p3DsrKCuhdBlkFYUZFJd8%2Bke8ZFF2PMEoyb%2FXFRT1JdVTMpU93VVHVPT3IKLsge5%2BBF8dD5Jtm4axA9i8syWVgkIGYukoO5e1YWj9JjMPqg6n2vvu%2Fwvffqs838iLjI6eH8e3pdKkVnZhtu%2FeUPPe9SfUkm%2BaA%2BaAcfB61LddN%2FvRM03FfqVwRb1TO%2B67mu53r1BWlEVw9mKhIy3e14jY7baPkNb7aFgfl%2FbXMHljrg%2FSPyLCSf1B455yHZGEn83bywq5lOX3snzhXNtEGf79xKVhNdJIhPYNc46CY7x2poe7DwADrZntqF7v8rjOSEOI8fIEp2jk0i6m9NfUYKIkHEn0LRH0OoMSQdg%2BnbkPyAAIzj6jKS%2BO5VbQq69g9LK3ZCak%2F%2BgCwmpPbbeSTxt3NKDuo3tcozqROLQbeEHIwhe2Ok%2BR6y9VOQxR5Y9ikk%2F5nMPFlCEm8tW6UheTntXcoxZHcMJYag1kFeHekg7zrIUwcxP6wzz%2FNClzPqtjuMNXkoooC7Hg27HvXcoI2cVfaGyNIhmBqCmQ2kZgOrcgiTP4RdKWG5A5tNiHN9A31eohAEhSUoKEEhCYqMoOiX21xZ35Z3ubJ55B1n%2Fzg3y5HOept0W2c9kZDN9Ig8U83FOffVn1gVh3XRClpu5HVYGLaalAnfDSnvtGe7PGz7TebCyhLSnpq2ui4n5MKbXyOVE3LmyjlEdA9W7YHJi6C5B1qMQt8FXRm12i7Wk3uR0oO1Rmo0uC6RZjVka86mOiLPT5dz4ZcWBNu%2F%2FPjsG%2Bno17NgpkRqSnwiHxH01J3RDV2QrRu6sOT75TSTsVyn1eJuZjQTp%2B%2B%2FK9YKbfjivB3ee4tVRAV33xc2W6IJl0nPkm%2FmJOfCLGjDBPlx0X4gomu5XZnLTZKnS9feXliMUyOslToZg8qD5b%2FA5ITULj43%2FZFPH7wKacYweYk43yfHAan3wNIN2HT%2F8v0Xds94L%2F0Oq0%2FDqBNNlJ5GkZcj40cnj0oSKHFS06iE%2FU8dneBNewc944Nmt5HEJfqmRF%2BVoGoIm58dZanZv%2FzTF1V8iUjVRpEyta1IGfX5hLxY%2B6i6bk2HXKHrsPKwHjabLg06s14YUhFGLb%2FdDTxOqd8K%2FCCgTWR2wjo%2FPPwbAAD%2F%2FwEAAP%2F%2FSEa4cWsEAAA%3D HTTP/1.1
Host: familiarkindlyshuffle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Cookie: u_pl=17669364; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlece4640b19c7743ace207ad985fd7823c0=[2229337,2229333,2019380,2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:26:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e655d170eadc1183218ba21afcb3b994
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.9200 OK 25 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type Applesoft BASIC program data, first line number 17\012- data
Hash 25d3e17406532f77196145a426213cd3
3cc1196eea41e85530e31ccf467f0ae04e384b26
69d089c54ec5349d675d32f1f69bfbb21cd9a58d03fd3358649d72b9e9e1354a
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:40 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Tue, 04 Oct 2022 16:26:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
familiarkindlyshuffle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3Dj%2FxY8GMvXpZBWFCQSXfPpHvGRRdjzBKMm%2F1wUU9SXVUzKVPd1VR1T09yCi7IHufgRfHQeSbZuLqInsVlmSwsEhQzF8nB%2FAeelMWj9Gxw9IWq933reQ7P%2B7z1yU5%2BQlzk9HjpHb0llaLzCw23%2FtL7nnepviqTfFAftIMPg9aluum%2F2gka7sv1K4Jt6Hnf9VzXc736sjSiqwfzFQiZ3u94jY7baPkNb6GFgflvb3MHljrg%2FRPyHCSf1B455yHZGEn87ZKwG5lOX3krzhXNtEGf799KNhJdJIhnZdc46Cb7p2xoe7T8ADrZm8qF7v9DjOSEOI8fIEr2T0Ui6u9OdUYKIkHE%2F4%2BiP4ZQY0g6BtO3IfkRARjH1TUk8d2r2hR08ylKK3RCak%2F%2BgCwmpPbbeSTxN4tKDuo3tcozqROLQbeEHIwhe2Ok%2BQGyrTOQxQFY9jEk%2F5nMP1lFEu%2BuWaUheTmdXcoxZHcMJYag1kFeHekg7zrIUwcxP64zz%2FNClzPqtjuMNXkoooC7Hg27HvXcoI2cVfKGyNIhmBqCmW2kZhsbcgiTP4RdL2G5A5tNiHN9G31eohAEhSUoKEEhCYqMoOiXe1xZ35Z3ubJ55J1m%2FzQ3y5HOejt0T2c9kZCd9IQ8W%2FninPviT2yI47poBS038josDFtNyoTvhpR32gtdHrb9JnNhZQlpz0xH3ZITcuH1L5HKCfnflXOI6AGsOgCTF0FzD7QYhb4Luj5qtV1sJfcipQebjdRocF0izWrINp0ddUJemC7nxdp1CHZ4%2BfHca%2Bno1zkwUyI1JT6Sjwh66s7ohi7I7g1dWPLdWprJWG7RanE3M5qJs1%2B9LTYLbfjKkh3ee4NVQFXef1fYbJUmXCY9S75elJwLs6wNE%2BSHFfueiK7ldn0xN0merl57c3klTo2wVupkDCqP1v4CkxNSu%2Fj89Ec%2B89PvkGYMk5eI80NyGpD6ACzdhk1n6q0%2BC6NmnCitocjLkfGj2aOSBErMehqVsP%2Fqo1m9Y%2B%2BgZ3zQ7DaSuETflOirElQNYfO5UZaaw8s%2FflbF54hUbRQpU9uNlFGfVtZ%2BUF23JuTCL62nTlt5XA%2BbTZcGnQUvDKkIo5bf7gYep9RvBX4Q0CYyO2Gd7x%2F%2BDQAA%2F%2F8BAAD%2F%2F%2Fzn1HprBAAA
192.243.61.225200 OK 447 B URL HTTP/1.1 familiarkindlyshuffle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3Dj%2FxY8GMvXpZBWFCQSXfPpHvGRRdjzBKMm%2F1wUU9SXVUzKVPd1VR1T09yCi7IHufgRfHQeSbZuLqInsVlmSwsEhQzF8nB%2FAeelMWj9Gxw9IWq933reQ7P%2B7z1yU5%2BQlzk9HjpHb0llaLzCw23%2FtL7nnepviqTfFAftIMPg9aluum%2F2gka7sv1K4Jt6Hnf9VzXc736sjSiqwfzFQiZ3u94jY7baPkNb6GFgflvb3MHljrg%2FRPyHCSf1B455yHZGEn87ZKwG5lOX3krzhXNtEGf799KNhJdJIhnZdc46Cb7p2xoe7T8ADrZm8qF7v9DjOSEOI8fIEr2T0Ui6u9OdUYKIkHE%2F4%2BiP4ZQY0g6BtO3IfkRARjH1TUk8d2r2hR08ylKK3RCak%2F%2BgCwmpPbbeSTxN4tKDuo3tcozqROLQbeEHIwhe2Ok%2BQGyrTOQxQFY9jEk%2F5nMP1lFEu%2BuWaUheTmdXcoxZHcMJYag1kFeHekg7zrIUwcxP64zz%2FNClzPqtjuMNXkoooC7Hg27HvXcoI2cVfKGyNIhmBqCmW2kZhsbcgiTP4RdL2G5A5tNiHN9G31eohAEhSUoKEEhCYqMoOiXe1xZ35Z3ubJ55J1m%2FzQ3y5HOejt0T2c9kZCd9IQ8W%2FninPviT2yI47poBS038josDFtNyoTvhpR32gtdHrb9JnNhZQlpz0xH3ZITcuH1L5HKCfnflXOI6AGsOgCTF0FzD7QYhb4Luj5qtV1sJfcipQebjdRocF0izWrINp0ddUJemC7nxdp1CHZ4%2BfHca%2Bno1zkwUyI1JT6Sjwh66s7ohi7I7g1dWPLdWprJWG7RanE3M5qJs1%2B9LTYLbfjKkh3ee4NVQFXef1fYbJUmXCY9S75elJwLs6wNE%2BSHFfueiK7ldn0xN0merl57c3klTo2wVupkDCqP1v4CkxNSu%2Fj89Ec%2B89PvkGYMk5eI80NyGpD6ACzdhk1n6q0%2BC6NmnCitocjLkfGj2aOSBErMehqVsP%2Fqo1m9Y%2B%2BgZ3zQ7DaSuETflOirElQNYfO5UZaaw8s%2FflbF54hUbRQpU9uNlFGfVtZ%2BUF23JuTCL62nTlt5XA%2BbTZcGnQUvDKkIo5bf7gYep9RvBX4Q0CYyO2Gd7x%2F%2BDQAA%2F%2F8BAAD%2F%2F%2Fzn1HprBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash 341712e083070545bb43a93ad53055dd
eebb4da63fbcffb97ee1a4e048ab1311889415e8
0837aa695e0fcfa1303b04c0a5254c64da4b2b44c619dba2bcf82d764aae545d
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3Dj%2FxY8GMvXpZBWFCQSXfPpHvGRRdjzBKMm%2F1wUU9SXVUzKVPd1VR1T09yCi7IHufgRfHQeSbZuLqInsVlmSwsEhQzF8nB%2FAeelMWj9Gxw9IWq933reQ7P%2B7z1yU5%2BQlzk9HjpHb0llaLzCw23%2FtL7nnepviqTfFAftIMPg9aluum%2F2gka7sv1K4Jt6Hnf9VzXc736sjSiqwfzFQiZ3u94jY7baPkNb6GFgflvb3MHljrg%2FRPyHCSf1B455yHZGEn87ZKwG5lOX3krzhXNtEGf799KNhJdJIhnZdc46Cb7p2xoe7T8ADrZm8qF7v9DjOSEOI8fIEr2T0Ui6u9OdUYKIkHE%2F4%2BiP4ZQY0g6BtO3IfkRARjH1TUk8d2r2hR08ylKK3RCak%2F%2BgCwmpPbbeSTxN4tKDuo3tcozqROLQbeEHIwhe2Ok%2BQGyrTOQxQFY9jEk%2F5nMP1lFEu%2BuWaUheTmdXcoxZHcMJYag1kFeHekg7zrIUwcxP64zz%2FNClzPqtjuMNXkoooC7Hg27HvXcoI2cVfKGyNIhmBqCmW2kZhsbcgiTP4RdL2G5A5tNiHN9G31eohAEhSUoKEEhCYqMoOiXe1xZ35Z3ubJ55J1m%2FzQ3y5HOejt0T2c9kZCd9IQ8W%2FninPviT2yI47poBS038josDFtNyoTvhpR32gtdHrb9JnNhZQlpz0xH3ZITcuH1L5HKCfnflXOI6AGsOgCTF0FzD7QYhb4Luj5qtV1sJfcipQebjdRocF0izWrINp0ddUJemC7nxdp1CHZ4%2BfHca%2Bno1zkwUyI1JT6Sjwh66s7ohi7I7g1dWPLdWprJWG7RanE3M5qJs1%2B9LTYLbfjKkh3ee4NVQFXef1fYbJUmXCY9S75elJwLs6wNE%2BSHFfueiK7ldn0xN0merl57c3klTo2wVupkDCqP1v4CkxNSu%2Fj89Ec%2B89PvkGYMk5eI80NyGpD6ACzdhk1n6q0%2BC6NmnCitocjLkfGj2aOSBErMehqVsP%2Fqo1m9Y%2B%2BgZ3zQ7DaSuETflOirElQNYfO5UZaaw8s%2FflbF54hUbRQpU9uNlFGfVtZ%2BUF23JuTCL62nTlt5XA%2BbTZcGnQUvDKkIo5bf7gYep9RvBX4Q0CYyO2Gd7x%2F%2BDQAA%2F%2F8BAAD%2F%2F%2Fzn1HprBAAA HTTP/1.1
Host: familiarkindlyshuffle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Cookie: u_pl=17669364; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlece4640b19c7743ace207ad985fd7823c0=[2229337,2229333,2019380,2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:26:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c956ccb8aa11ac673d1a682e8d615f6
Strict-Transport-Security: max-age=0; includeSubdomains
familiarkindlyshuffle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3p2DRBb8sRcvyyAsKMiku2fSPeOiizFmCcbN%2FnBRT1JdVTMpU93VVHVPT3IKLsge5%2BBF8dB5k2xcXUTP4rJMFhYJipmL5GD%2BBC%2FK4lF6DI5%2B0Hzv6%2FcO73tffbKTnxAXOT1eekdvSaXo%2FELDrb%2F0vuddqq%2FKJB%2FUB%2B3gw6B1qW76r3aChvty%2FYpgG3redz3X9VyvviyN6OrBfEVCpvc7XqPjNlp%2Bw1toYWD%2BP9vcgaUOeP%2BEPAfJJ7VHznlINkYSf7sk7Eam01feinNFM23Q5%2Fu3ko1EFwniGewaB91k%2F1QNbY%2BWH0Ane1O70P1%2FhZGcEOfxA0TJ%2FqlJRP3dqc9IQSSI%2BNMo%2BmMINYakYzB9G5IfEYBxXF1DEt%2B9qk1BN%2F9hacVOSO3JH5DFhNR%2BO48k%2FmZRyUH9plZ5JnViMeiWkIMxZG%2BMND9AtnUGsjgAyz6G5D%2BT%2BSerSOLdNas0JC%2Bnu0s5huyOocQQ1DrIq086yLsO8tRBzI%2FrzPO80OWMuu0OY00eiijgrkfDrkc9N2gjZ5W9IbJ0CKaGYGYbqdnGhhzC5A9h10tY7sBmE%2BJc30aflygEQWEJCkpQSIIiIyj65R5X1rflXa5sHnmn3T%2FtzXKks94O3dNZTyRkJz0hz1a5OOe%2B%2BBMb4rguWkHLjbwOC8NWkzLhuyHlnfZCl4dtv8lcWFlC2jPTVbfkhFx4%2FUukckKeunIOET2AVQdg8iJo7oEWo9B3QddHrbaLreRepPRgs5EaDa5LpFkN2aazo07IC9PjvFi7BcEOLz%2Beey0d%2FToHZkqkpsRH8hFBT90Z3dAF2b2hC0u%2BW0szGcstWh3uZkYzcfart8VmoQ1fWbLDe2%2Bwiqjg%2FXeFzVZpwmXSs%2BTrRcm5MMvaMEF%2BWLHviehabtcXc5Pk6eq1N5dX4tQIa6VOxqDyaO0vMDkhtYvPT1%2FkMz%2F9DmnGMHmJOD8kpwWpD8DSbdh05t7qszBqponSMyjycmT8aPZTSQIlZjONStj%2FzNEM79g76BkfNLuNJC7RNyX6qgRVQ9h8bpSl5vDyj59V9TkiVRtFytR2I2XUp1W0H0zznZALv7QqdB1WHtfDZtOlQWfBC0Mqwqjlt7uBxyn1W4EfBLSJzE5Y5%2FuHfwMAAP%2F%2FAQAA%2F%2F9AKoAIawQAAA%3D%3D
192.243.61.225200 OK 23 kB URL HTTP/1.1 familiarkindlyshuffle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3p2DRBb8sRcvyyAsKMiku2fSPeOiizFmCcbN%2FnBRT1JdVTMpU93VVHVPT3IKLsge5%2BBF8dB5k2xcXUTP4rJMFhYJipmL5GD%2BBC%2FK4lF6DI5%2B0Hzv6%2FcO73tffbKTnxAXOT1eekdvSaXo%2FELDrb%2F0vuddqq%2FKJB%2FUB%2B3gw6B1qW76r3aChvty%2FYpgG3redz3X9VyvviyN6OrBfEVCpvc7XqPjNlp%2Bw1toYWD%2BP9vcgaUOeP%2BEPAfJJ7VHznlINkYSf7sk7Eam01feinNFM23Q5%2Fu3ko1EFwniGewaB91k%2F1QNbY%2BWH0Ane1O70P1%2FhZGcEOfxA0TJ%2FqlJRP3dqc9IQSSI%2BNMo%2BmMINYakYzB9G5IfEYBxXF1DEt%2B9qk1BN%2F9hacVOSO3JH5DFhNR%2BO48k%2FmZRyUH9plZ5JnViMeiWkIMxZG%2BMND9AtnUGsjgAyz6G5D%2BT%2BSerSOLdNas0JC%2Bnu0s5huyOocQQ1DrIq086yLsO8tRBzI%2FrzPO80OWMuu0OY00eiijgrkfDrkc9N2gjZ5W9IbJ0CKaGYGYbqdnGhhzC5A9h10tY7sBmE%2BJc30aflygEQWEJCkpQSIIiIyj65R5X1rflXa5sHnmn3T%2FtzXKks94O3dNZTyRkJz0hz1a5OOe%2B%2BBMb4rguWkHLjbwOC8NWkzLhuyHlnfZCl4dtv8lcWFlC2jPTVbfkhFx4%2FUukckKeunIOET2AVQdg8iJo7oEWo9B3QddHrbaLreRepPRgs5EaDa5LpFkN2aazo07IC9PjvFi7BcEOLz%2Beey0d%2FToHZkqkpsRH8hFBT90Z3dAF2b2hC0u%2BW0szGcstWh3uZkYzcfart8VmoQ1fWbLDe2%2Bwiqjg%2FXeFzVZpwmXSs%2BTrRcm5MMvaMEF%2BWLHviehabtcXc5Pk6eq1N5dX4tQIa6VOxqDyaO0vMDkhtYvPT1%2FkMz%2F9DmnGMHmJOD8kpwWpD8DSbdh05t7qszBqponSMyjycmT8aPZTSQIlZjONStj%2FzNEM79g76BkfNLuNJC7RNyX6qgRVQ9h8bpSl5vDyj59V9TkiVRtFytR2I2XUp1W0H0zznZALv7QqdB1WHtfDZtOlQWfBC0Mqwqjlt7uBxyn1W4EfBLSJzE5Y5%2FuHfwMAAP%2F%2FAQAA%2F%2F9AKoAIawQAAA%3D%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash fbe12035b9a105e0fd6c45782bf3c9b6
943b6130b83ac1bba8c0b1c855b3ca0fcf8534e0
b1ad79e2b93805742336dab65020dcf970ec966a9237888089c85424a5da39de
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3p2DRBb8sRcvyyAsKMiku2fSPeOiizFmCcbN%2FnBRT1JdVTMpU93VVHVPT3IKLsge5%2BBF8dB5k2xcXUTP4rJMFhYJipmL5GD%2BBC%2FK4lF6DI5%2B0Hzv6%2FcO73tffbKTnxAXOT1eekdvSaXo%2FELDrb%2F0vuddqq%2FKJB%2FUB%2B3gw6B1qW76r3aChvty%2FYpgG3redz3X9VyvviyN6OrBfEVCpvc7XqPjNlp%2Bw1toYWD%2BP9vcgaUOeP%2BEPAfJJ7VHznlINkYSf7sk7Eam01feinNFM23Q5%2Fu3ko1EFwniGewaB91k%2F1QNbY%2BWH0Ane1O70P1%2FhZGcEOfxA0TJ%2FqlJRP3dqc9IQSSI%2BNMo%2BmMINYakYzB9G5IfEYBxXF1DEt%2B9qk1BN%2F9hacVOSO3JH5DFhNR%2BO48k%2FmZRyUH9plZ5JnViMeiWkIMxZG%2BMND9AtnUGsjgAyz6G5D%2BT%2BSerSOLdNas0JC%2Bnu0s5huyOocQQ1DrIq086yLsO8tRBzI%2FrzPO80OWMuu0OY00eiijgrkfDrkc9N2gjZ5W9IbJ0CKaGYGYbqdnGhhzC5A9h10tY7sBmE%2BJc30aflygEQWEJCkpQSIIiIyj65R5X1rflXa5sHnmn3T%2FtzXKks94O3dNZTyRkJz0hz1a5OOe%2B%2BBMb4rguWkHLjbwOC8NWkzLhuyHlnfZCl4dtv8lcWFlC2jPTVbfkhFx4%2FUukckKeunIOET2AVQdg8iJo7oEWo9B3QddHrbaLreRepPRgs5EaDa5LpFkN2aazo07IC9PjvFi7BcEOLz%2Beey0d%2FToHZkqkpsRH8hFBT90Z3dAF2b2hC0u%2BW0szGcstWh3uZkYzcfart8VmoQ1fWbLDe2%2Bwiqjg%2FXeFzVZpwmXSs%2BTrRcm5MMvaMEF%2BWLHviehabtcXc5Pk6eq1N5dX4tQIa6VOxqDyaO0vMDkhtYvPT1%2FkMz%2F9DmnGMHmJOD8kpwWpD8DSbdh05t7qszBqponSMyjycmT8aPZTSQIlZjONStj%2FzNEM79g76BkfNLuNJC7RNyX6qgRVQ9h8bpSl5vDyj59V9TkiVRtFytR2I2XUp1W0H0zznZALv7QqdB1WHtfDZtOlQWfBC0Mqwqjlt7uBxyn1W4EfBLSJzE5Y5%2FuHfwMAAP%2F%2FAQAA%2F%2F9AKoAIawQAAA%3D%3D HTTP/1.1
Host: familiarkindlyshuffle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Cookie: u_pl=17669364; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlece4640b19c7743ace207ad985fd7823c0=[2229337,2229333,2019380,2229329]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:26:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d8a6526d45e56b5c3355c6d9c931ee1
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fba34f0dbfc897ab3e60882b380fa7b0
1a12761b7c0daf4189543d7ca04a2034d6720226
a72242124d90bb1a7aad3c92fa86450516244d5a7b69eb8058aa457c4ec32b3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 02 Oct 2022 16:26:41 GMT
expires: Sun, 02 Oct 2022 16:26:41 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 14:14:54 GMT
expires: Sun, 01 Oct 2023 14:14:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 94307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ceb7f2392dd816131e0001a76cb54e19
6416c2a788f016ff94f0a10616e443e47890e97f
517337577ada3f7f9e3da9c42ce722b5a760721d59a0404afdb2810fe252245e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash e909f9a5431e2fe00d0541823fb031e9
7d0f9426fe21ef3ebf7c2c2fbc265ea4e4beddc2
4661924947ff874451664ef4ad572a00e9defe824b62a2ae04f9e565ba96e0d8
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 02 Oct 2022 16:26:41 GMT
date: Sun, 02 Oct 2022 16:26:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-Jv08ziBRgVuGS77xQQRc1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e251a53-c5b8-4c0a-b486-8ef8a6fd4d77.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e251a53-c5b8-4c0a-b486-8ef8a6fd4d77.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6299d2938a1195b694844a0556a569b3
82123a6c3e74a7ff90b5db0cb8a333a64cefe71c
b65f713b3c94586b0d09a04b6873004d8cdfe6a13d364863fc1a6cd2d1ceac83
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e251a53-c5b8-4c0a-b486-8ef8a6fd4d77.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5503
x-amzn-requestid: e5e2b912-6deb-4736-b455-c9e37e1701ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgdHE-oAMFq3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cf-12a1f95320eadd1105daba75;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zHzIjHe7MqjqSn1ejlTA-tD_gJBAizq91U3sI_prwcx7Vx4ai4B0DQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:26 GMT
etag: "82123a6c3e74a7ff90b5db0cb8a333a64cefe71c"
content-type: image/jpeg
age: 67098
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:39 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753ecd0ebf8ffab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quicksand%3A400%2C500%2C700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Quicksand%3A400%2C500%2C700
IP 142.250.74.10:0
GET /css?family=Quicksand%3A400%2C500%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 16:26:36 GMT
date: Sun, 02 Oct 2022 16:26:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quicksand%3A400%2C500%2C700%2C600
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Quicksand%3A400%2C500%2C700%2C600
IP 142.250.74.10:0
GET /css?family=Quicksand%3A400%2C500%2C700%2C600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 16:26:36 GMT
date: Sun, 02 Oct 2022 16:26:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bloxy.pro/site-inc/js/wp-embed.min.js?ver=5.1.6
198.251.89.164200 OK 0 B URL HTTP/2 bloxy.pro/site-inc/js/wp-embed.min.js?ver=5.1.6
IP 198.251.89.164:0
GET /site-inc/js/wp-embed.min.js?ver=5.1.6 HTTP/1.1
Host: bloxy.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: application/javascript
cache-control: must-revalidate
last-modified: Tue, 23 Aug 2022 09:03:22 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
date: Sun, 02 Oct 2022 16:26:36 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:39 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"31ca85b2b61bb42db4e40c2e9429f7dc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753ecd0ecf9bfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bloxy.pro/
198.251.89.164200 OK 0 B IP 198.251.89.164:0
GET / HTTP/1.1
Host: bloxy.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-powered-by: SitePad
link: <https://bloxy.pro/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 02 Oct 2022 16:26:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
embed.tawk.to/6337495954f06e12d897cb9f/1ge7vd1os
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/6337495954f06e12d897cb9f/1ge7vd1os
IP 172.67.38.66:0
GET /6337495954f06e12d897cb9f/1ge7vd1os HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:37 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753eccfc98fefab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bloxy.pro/site-inc/js/jquery/jquery.js?ver=1.12.4
198.251.89.164200 OK 0 B URL HTTP/2 bloxy.pro/site-inc/js/jquery/jquery.js?ver=1.12.4
IP 198.251.89.164:0
GET /site-inc/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: bloxy.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: application/javascript
cache-control: must-revalidate
last-modified: Tue, 23 Aug 2022 09:03:22 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
date: Sun, 02 Oct 2022 16:26:36 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:39 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753ecd0edfaffab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:40 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753ecd0ecf98fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bloxy.pro
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:26:40 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"c262969ff89da8a8b3994883a0f57085"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 753ecd0ecf99fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bloxy.pro/site-inc/js/jquery/jquery-migrate.min.js?ver=1.4.1
198.251.89.164200 OK 0 B URL HTTP/2 bloxy.pro/site-inc/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 198.251.89.164:0
GET /site-inc/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: bloxy.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: application/javascript
cache-control: must-revalidate
last-modified: Tue, 23 Aug 2022 09:03:22 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
date: Sun, 02 Oct 2022 16:26:36 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quicksand%3A400%2C500%2C700&ver=1.7.0
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Quicksand%3A400%2C500%2C700&ver=1.7.0
IP 142.250.74.10:0
GET /css?family=Quicksand%3A400%2C500%2C700&ver=1.7.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bloxy.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 16:26:36 GMT
date: Sun, 02 Oct 2022 16:26:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2