ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash edb0c213685c28c266c093ac59c369b0
e0841c1928ee05cb6b2e1394c51ee33b51095d06
0224d0e9559dee969f319bbc8cb3def81a2d418d9f2ba72d60cd6830d1e6dee2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
216.58.207.193200 OK 57 kB URL User Request GET HTTP/2 mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
IP 216.58.207.193:443
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1443)
Hash 8cb1624a35f6aef6aceb4caded6ecbd8
5bde711be43131c53f33b122effb640ea38ddc48
a1699fe3a782ae869c6a73d8ca703958ad7355225b3eb7a164aaa28bc1ceae0c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2012/03/damages-season-2-rmvb-download_29.html HTTP/1.1
Host: mediafiremoviesheavens3.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 26 Sep 2023 08:46:21 GMT
date: Tue, 26 Sep 2023 08:46:21 GMT
cache-control: private, max-age=0
last-modified: Fri, 22 Sep 2023 07:24:35 GMT
etag: W/"7b7f701e2244200ba82344338a2a9a7e8ff05fd94b4ae497e6e7d307d8ae1441"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 56868
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash edb0c213685c28c266c093ac59c369b0
e0841c1928ee05cb6b2e1394c51ee33b51095d06
0224d0e9559dee969f319bbc8cb3def81a2d418d9f2ba72d60cd6830d1e6dee2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mediafiremoviesheavens3.blogspot.com/js/cookienotice.js
216.58.207.193200 OK 2.0 kB URL GET HTTP/3 mediafiremoviesheavens3.blogspot.com/js/cookienotice.js
IP 216.58.207.193:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/cookienotice.js HTTP/1.1
Host: mediafiremoviesheavens3.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 23:41:37 GMT
expires: Fri, 29 Sep 2023 23:41:37 GMT
cache-control: public, max-age=604800
last-modified: Fri, 22 Sep 2023 17:57:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 291884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash 1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash ca3afb7df10c01fb4a7514ea3f1493e1
7b234d99c8683384c389995c31d4b60b65ae8c53
d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (30596)
Hash e3f09df1bc175f411d1ec3dfb5afb17b
3994ec3efe3c2447e7bbfdd97bb7e190dd1658f9
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 11:21:39 GMT
expires: Fri, 20 Sep 2024 11:21:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Sep 2023 07:52:40 GMT
content-type: text/css
vary: Accept-Encoding
age: 422683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash ca3afb7df10c01fb4a7514ea3f1493e1
7b234d99c8683384c389995c31d4b60b65ae8c53
d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195 472 B IP 216.58.207.195:0
Hash 476eb0019c23b3142ba7995c52c66cf2
c242c01db30356e39a19f54c092d59b7a364c509
d1b863189e6dbec342904284cfa707d557d127d8bd0d14d2648de916efc504a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash 1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/562952797-widgets.js
216.58.207.233200 OK 160 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/562952797-widgets.js
IP 216.58.207.233:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2215)
Size 160 kB (160393 bytes)
Hash 0804e4c7fd72aea2ce34a04d9ec9686c
9f46bef1076230a1271d151a506fd1d91ae7df93
5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c
GET /static/v1/widgets/562952797-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 160393
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:21:50 GMT
expires: Thu, 19 Sep 2024 02:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 00:55:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 541472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
216.58.207.202200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
IP 216.58.207.202:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash e85aed5c30d734f1e30646e030d7a817
b8dcaa1c866905c0bdb0b70c8e564ff1c3fe27ad
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30082
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 07:33:38 GMT
expires: Wed, 25 Sep 2024 07:33:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 4364
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash 86f13e0e5bd629070766ef73e2a67867
ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d
3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
172.217.21.174200 OK 22 kB URL GET HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintB1:CC:B9:00:18:09:CE:C0:F7:B1:3F:29:95:6B:4A:93:CC:9A:19:0A
ValidityMon, 04 Sep 2023 08:23:36 GMT - Mon, 27 Nov 2023 08:23:35 GMT
File type ASCII text, with very long lines (2664)
Hash ce7e88034e2b1226294f3d7e515299c9
326b37908964a9f69460d42cb646716c9f1e86e1
08280e7af6518c3230f34d50cb9534b35c82fddd96138896e2608d9a12661bbe
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21949
date: Tue, 26 Sep 2023 08:46:22 GMT
expires: Tue, 26 Sep 2023 08:46:22 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "22f179323a7dd95a"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-ReE7lAB9IS0/UOI-sEV48qI/AAAAAAAADIA/jfHdNnzxmi8/s1600/feed.gif
142.250.74.161200 OK 14 kB URL GET HTTP/2 3.bp.blogspot.com/-ReE7lAB9IS0/UOI-sEV48qI/AAAAAAAADIA/jfHdNnzxmi8/s1600/feed.gif
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 32 x 32\012- data
Hash d75adab217c099b7725d6247a1295cbe
81fe042fb976dcaeb9d6d7b7e903ae35a6a32cf7
53fb29e0f89f973f693a70c08edcecd420f3612c2ef33aea8d7dca4150527e57
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-ReE7lAB9IS0/UOI-sEV48qI/AAAAAAAADIA/jfHdNnzxmi8/s1600/feed.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="feed.gif"
x-content-type-options: nosniff
server: fife
content-length: 14533
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:46:22 GMT
expires: Wed, 27 Sep 2023 08:46:22 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2265"
content-type: image/gif
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/_B05JwwXzC9M/TDPxG85UChI/AAAAAAAAMTc/GglDDtreE0Q/w72-h72-p-k-no-nu/64443505307006192964.png
142.250.74.161200 OK 2.2 kB URL GET HTTP/2 1.bp.blogspot.com/_B05JwwXzC9M/TDPxG85UChI/AAAAAAAAMTc/GglDDtreE0Q/w72-h72-p-k-no-nu/64443505307006192964.png
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 72 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash d4f4c131296075720920b8fed28551f0
e185101b29337795b442331c900d5e7e7a295495
3e1c2d977afdf634a1012b5b64d775a108eb36dee27f32c8624db7954083d374
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_B05JwwXzC9M/TDPxG85UChI/AAAAAAAAMTc/GglDDtreE0Q/w72-h72-p-k-no-nu/64443505307006192964.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="64443505307006192964.png"
x-content-type-options: nosniff
server: fife
content-length: 2245
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:46:22 GMT
expires: Wed, 27 Sep 2023 08:46:22 GMT
cache-control: public, max-age=86400, no-transform
etag: "v3137"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-rEaujHRr_U8/TjveU2Zx_YI/AAAAAAAAA2U/9EnA2ICoFCE/s320/damages-season-2-2009-r0-customized-tv-cd-cover-5684.jpg
142.250.74.161404 Not Found 832 B URL GET HTTP/2 1.bp.blogspot.com/-rEaujHRr_U8/TjveU2Zx_YI/AAAAAAAAA2U/9EnA2ICoFCE/s320/damages-season-2-2009-r0-customized-tv-cd-cover-5684.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-rEaujHRr_U8/TjveU2Zx_YI/AAAAAAAAA2U/9EnA2ICoFCE/s320/damages-season-2-2009-r0-customized-tv-cd-cover-5684.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:22 GMT
server: fife
content-length: 832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-LxgFP1T4nCE/USjEUxDNWII/AAAAAAAAU-g/xdM_wG2MuvY/w72-h72-p-k-no-nu/zillaghazibad.jpg
142.250.74.161200 OK 4.9 kB URL GET HTTP/2 2.bp.blogspot.com/-LxgFP1T4nCE/USjEUxDNWII/AAAAAAAAU-g/xdM_wG2MuvY/w72-h72-p-k-no-nu/zillaghazibad.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 4ff6b8010c48338fb240da4bac496d7f
8ae1b6eee31e0ea24ad64e2aca1e652d05835a4c
8d2d31eedc7c390fbabeec67a54b1bad5a0b0c62b9c3d407af171d6dc9649562
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-LxgFP1T4nCE/USjEUxDNWII/AAAAAAAAU-g/xdM_wG2MuvY/w72-h72-p-k-no-nu/zillaghazibad.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="zillaghazibad.jpg"
x-content-type-options: nosniff
server: fife
content-length: 4885
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:46:22 GMT
expires: Wed, 27 Sep 2023 08:46:22 GMT
cache-control: public, max-age=86400, no-transform
etag: "v53e8"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
216.58.207.233200 OK 6.8 kB URL GET HTTP/2 www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
IP 216.58.207.233:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2165)
Hash 49aad9405434d8887646881ecda8cf64
59bfe11a22024072043b6fc2562ce01b3d4b7344
d86e5bbbff2909f2cefcd5edbbb5b224660e76913e3872dc029758206955a8c6
GET /static/v1/jsbin/4235886812-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 02:12:58 GMT
expires: Tue, 24 Sep 2024 02:12:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Sep 2023 00:49:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 110004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-hLO9MT04MnY/URDxPAZVVII/AAAAAAAAE50/EO9WEMgRwKA/w72-h72-p-k-no-nu/IMe-Aur-Main-Poster.jpg
142.250.74.161404 Not Found 1.7 kB URL GET HTTP/2 1.bp.blogspot.com/-hLO9MT04MnY/URDxPAZVVII/AAAAAAAAE50/EO9WEMgRwKA/w72-h72-p-k-no-nu/IMe-Aur-Main-Poster.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-hLO9MT04MnY/URDxPAZVVII/AAAAAAAAE50/EO9WEMgRwKA/w72-h72-p-k-no-nu/IMe-Aur-Main-Poster.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:22 GMT
server: fife
content-length: 1742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash 86f13e0e5bd629070766ef73e2a67867
ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d
3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash 1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash 1b8f63e1630bbd6be040d68e13ca0618
25e70576f8242a2ab15d9b3be6c1081cb99e8f08
2ef98055ba99f5c37c6c55fefcea84202d934059e2581d7d2313eaab25df2f46
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 08:46:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 26 Sep 2023 03:05:02 GMT
Expires: Tue, 03 Oct 2023 03:05:01 GMT
Etag: "25e70576f8242a2ab15d9b3be6c1081cb99e8f08"
Cache-Control: max-age=584984,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80ca3c6d29e1568a-OSL
2.bp.blogspot.com/-ursbyyalHm0/UTuMRFtKtnI/AAAAAAAASxI/11PRnRuqMN0/w72-h72-p-k-no-nu/Saheb,+Biwi+aur+Gangster+Returns+Poster.jpg
142.250.74.161404 Not Found 1.7 kB URL GET HTTP/2 2.bp.blogspot.com/-ursbyyalHm0/UTuMRFtKtnI/AAAAAAAASxI/11PRnRuqMN0/w72-h72-p-k-no-nu/Saheb,+Biwi+aur+Gangster+Returns+Poster.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-ursbyyalHm0/UTuMRFtKtnI/AAAAAAAASxI/11PRnRuqMN0/w72-h72-p-k-no-nu/Saheb,+Biwi+aur+Gangster+Returns+Poster.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:22 GMT
server: fife
content-length: 1742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash 1b8f63e1630bbd6be040d68e13ca0618
25e70576f8242a2ab15d9b3be6c1081cb99e8f08
2ef98055ba99f5c37c6c55fefcea84202d934059e2581d7d2313eaab25df2f46
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 08:46:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 26 Sep 2023 03:05:02 GMT
Expires: Tue, 03 Oct 2023 03:05:01 GMT
Etag: "25e70576f8242a2ab15d9b3be6c1081cb99e8f08"
Cache-Control: max-age=584227,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80ca3c6d7a11568a-OSL
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash ca3afb7df10c01fb4a7514ea3f1493e1
7b234d99c8683384c389995c31d4b60b65ae8c53
d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-oyMFvYc0Jjc/UTKKOSUAwkI/AAAAAAAASbI/5YGVw6ophhA/w72-h72-p-k-no-nu/Kai+Po+Che+Poster.jpg
142.250.74.161404 Not Found 1.7 kB URL GET HTTP/2 2.bp.blogspot.com/-oyMFvYc0Jjc/UTKKOSUAwkI/AAAAAAAASbI/5YGVw6ophhA/w72-h72-p-k-no-nu/Kai+Po+Che+Poster.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-oyMFvYc0Jjc/UTKKOSUAwkI/AAAAAAAASbI/5YGVw6ophhA/w72-h72-p-k-no-nu/Kai+Po+Che+Poster.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:22 GMT
server: fife
content-length: 1742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-GUZ-9oUPLkw/UQtG5Xq-5JI/AAAAAAAAQ7M/qG0uK8EpYOs/w72-h72-p-k-no-nu/Murder-31.jpg
142.250.74.161200 OK 4.6 kB URL GET HTTP/2 1.bp.blogspot.com/-GUZ-9oUPLkw/UQtG5Xq-5JI/AAAAAAAAQ7M/qG0uK8EpYOs/w72-h72-p-k-no-nu/Murder-31.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a97cb444d909d41873a07d631e28fef3
021be5929a567f1050cf13080d0baf47b0ec3963
151ff5577da957a9988d2d4cb395f592db52a62edcda72dfceaa31646e7734de
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-GUZ-9oUPLkw/UQtG5Xq-5JI/AAAAAAAAQ7M/qG0uK8EpYOs/w72-h72-p-k-no-nu/Murder-31.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Murder-31.jpg"
x-content-type-options: nosniff
server: fife
content-length: 4592
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:46:22 GMT
expires: Wed, 27 Sep 2023 08:46:22 GMT
cache-control: public, max-age=86400, no-transform
etag: "v4a08"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash ca3afb7df10c01fb4a7514ea3f1493e1
7b234d99c8683384c389995c31d4b60b65ae8c53
d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195 472 B IP 216.58.207.195:0
Hash e5f9f802e548a076e6066ecff6aa5bbb
fb8dfabace38ae24e462d84eddc3d25b48b23a20
20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-xAWVh2q5VGA/UTQ-kQEV14I/AAAAAAAAR0Q/wFrP5WTgELw/w72-h72-p-k-no-nu/the-attacks-of-26-11_13602985390.jpg
142.250.74.161200 OK 4.2 kB URL GET HTTP/2 4.bp.blogspot.com/-xAWVh2q5VGA/UTQ-kQEV14I/AAAAAAAAR0Q/wFrP5WTgELw/w72-h72-p-k-no-nu/the-attacks-of-26-11_13602985390.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 47e1cf50e6cd2131b264ed02a184819c
94b374693d9fe8cd42a3f0143e18a753fa0902db
9a0c117560ad32bc54130e2360166e0815f7ccb5de8a8539ea9453bf5e3b0f3d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-xAWVh2q5VGA/UTQ-kQEV14I/AAAAAAAAR0Q/wFrP5WTgELw/w72-h72-p-k-no-nu/the-attacks-of-26-11_13602985390.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v4745"
expires: Wed, 27 Sep 2023 08:46:22 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="the-attacks-of-26-11_13602985390.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:22 GMT
server: fife
content-length: 4179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash 178dd930993366d9bb01d73e2960a0c5
8b316934e079b21ca97a190c864b937c00c677a6
41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.supercounters.com/map.js
172.104.29.90200 OK 4.2 kB URL GET HTTP/1.1 widget.supercounters.com/map.js
IP 172.104.29.90:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerSectigo Limited
Subject*.supercounters.com
FingerprintE8:89:54:DA:4C:96:E2:77:F7:4C:A8:58:6E:9F:9D:AC:0E:4E:81:63
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 21a58869d59ef039ba2e418f8b56615d
8f9154fc5f3f7464f1bf47f0394923f49cc982fd
abc0a986e3d9a910fd6dd72e97ce1dfd2a92e97e805a95ea449d0816115b3870
GET /map.js HTTP/1.1
Host: widget.supercounters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 26 Sep 2023 08:46:22 GMT
Content-Type: application/javascript
Content-Length: 4153
Last-Modified: Thu, 21 Jun 2018 08:31:27 GMT
Connection: keep-alive
ETag: "5b2b625f-1039"
Expires: Tue, 26 Sep 2023 08:56:22 GMT
Cache-Control: max-age=600
Accept-Ranges: bytes
4.bp.blogspot.com/-xhs4UlHrNXU/UTPsu1iQHQI/AAAAAAAASco/Oi7MweuS6MQ/w72-h72-p-k-no-nu/I,+Me+aur+Main+Poster.jpg
142.250.74.161404 Not Found 1.7 kB URL GET HTTP/2 4.bp.blogspot.com/-xhs4UlHrNXU/UTPsu1iQHQI/AAAAAAAASco/Oi7MweuS6MQ/w72-h72-p-k-no-nu/I,+Me+aur+Main+Poster.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-xhs4UlHrNXU/UTPsu1iQHQI/AAAAAAAASco/Oi7MweuS6MQ/w72-h72-p-k-no-nu/I,+Me+aur+Main+Poster.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:22 GMT
server: fife
content-length: 1742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.227200 OK 12 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.227:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 12276, version 1.0\012- data
Hash 964d69dfad99321462c6e739d5f71072
ab289c874c8a211c17b539f1161aec43e853c4a5
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediafiremoviesheavens3.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 04:06:50 GMT
expires: Wed, 25 Sep 2024 04:06:50 GMT
cache-control: public, max-age=31536000
age: 16772
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-_xeLHeThTg8/USk9sFd6D5I/AAAAAAAASLE/GYk7ijIuLZQ/w72-h72-p-k-no-nu/Jayantabhai+Ki+Luv+Story+Poster.jpg
142.250.74.161404 Not Found 1.7 kB URL GET HTTP/2 4.bp.blogspot.com/-_xeLHeThTg8/USk9sFd6D5I/AAAAAAAASLE/GYk7ijIuLZQ/w72-h72-p-k-no-nu/Jayantabhai+Ki+Luv+Story+Poster.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-_xeLHeThTg8/USk9sFd6D5I/AAAAAAAASLE/GYk7ijIuLZQ/w72-h72-p-k-no-nu/Jayantabhai+Ki+Luv+Story+Poster.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:22 GMT
server: fife
content-length: 1742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.supercounters.com/flag.js
172.104.29.90200 OK 14 kB URL GET HTTP/1.1 widget.supercounters.com/flag.js
IP 172.104.29.90:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerSectigo Limited
Subject*.supercounters.com
FingerprintE8:89:54:DA:4C:96:E2:77:F7:4C:A8:58:6E:9F:9D:AC:0E:4E:81:63
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (2641), with CRLF line terminators
Hash b4f4776a89638bf8304ddb2cd2cd5967
6be9550ff0b6c2be5dedf217aa759910803dea5d
274b400feae923e3dfb563a75ebfb9b0d07022b96565a6713a5e0871517f7861
GET /flag.js HTTP/1.1
Host: widget.supercounters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 26 Sep 2023 08:46:22 GMT
Content-Type: application/javascript
Content-Length: 13491
Last-Modified: Mon, 04 Jul 2022 08:19:22 GMT
Connection: keep-alive
ETag: "62c2a28a-34b3"
Expires: Tue, 26 Sep 2023 08:56:22 GMT
Cache-Control: max-age=600
Accept-Ranges: bytes
lh3.googleusercontent.com/blogger_img_proxy/ALY8t1u2JAxDAhPzG-aWjM8BYhFsNtSvyftiCci4uVQ8J2VnTkQFMmlIP_typDdfbXS6klBN7DsFrkvv2jAQTDhdxcLDbHW4gvnVJ-icESKINZdvaUKZaRoWeGTX2x9p25aafUJ9L4Xek4FKbGkmfKk8UqBr68jCIj330-tBBEzqq1w=s0-d
142.250.74.97200 OK 53 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1u2JAxDAhPzG-aWjM8BYhFsNtSvyftiCci4uVQ8J2VnTkQFMmlIP_typDdfbXS6klBN7DsFrkvv2jAQTDhdxcLDbHW4gvnVJ-icESKINZdvaUKZaRoWeGTX2x9p25aafUJ9L4Xek4FKbGkmfKk8UqBr68jCIj330-tBBEzqq1w=s0-d
IP 142.250.74.97:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 390x510, components 3\012- data
Hash 09b321eeae8612076efb71ca0a9e8850
6b1e1533f814c8061ce64f485069efd80ca03d30
51c2e36ca7f850cb1ff58bfbe6a54197144039686b347c3f469713c6bf988ade
GET /blogger_img_proxy/ALY8t1u2JAxDAhPzG-aWjM8BYhFsNtSvyftiCci4uVQ8J2VnTkQFMmlIP_typDdfbXS6klBN7DsFrkvv2jAQTDhdxcLDbHW4gvnVJ-icESKINZdvaUKZaRoWeGTX2x9p25aafUJ9L4Xek4FKbGkmfKk8UqBr68jCIj330-tBBEzqq1w=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Wed, 27 Sep 2023 08:46:22 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:22 GMT
server: fife
content-length: 52909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ALY8t1tZjKA039Z2DyrWxW4aB04qMA_5TW0vzJWvBPXvCx7lonFKUHTvLioEEVAp9I--mLZJq-gMxlNzzBJTAo_cSHBpLJ87wKpm3BMGfvyw-VFG3xNI8OkdLNnUisOPSpaxIAk=s0-d
142.250.74.97200 OK 16 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1tZjKA039Z2DyrWxW4aB04qMA_5TW0vzJWvBPXvCx7lonFKUHTvLioEEVAp9I--mLZJq-gMxlNzzBJTAo_cSHBpLJ87wKpm3BMGfvyw-VFG3xNI8OkdLNnUisOPSpaxIAk=s0-d
IP 142.250.74.97:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 228x267, components 3\012- data
Hash 0e6d3d38a003470b7c5db07ef755ee50
6f3d7025aa921bfb7d3c9044eb836f53e95d39a3
a30174bd7a3341e86a724f57f4b2353f561eb2966b7875f82ec2ddefbd09447e
GET /blogger_img_proxy/ALY8t1tZjKA039Z2DyrWxW4aB04qMA_5TW0vzJWvBPXvCx7lonFKUHTvLioEEVAp9I--mLZJq-gMxlNzzBJTAo_cSHBpLJ87wKpm3BMGfvyw-VFG3xNI8OkdLNnUisOPSpaxIAk=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Wed, 27 Sep 2023 08:46:22 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:22 GMT
server: fife
content-length: 16390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-oLB4_5OtwQs/Ts4PnM4VKAI/AAAAAAAAE7M/8O7ciJI-IBM/w72-h72-p-k-no-nu/Www.ChillnMasti.BlogSpot.Com.jpg
142.250.74.161200 OK 5.2 kB URL GET HTTP/2 1.bp.blogspot.com/-oLB4_5OtwQs/Ts4PnM4VKAI/AAAAAAAAE7M/8O7ciJI-IBM/w72-h72-p-k-no-nu/Www.ChillnMasti.BlogSpot.Com.jpg
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7e0c5ff967de7105de8889e3a4f3184d
9c55338ebc599b8324b1d0bb9f47703b81bb9021
5f3a53db6879dc865f32d0dbe5af3a2b0d5b98df34919f890bd541e9c345a435
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-oLB4_5OtwQs/Ts4PnM4VKAI/AAAAAAAAE7M/8O7ciJI-IBM/w72-h72-p-k-no-nu/Www.ChillnMasti.BlogSpot.Com.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Www.ChillnMasti.BlogSpot.Com.jpg"
x-content-type-options: nosniff
server: fife
content-length: 5179
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:46:22 GMT
expires: Wed, 27 Sep 2023 08:46:22 GMT
cache-control: public, max-age=86400, no-transform
etag: "v13b3"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash 178dd930993366d9bb01d73e2960a0c5
8b316934e079b21ca97a190c864b937c00c677a6
41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash 86f13e0e5bd629070766ef73e2a67867
ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d
3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 61 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (1503)
Hash 76cf20f34e61bb4ebd83ecf652268483
ff6c80fb175d247f11cceb99b7eb113f043c703b
34ed5573773da6701a325bf1c4ee50adbacab764a71e26efe12843e38bd7d438
GET /_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 60820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 17:31:14 GMT
expires: Tue, 24 Sep 2024 17:31:14 GMT
cache-control: public, max-age=31536000
age: 54908
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/dyn-css/authorization.css?targetBlogID=8909838110609411663&zx=c97da568-1f27-49e1-b75b-f72342328623
216.58.207.233200 OK 21 B URL GET HTTP/3 www.blogger.com/dyn-css/authorization.css?targetBlogID=8909838110609411663&zx=c97da568-1f27-49e1-b75b-f72342328623
IP 216.58.207.233:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=8909838110609411663&zx=c97da568-1f27-49e1-b75b-f72342328623 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 08:46:22 GMT
last-modified: Tue, 26 Sep 2023 08:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lh3.googleusercontent.com/blogger_img_proxy/ALY8t1t4MIllom71YZQb0EIJKrkK6gvBNHT5NEe-f4GJWy8zC4jdfhjCC34e1D1ViNeIHbKbEW8jcFlmFbFhzGssz6nrz5xAY-rokyN0V0Y-a8c=s0-d
142.250.74.97404 Not Found 1.7 kB URL GET HTTP/3 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1t4MIllom71YZQb0EIJKrkK6gvBNHT5NEe-f4GJWy8zC4jdfhjCC34e1D1ViNeIHbKbEW8jcFlmFbFhzGssz6nrz5xAY-rokyN0V0Y-a8c=s0-d
IP 142.250.74.97:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 9b98d7b6f2f91ba126e1be895ccba35c
d6b3f81b4ab5b46c39e20d619918e9e17dcc3dca
31cf5ae8582522e84c3879388d7e170bd0f75e95342eeb69b5f5a0caaed216cf
GET /blogger_img_proxy/ALY8t1t4MIllom71YZQb0EIJKrkK6gvBNHT5NEe-f4GJWy8zC4jdfhjCC34e1D1ViNeIHbKbEW8jcFlmFbFhzGssz6nrz5xAY-rokyN0V0Y-a8c=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:23 GMT
server: fife
content-length: 1695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ALY8t1tVfhHyfFZ32oCP_Mm_FDSsubkhQbLsrUt7924dp66HZI0wJxmqj1WIYTCn7IVRaveuVKP01jOc2yPFhkzFz7j1snvHAWDwY3Mv9yhKk0E=s0-d
142.250.74.97404 Not Found 1.7 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1tVfhHyfFZ32oCP_Mm_FDSsubkhQbLsrUt7924dp66HZI0wJxmqj1WIYTCn7IVRaveuVKP01jOc2yPFhkzFz7j1snvHAWDwY3Mv9yhKk0E=s0-d
IP 142.250.74.97:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 3d4688f4d8071233bc3f6ff95bbddf8c
b4e694ff881df28a2138880c60fe702a8b7c88e8
52756a8484bb3af0bd4d1260ffffd61c9a973c71f70592422579898c22510978
GET /blogger_img_proxy/ALY8t1tVfhHyfFZ32oCP_Mm_FDSsubkhQbLsrUt7924dp66HZI0wJxmqj1WIYTCn7IVRaveuVKP01jOc2yPFhkzFz7j1snvHAWDwY3Mv9yhKk0E=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:23 GMT
server: fife
content-length: 1695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195 472 B IP 216.58.207.195:0
Hash cd6f8c3c552350293e3c86605ae8ad14
6904be42c4ee2d9a982a4ec21bb3a512f63ca324
fa9a0d3b702f2bc40bb0b6e2e13e172428128ece3cfff90b86e0882667097988
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.162200 OK 42 B URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.162:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash 7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Mon, 25 Sep 2023 09:56:03 GMT
expires: Mon, 09 Oct 2023 09:56:03 GMT
cache-control: public, max-age=1209600
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 82220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-iaTGAAMSBlA/UOI-2Knpn5I/AAAAAAAADI0/CTVj7C2F_Zs/s1600/rss.gif
142.250.74.161200 OK 14 kB URL GET HTTP/3 2.bp.blogspot.com/-iaTGAAMSBlA/UOI-2Knpn5I/AAAAAAAADI0/CTVj7C2F_Zs/s1600/rss.gif
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 16 x 16\012- data
Hash 8681f5f2660ef12c07144964df0f6f3f
6bcfa2ef7546ffa896f9845fe8cb60937c472580
ae67ae57ec3cad516d440ce38c9017e607c59bc18cbef15fba9ee8e7d3c31bd6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-iaTGAAMSBlA/UOI-2Knpn5I/AAAAAAAADI0/CTVj7C2F_Zs/s1600/rss.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rss.gif"
x-content-type-options: nosniff
server: fife
content-length: 13700
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:46:23 GMT
expires: Wed, 27 Sep 2023 08:46:23 GMT
cache-control: public, max-age=86400, no-transform
etag: "v225c"
content-type: image/gif
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-xo0UdXPlLFo/UOI-3cgYHFI/AAAAAAAADJA/Py5Uny_KQR4/s1600/search.gif
142.250.74.161200 OK 13 kB URL GET HTTP/3 1.bp.blogspot.com/-xo0UdXPlLFo/UOI-3cgYHFI/AAAAAAAADJA/Py5Uny_KQR4/s1600/search.gif
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 16 x 16\012- data
Hash 49614e6fc6f236ff64b7b14ec92dc168
fac1723f6e20c0957c706855a0181656097f584e
5504a923a669b0b0300982738af2d0e5c08a6277620c6837fe6df5b6902d0577
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-xo0UdXPlLFo/UOI-3cgYHFI/AAAAAAAADJA/Py5Uny_KQR4/s1600/search.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="search.gif"
x-content-type-options: nosniff
server: fife
content-length: 13401
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:46:23 GMT
expires: Wed, 27 Sep 2023 08:46:23 GMT
cache-control: public, max-age=86400, no-transform
etag: "v21a7"
content-type: image/gif
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/img/share_buttons_20_3.png
216.58.207.233200 OK 5.1 kB URL GET HTTP/3 www.blogger.com/img/share_buttons_20_3.png
IP 216.58.207.233:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 02:56:37 GMT
expires: Tue, 03 Oct 2023 02:56:37 GMT
cache-control: public, max-age=604800
last-modified: Tue, 26 Sep 2023 00:53:42 GMT
content-type: image/png
age: 20986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.googleapis.com/css?family=Oswald
142.250.74.106200 OK 14 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Oswald
IP 142.250.74.106:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type gzip compressed data, max compression\012- data
Hash eed3f433b85486613bda8bdb4ac195bf
bd6f1e63e21faf741f8612688200e6c92b46f0d3
90b32d42b248898d73acb3b8b89426eb1d5bef7aaeffc7faedbaffa602b71f48
GET /css?family=Oswald HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 26 Sep 2023 08:46:22 GMT
date: Tue, 26 Sep 2023 08:46:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-dMWChz-uN7Y/UOI-td5xEoI/AAAAAAAADIE/6pVqVWZC1Rw/s1600/folder.gif
142.250.74.161200 OK 13 kB URL GET HTTP/3 4.bp.blogspot.com/-dMWChz-uN7Y/UOI-td5xEoI/AAAAAAAADIE/6pVqVWZC1Rw/s1600/folder.gif
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 16 x 16\012- data
Hash 42668c90054117da8e2112b5d1b19c84
5e37e047fe705d4aa12661bee428dd86f2824463
78d572345d71b5f2b4a8820435f5d497c6533e712403ff2053afbd40a0a602a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-dMWChz-uN7Y/UOI-td5xEoI/AAAAAAAADIE/6pVqVWZC1Rw/s1600/folder.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v237f"
expires: Wed, 27 Sep 2023 08:46:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="folder.gif"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:23 GMT
server: fife
content-length: 13430
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
3.bp.blogspot.com/-84_mUPcSCO8/UOI-q7LqwNI/AAAAAAAADH0/lyUVmsHESDc/s1600/comment.gif
142.250.74.161200 OK 13 kB URL GET HTTP/3 3.bp.blogspot.com/-84_mUPcSCO8/UOI-q7LqwNI/AAAAAAAADH0/lyUVmsHESDc/s1600/comment.gif
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 16 x 16\012- data
Hash 6d02f307c46cd90a740808f0dc18efd6
e63bc9320b81d56ae2087175a33feded764c6e16
128e9e73f433ab736b48c1ce71bd02aff3f28a290b07fe73cb33ec08790d8c97
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-84_mUPcSCO8/UOI-q7LqwNI/AAAAAAAADH0/lyUVmsHESDc/s1600/comment.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v219e"
expires: Wed, 27 Sep 2023 08:46:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="comment.gif"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:23 GMT
server: fife
content-length: 13295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
service.supercounters.com/fc.php?id=163204&v=1&w=2&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&ref=&url=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com%2F2012%2F03%2Fdamages-season-2-rmvb-download_29.html&sw=1280&sh=1024&rand=50
172.104.29.90200 OK 1.0 kB URL GET HTTP/1.1 service.supercounters.com/fc.php?id=163204&v=1&w=2&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&ref=&url=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com%2F2012%2F03%2Fdamages-season-2-rmvb-download_29.html&sw=1280&sh=1024&rand=50
IP 172.104.29.90:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerSectigo Limited
Subject*.supercounters.com
FingerprintE8:89:54:DA:4C:96:E2:77:F7:4C:A8:58:6E:9F:9D:AC:0E:4E:81:63
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (1941), with CRLF line terminators
Hash 58257838ff42eefaacb0da081a11b2d4
4761f60773526a2877b873e594198056a330bd9f
6639acf4882ec4433ef79f209f7f9b17fcd8c6ffd9ba682fe750f596733e3169
GET /fc.php?id=163204&v=1&w=2&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&ref=&url=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com%2F2012%2F03%2Fdamages-season-2-rmvb-download_29.html&sw=1280&sh=1024&rand=50 HTTP/1.1
Host: service.supercounters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 26 Sep 2023 08:46:23 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Content-Encoding: gzip
3.bp.blogspot.com/-PZxiuxfcTPw/UOI-x1auGzI/AAAAAAAADIg/AUSrK2915jY/s1600/mail.gif
142.250.74.161200 OK 13 kB URL GET HTTP/3 3.bp.blogspot.com/-PZxiuxfcTPw/UOI-x1auGzI/AAAAAAAADIg/AUSrK2915jY/s1600/mail.gif
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 16 x 16\012- data
Hash d086cec4fd169eb66891b7d3e967132f
997c8acd3404779b2f12084ad54468c0b9a2c365
89cd822eca6340aecc42bdb34feaffc9171b33265f4f7ed82ade45b083599b5d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-PZxiuxfcTPw/UOI-x1auGzI/AAAAAAAADIg/AUSrK2915jY/s1600/mail.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="mail.gif"
x-content-type-options: nosniff
server: fife
content-length: 13430
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:46:23 GMT
expires: Wed, 27 Sep 2023 08:46:23 GMT
cache-control: public, max-age=86400, no-transform
etag: "v22a7"
content-type: image/gif
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
3.bp.blogspot.com/-FXZNRW8kv9k/UOI-4oRS_gI/AAAAAAAADJI/RcI7FPhs6lc/s1600/star.gif
142.250.74.161200 OK 13 kB URL GET HTTP/3 3.bp.blogspot.com/-FXZNRW8kv9k/UOI-4oRS_gI/AAAAAAAADJI/RcI7FPhs6lc/s1600/star.gif
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 11 x 11\012- data
Hash e0e57afdafcd3af11751012bc9acfe5d
84c657ffe89ecdee5e946c42279694d10c3d686b
99d0a60e7304c788dae6340697e1f38faff649773154ba52d95dfa014934b6bf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-FXZNRW8kv9k/UOI-4oRS_gI/AAAAAAAADJI/RcI7FPhs6lc/s1600/star.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="star.gif"
x-content-type-options: nosniff
server: fife
content-length: 13365
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:46:23 GMT
expires: Wed, 27 Sep 2023 08:46:23 GMT
cache-control: public, max-age=86400, no-transform
etag: "v21a1"
content-type: image/gif
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
216.58.207.195 472 B IP 216.58.207.195:0
Hash cd6f8c3c552350293e3c86605ae8ad14
6904be42c4ee2d9a982a4ec21bb3a512f63ca324
fa9a0d3b702f2bc40bb0b6e2e13e172428128ece3cfff90b86e0882667097988
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__
216.58.207.233 2.7 kB URL www.blogger.com/navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__
IP 216.58.207.233:0
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3170)
Hash 25dc95df670196131a125dc80469e7de
86cb51b9cc674eb9ac10b2c15a96371bd5d76f78
7fd0de0cd9addc8555b24337f1bda0e0562bbda820bf986be6a5a9b3d593a55d
GET /navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 08:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2685
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/anon36.png
216.58.207.233200 OK 1.7 kB URL GET HTTP/3 resources.blogblog.com/img/anon36.png
IP 216.58.207.233:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Hash 106b75877485647b4b5618523f541732
c19e26c01d2972a4c895c3688c735158785620c7
19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22
GET /img/anon36.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1654
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 10:34:20 GMT
expires: Thu, 28 Sep 2023 10:34:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 21 Sep 2023 05:54:19 GMT
content-type: image/png
age: 425523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.supercounters.com/fc.php?id=163202&w=4&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&ref=&url=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com%2F2012%2F03%2Fdamages-season-2-rmvb-download_29.html&title=Damages%20Season%202%20RMVB%20(Download)%20Mediafire%20~%20MediaFireMoviesHeaven&sw=1280&sh=1024&rand=63
188.114.97.1200 OK 82 kB URL GET HTTP/2 www.supercounters.com/fc.php?id=163202&w=4&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&ref=&url=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com%2F2012%2F03%2Fdamages-season-2-rmvb-download_29.html&title=Damages%20Season%202%20RMVB%20(Download)%20Mediafire%20~%20MediaFireMoviesHeaven&sw=1280&sh=1024&rand=63
IP 188.114.97.1:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectsupercounters.com
FingerprintB4:43:8B:82:F6:89:74:12:17:90:A5:2E:68:AE:73:38:4E:C0:5F:57
ValidityThu, 17 Aug 2023 08:01:08 GMT - Wed, 15 Nov 2023 08:01:07 GMT
File type ASCII text, with very long lines (10036), with CRLF line terminators
Hash 1f8421064c0d7841757a7aba61951a1a
65ab0d5b3be59cab06d4caf369b887393e713992
169deddbf80c95e8d0d5e0049bff8fafa2d482da0a7dcfe0fdb482d718954494
GET /fc.php?id=163202&w=4&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&ref=&url=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com%2F2012%2F03%2Fdamages-season-2-rmvb-download_29.html&title=Damages%20Season%202%20RMVB%20(Download)%20Mediafire%20~%20MediaFireMoviesHeaven&sw=1280&sh=1024&rand=63 HTTP/1.1
Host: www.supercounters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 26 Sep 2023 08:46:23 GMT
content-type: application/x-javascript
x-powered-by: PHP/7.4.13
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPuYXRq44TFxHObpSRBqcCBVpuvxotJhvKVIBJqRBI%2FE8HUuM1Esi3Q10RQnGae2V%2BkwnDl5DrNHbAIm6aZQ6%2FwTUPTCWxBZbOo94azAxZcY3ZdnMNJ2mZgqNnvUFbzfuSMFHfKqLaU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80ca3c716eda0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:24:26 GMT
expires: Fri, 20 Sep 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 408117
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform:gapi.iframes.style.common.js
172.217.21.174200 OK 22 kB URL GET HTTP/3 apis.google.com/js/platform:gapi.iframes.style.common.js
IP 172.217.21.174:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com&pfname=&rpctoken=10115617
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (2664)
Hash 5ea6889749e35d1997d3d7b45b526cbe
b2be66a88cda67c0d38638906a19d3502db702f2
f8f1efe1d0d52a96dff5f0e285975b33bc89f9093c51e50024fa4c1d3810041f
GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21959
date: Tue, 26 Sep 2023 08:46:23 GMT
expires: Tue, 26 Sep 2023 08:46:23 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "fb306044a1b24cfb"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/arrows-light.png
216.58.207.233200 OK 117 B URL GET HTTP/3 resources.blogblog.com/img/navbar/arrows-light.png
IP 216.58.207.233:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com&pfname=&rpctoken=10115617
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash 25c2b0cfe0ad4dcda4a0e3727d091d80
b9d16f4311e64648b7970baf00cb9841e3c3351b
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
GET /img/navbar/arrows-light.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 117
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 02:56:20 GMT
expires: Tue, 03 Oct 2023 02:56:20 GMT
cache-control: public, max-age=604800
last-modified: Mon, 25 Sep 2023 22:57:42 GMT
content-type: image/png
age: 21003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/icons_peach.png
216.58.207.233200 OK 907 B URL GET HTTP/3 resources.blogblog.com/img/navbar/icons_peach.png
IP 216.58.207.233:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com&pfname=&rpctoken=10115617
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type PNG image data, 46 x 20, 8-bit colormap, non-interlaced\012- data
Hash 3718077fe5eb689b0ded987a52881d06
f0ce5596ef43f850c400cbbc0556697fb3e7b232
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
GET /img/navbar/icons_peach.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 907
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 02:28:08 GMT
expires: Fri, 29 Sep 2023 02:28:08 GMT
cache-control: public, max-age=604800
last-modified: Thu, 21 Sep 2023 07:52:40 GMT
content-type: image/png
age: 368295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
216.58.207.233200 OK 100 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
IP 216.58.207.233:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2219)
Size 100 kB (100547 bytes)
Hash 3cdb4870b21c8e4d38a5b30c42aa0d9a
2ede4fdc86702f48075e13d55979ac50c86f6282
473a6e9577df0090b4278e67dd09b3289a2ad8012c943021ae3004592680d9a0
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 100547
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 03:31:27 GMT
expires: Tue, 24 Sep 2024 03:31:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 21 Sep 2023 09:09:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 105296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
216.58.207.233200 OK 26 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
IP 216.58.207.233:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (1127)
Hash 9d521c0e8dcad29fa327ebbb38c0d9e4
e0c5e89f59f02c570b1980e848100daa75b610ec
2d99177b99aa018f1661cb4c7d7754fb348ee6534b1f17654abcc004ab616afd
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 26107
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 03:31:27 GMT
expires: Tue, 24 Sep 2024 03:31:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 21 Sep 2023 09:09:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 105296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
216.58.207.233200 OK 6.3 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
IP 216.58.207.233:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2956)
Hash aab3eec27a63863983ef563f6b5e3623
b35ac17e42e8a9f9e9f4ce2d1eb507c85ddaea37
86b49b01ce953c0eaef4d727e5e0f445233a240e1453db4c245cd2c7093e7c10
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 6256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 03:51:51 GMT
expires: Tue, 24 Sep 2024 03:51:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 21 Sep 2023 09:09:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 104072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
216.58.207.233200 OK 687 B URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
IP 216.58.207.233:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (756)
Hash e5387c9503489157db32a5046e8fbb08
664bf1175d39346d71a8b49ec24d4e6db89eabb5
71b26750eb4f0a4686b3c1cdf99ea74fda9fa28fd135bf4a92535384fa86fd51
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 687
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 03:51:50 GMT
expires: Tue, 24 Sep 2024 03:51:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 21 Sep 2023 09:09:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 104073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lh3.googleusercontent.com/blogger_img_proxy/ALY8t1t4MIllom71YZQb0EIJKrkK6gvBNHT5NEe-f4GJWy8zC4jdfhjCC34e1D1ViNeIHbKbEW8jcFlmFbFhzGssz6nrz5xAY-rokyN0V0Y-a8c=s0-d
142.250.74.97404 Not Found 1.7 kB URL GET HTTP/3 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1t4MIllom71YZQb0EIJKrkK6gvBNHT5NEe-f4GJWy8zC4jdfhjCC34e1D1ViNeIHbKbEW8jcFlmFbFhzGssz6nrz5xAY-rokyN0V0Y-a8c=s0-d
IP 142.250.74.97:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 9b98d7b6f2f91ba126e1be895ccba35c
d6b3f81b4ab5b46c39e20d619918e9e17dcc3dca
31cf5ae8582522e84c3879388d7e170bd0f75e95342eeb69b5f5a0caaed216cf
GET /blogger_img_proxy/ALY8t1t4MIllom71YZQb0EIJKrkK6gvBNHT5NEe-f4GJWy8zC4jdfhjCC34e1D1ViNeIHbKbEW8jcFlmFbFhzGssz6nrz5xAY-rokyN0V0Y-a8c=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:24 GMT
server: fife
content-length: 1695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widget.supercounters.com/images/map/bg/112288/61.png
172.104.29.90200 OK 30 kB URL GET HTTP/1.1 widget.supercounters.com/images/map/bg/112288/61.png
IP 172.104.29.90:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerSectigo Limited
Subject*.supercounters.com
FingerprintE8:89:54:DA:4C:96:E2:77:F7:4C:A8:58:6E:9F:9D:AC:0E:4E:81:63
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type PNG image data, 256 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e5e80f91bc2ab0bafea3c09b8f79460
0de109067da783c6bb27a2a52ea46d1924116540
bce39e74672348248ca852969656ec90c5b748066ea0521f6a4efce55d3c3ff6
GET /images/map/bg/112288/61.png HTTP/1.1
Host: widget.supercounters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 26 Sep 2023 08:46:23 GMT
Content-Type: image/png
Content-Length: 30269
Last-Modified: Sat, 09 Jun 2012 07:51:05 GMT
Connection: keep-alive
ETag: "4fd30069-763d"
Expires: Thu, 26 Oct 2023 08:46:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.207.195 472 B IP 216.58.207.195:0
Hash e5f9f802e548a076e6066ecff6aa5bbb
fb8dfabace38ae24e462d84eddc3d25b48b23a20
20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.supercounters.com/images/flagsprites.png
172.104.29.90200 OK 69 kB URL GET HTTP/1.1 widget.supercounters.com/images/flagsprites.png
IP 172.104.29.90:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerSectigo Limited
Subject*.supercounters.com
FingerprintE8:89:54:DA:4C:96:E2:77:F7:4C:A8:58:6E:9F:9D:AC:0E:4E:81:63
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type PNG image data, 3904 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash 7f665c1e56c9d175693d1a7189bac02c
7622e57ba993537c385c285f7577a967b3e7a941
f5f7b1faf32c396ab4a0a1548547f6c7ff8037d1a7fb7d0ad633a3cbe2c0efe4
GET /images/flagsprites.png HTTP/1.1
Host: widget.supercounters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 26 Sep 2023 08:46:23 GMT
Content-Type: image/png
Content-Length: 69400
Last-Modified: Tue, 11 Apr 2017 07:31:00 GMT
Connection: keep-alive
ETag: "58ec8634-10f18"
Expires: Thu, 26 Oct 2023 08:46:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.207.195 472 B IP 216.58.207.195:0
Hash e5f9f802e548a076e6066ecff6aa5bbb
fb8dfabace38ae24e462d84eddc3d25b48b23a20
20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 45 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fmediafiremoviesheavens3.blogspot.com&pfname=&rpctoken=10115617
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (1503)
Hash 216b38745f3cce08ced4200dd91c83a4
3f6bd3ee5da23060e704e8116b5a0961e20a80bf
a8183085f79cc939053929846561337bf0b9287aedece2d7eb154a87e572bab1
GET /_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45424
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 17:31:16 GMT
expires: Tue, 24 Sep 2024 17:31:16 GMT
cache-control: public, max-age=31536000
age: 54908
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.14200 OK 0 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.14:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 26 Sep 2023 08:46:24 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+950; expires=Thu, 25-Sep-2025 08:46:24 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Sep 2023 08:46:24 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195 471 B IP 216.58.207.195:0
Hash e7134cb422275b42551f12abb2455400
8b74099ad1ead69313ef916dc21d4a5520ff1a19
45497c6514815f02fb020dd530afc1141f39d25156915345f9e942759ed52abe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 08:46:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.14200 OK 131 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.14:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 595
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 26 Sep 2023 08:46:24 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+543; expires=Thu, 25-Sep-2025 08:46:24 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Sep 2023 08:46:24 GMT
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ALY8t1tVfhHyfFZ32oCP_Mm_FDSsubkhQbLsrUt7924dp66HZI0wJxmqj1WIYTCn7IVRaveuVKP01jOc2yPFhkzFz7j1snvHAWDwY3Mv9yhKk0E=s0-d
142.250.74.97404 Not Found 1.7 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1tVfhHyfFZ32oCP_Mm_FDSsubkhQbLsrUt7924dp66HZI0wJxmqj1WIYTCn7IVRaveuVKP01jOc2yPFhkzFz7j1snvHAWDwY3Mv9yhKk0E=s0-d
IP 142.250.74.97:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 3d4688f4d8071233bc3f6ff95bbddf8c
b4e694ff881df28a2138880c60fe702a8b7c88e8
52756a8484bb3af0bd4d1260ffffd61c9a973c71f70592422579898c22510978
GET /blogger_img_proxy/ALY8t1tVfhHyfFZ32oCP_Mm_FDSsubkhQbLsrUt7924dp66HZI0wJxmqj1WIYTCn7IVRaveuVKP01jOc2yPFhkzFz7j1snvHAWDwY3Mv9yhKk0E=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:24 GMT
server: fife
content-length: 1695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widget.supercounters.com/images/map/dot/ff0000.png
172.104.29.90200 OK 255 B URL GET HTTP/1.1 widget.supercounters.com/images/map/dot/ff0000.png
IP 172.104.29.90:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerSectigo Limited
Subject*.supercounters.com
FingerprintE8:89:54:DA:4C:96:E2:77:F7:4C:A8:58:6E:9F:9D:AC:0E:4E:81:63
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type PNG image data, 7 x 7, 8-bit/color RGBA, non-interlaced\012- data
Hash 6cfc4105838fb0e93953795276259d23
75d94d845b30adebb8579715c5ab56e153407eb9
94301a8b574f785ce2ef201e81f8bb5adad388bd737d04473d5559b832efce67
GET /images/map/dot/ff0000.png HTTP/1.1
Host: widget.supercounters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 26 Sep 2023 08:46:24 GMT
Content-Type: image/png
Content-Length: 255
Last-Modified: Sun, 01 May 2022 08:36:35 GMT
Connection: keep-alive
ETag: "626e4693-ff"
Expires: Thu, 26 Oct 2023 08:46:24 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js
142.250.74.99200 OK 186 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js
IP 142.250.74.99:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (549)
Size 186 kB (185934 bytes)
Hash b9fa78b438652d549f20ad262bffa843
ac85e9636a3cf1c7a935ad2b1a7eeefcf2799feb
97ac5eba21b58460149454c9115b09ed01937650647fdcfe405d5d61d85b72e5
GET /recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 24 Sep 2023 22:49:49 GMT
expires: Mon, 23 Sep 2024 22:49:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 122195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mediafiremoviesheavens3.blogspot.com/2012/03/YOUR-FAVICON-URL
216.58.207.193404 Not Found 55 kB URL GET HTTP/3 mediafiremoviesheavens3.blogspot.com/2012/03/YOUR-FAVICON-URL
IP 216.58.207.193:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1443)
Hash 0f48911890b3d8af4e62b69942d98bc9
5fd514580f55057ea3f95f361baf748a7006a464
1f4b418cd5c67a334a1f1843d796f7836ae3bd36f1415eb4702bef05b9ebc244
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2012/03/YOUR-FAVICON-URL HTTP/1.1
Host: mediafiremoviesheavens3.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 08:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 54857
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
142.250.74.99200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
IP 142.250.74.99:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 07:00:04 GMT
expires: Wed, 25 Sep 2024 07:00:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
content-type: text/css
vary: Accept-Encoding
age: 6380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js
142.250.74.99200 OK 186 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js
IP 142.250.74.99:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (549)
Size 186 kB (185934 bytes)
Hash b9fa78b438652d549f20ad262bffa843
ac85e9636a3cf1c7a935ad2b1a7eeefcf2799feb
97ac5eba21b58460149454c9115b09ed01937650647fdcfe405d5d61d85b72e5
GET /recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 24 Sep 2023 22:49:49 GMT
expires: Mon, 23 Sep 2024 22:49:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 122195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.99200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.99:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 06:25:40 GMT
expires: Sat, 30 Sep 2023 06:25:40 GMT
cache-control: public, max-age=604800
age: 267644
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:24:26 GMT
expires: Fri, 20 Sep 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 408118
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 05:45:56 GMT
expires: Wed, 25 Sep 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 10829
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/webworker.js?hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ
142.250.74.164200 OK 186 kB URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ
IP 142.250.74.164:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (549)
Size 186 kB (186046 bytes)
Hash 409124cf4f07171dbe7fddcf76b0ba9d
e2f154abf1f925eb50ea051f166e5989e9206a88
73a5ef84d6b5b5ee0b99ca678d471d7f1c89921e8b7765e55dae4e3851d72a67
GET /recaptcha/api2/webworker.js?hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 08:46:25 GMT
date: Tue, 26 Sep 2023 08:46:25 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
216.58.207.233200 OK 1.7 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP 216.58.207.233:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (732)
Hash 6a92bf7f92642ac74286a97c6a430f3e
3c4362b637391ae82e585ed6b3ad814c1d430c4a
35650af323a65bb1152b8d353e83731f42eb578e79c735567b28ea957e5114ae
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/ck=boq-blogger.BloggerCommentUi.VNxCB-Kk8vM.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2LMrGqtSmYktEqlg1uS2DDle1ZbQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 1669
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 03:52:10 GMT
expires: Tue, 24 Sep 2024 03:52:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 21 Sep 2023 09:09:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 104055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css
216.58.207.233200 OK 6.5 kB URL GET HTTP/3 www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css
IP 216.58.207.233:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (35889), with no line terminators
Hash e287450e0a5c5a5625f7ba3716c1b0cf
3287eee808b2a77f7e4ea16b148f4cd173cddb66
5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b
GET /static/v1/v-css/3268905543-lightbox_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6501
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 04:10:18 GMT
expires: Wed, 25 Sep 2024 04:10:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Sep 2023 06:52:50 GMT
content-type: text/css
vary: Accept-Encoding
age: 16567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/static/v1/jsbin/4251067282-lbx__en_gb.js
216.58.207.233200 OK 122 kB URL GET HTTP/3 www.blogger.com/static/v1/jsbin/4251067282-lbx__en_gb.js
IP 216.58.207.233:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type HTML document, ASCII text, with very long lines (1308)
Size 122 kB (122267 bytes)
Hash 5466ab614745e458a262fdcdc0a1e7f6
a2af35025ec2279af3ef26c63a8f3cbb558674b8
6767e69c6c6518b187689f26c6fd7ba2a47da59368e0dc1bfa090bfdeabb7564
GET /static/v1/jsbin/4251067282-lbx__en_gb.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 122267
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 02:00:10 GMT
expires: Sat, 21 Sep 2024 02:00:10 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Sep 2023 19:59:10 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 369975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__
216.58.207.233200 OK 6.8 kB URL GET HTTP/3 www.blogger.com/navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__
IP 216.58.207.233:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7002), with no line terminators
Hash 0c62f784bacbd7e76bb85c6392641777
11ddc81bac22c64756674832f35b739347706a75
b57f82f728eb3f6679296d7d5c0f5ed597194417f00a0e76fe37be1ca612ab72
GET /navbar.g?targetBlogID=8909838110609411663&blogName=MediaFireMoviesHeaven&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://mediafiremoviesheavens3.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://mediafiremoviesheavens3.blogspot.com/&targetPostID=1593096074739466767&blogPostOrPageUrl=https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html&vt=8555851150101448679&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 08:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2685
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g
142.250.74.164200 OK 52 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g
IP 142.250.74.164:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43763)
Hash 11be40f27145760968f5285123cc8443
bc938331fef0c9dd154b04f7715411345b588abe
e582e27b89fd72809fe0bead1393541c1327dc4672bd5bd20563c1a851e907e4
GET /recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=duqupedt5d6g HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 08:46:24 GMT
content-security-policy: script-src 'nonce-MqzBgMnEVWxphhTTOJqaWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 1.0 kB URL GET HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD2:77:FE:08:C6:61:6A:42:5C:1F:85:13:DA:23:B2:B8:46:20:45:88
ValidityMon, 04 Sep 2023 08:23:29 GMT - Mon, 27 Nov 2023 08:23:28 GMT
File type ASCII text, with very long lines (1034), with no line terminators
Hash ad4c13b7eabbb2f834593d222b8d6a9a
ee864ed7c4bb277f9c93b822c39d8b49526ab961
90f3c196239d9dfc1d04a35c48161991e188cb254273d188338425fa4a8febfb
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 08:46:24 GMT
date: Tue, 26 Sep 2023 08:46:24 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-nlsNARtqyyk/UOI-7IncmsI/AAAAAAAADJY/c6KqI1FLqTM/s1600/twitter.gif
142.250.74.161200 OK 13 kB URL GET HTTP/3 3.bp.blogspot.com/-nlsNARtqyyk/UOI-7IncmsI/AAAAAAAADJY/c6KqI1FLqTM/s1600/twitter.gif
IP 142.250.74.161:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 16 x 16\012- data
Hash e908302cdc3f149ed08df28e4f86f2fc
b8c9b4b02859df976c3bc41d66f7cde4dac07f1c
3fb0b004c5deb70a0788ecc4d5ce8e0d725f1e42a15bf001c6bca4bc5dc4168e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-nlsNARtqyyk/UOI-7IncmsI/AAAAAAAADJY/c6KqI1FLqTM/s1600/twitter.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v2255"
expires: Wed, 27 Sep 2023 08:46:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="twitter.gif"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 08:46:23 GMT
server: fife
content-length: 13427
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218
216.58.207.233200 OK 71 kB URL GET HTTP/3 www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218
IP 216.58.207.233:443
Requested by https://mediafiremoviesheavens3.blogspot.com/2012/03/damages-season-2-rmvb-download_29.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiremoviesheavens3.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 08:46:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'nonce-sAqKzHbuNjE6FWsKdqzzwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=Ka_-YoWczk41qh0Ss5lN6Nm1HUMRCyxY7g4_jVZV7zJY3cPM8H1Z5FFOaP3q8jaim_BupqD56wd4uitBdmivWd7_usfBYSZnRxNL3Y21Gcm4clFlCd-GZWZU_hYq3N38fDBxcaTQwKfbrGkqTLCOEDO-wGRCWNqMOjqGp1k7P8o; expires=Wed, 27-Mar-2024 08:46:23 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/am=AICmAxA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3AgXkSCMtSvslVqV29lkYY8Xi4Fg/m=_b,_tp
216.58.207.233200 OK 183 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/am=AICmAxA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3AgXkSCMtSvslVqV29lkYY8Xi4Fg/m=_b,_tp
IP 216.58.207.233:443
Requested by https://www.blogger.com/comment/frame/8909838110609411663?po=1593096074739466767&hl=en-GB&blogspotRpcToken=8952218#%7B%22color%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(102%2C%20102%2C%20102)%22%2C%22fontFamily%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%7D
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2507)
Size 183 kB (182561 bytes)
Hash bf947eecf3cec3cb9930618e445d1360
fdb00828decfac55c6ebe860cdcac46ce5dc4141
f181ebe5b0e4bc56f5ba1c6017aa3d7d6d544c6f24f270c4af0c9190471644dc
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.Dwe_uLvldwI.es5.O/am=AICmAxA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3AgXkSCMtSvslVqV29lkYY8Xi4Fg/m=_b,_tp HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 63840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 02:35:08 GMT
expires: Tue, 24 Sep 2024 02:35:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 23 Sep 2023 03:12:35 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 108675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000