Report - egbest2.com/

Report Overview

URL

egbest2.com/
IP

104.21.44.231

ASN

#13335 CLOUDFLARENET
Submitted

2023-01-31T00:53:24Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

18

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413	5843	34.160.144.191
e1.o.lencr.org (3)	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1014	2183	23.36.76.226
friendshipmale.com (1)	unknown	2022-10-21T14:15:25Z	2023-03-13T08:33:43Z	358	960	172.64.203.23
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333	391	34.117.237.239
my.rtmark.net (3)	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	1378	2226	139.45.195.8
simplewebanalysis.com (2)	unknown	2022-02-25T05:06:25Z	2023-03-13T08:33:39Z	846	688	3.120.47.42
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3246	67835	34.120.237.76
www.googletagmanager.com (1)	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	381	77825	142.250.74.168
qo.dunganof.com (1)	unknown	2022-12-30T11:45:29Z	2023-02-16T18:54:59Z	360	1120	23.109.248.179
ocsp.sectigo.com (1)	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340	963	104.18.32.68
oaphoace.net (1)	unknown	2022-05-04T19:35:14Z	2023-03-13T08:06:21Z	357	681	139.45.197.239
r3.o.lencr.org (16)	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	5408	14181	23.36.77.32
ocsp.sca1b.amazontrust.com (1)	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350	1004	54.230.245.100
nanouwho.com (4)	unknown	2022-07-09T22:30:29Z	2023-03-13T05:15:46Z	2261	2961	139.45.197.242
unseenreport.com (2)	unknown	2022-03-30T16:33:17Z	2023-03-13T05:15:47Z	1422	846	192.243.61.227
s.w.org (1)	748	2017-01-30T05:56:16Z	2023-03-13T05:09:33Z	400	433	192.0.77.48
ocsp.digicert.com (1)	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341	545	93.184.220.29
fleraprt.com (1)	unknown	2022-01-14T23:55:14Z	2023-03-13T06:33:10Z	483	481	139.45.195.254
zadauque.net (1)	unknown	2022-09-13T18:48:01Z	2023-03-09T17:17:15Z	355	1124	139.45.197.238
initiallycompetitionunderwear.com (1)	unknown	2023-01-09T03:09:00Z	2023-03-10T17:24:54Z	411	21437	192.243.61.225
tzegilo.com (1)	unknown	2022-01-14T16:27:15Z	2023-03-13T06:33:04Z	355	6637	172.67.141.224
upgulpinon.com (1)	83187	2020-06-05T14:59:18Z	2023-03-13T01:30:40Z	359	624	139.45.197.242
banquetunarmedgrater.com (1)	unknown	2022-08-04T17:12:50Z	2023-03-13T05:26:56Z	372	327	192.243.59.13
region1.google-analytics.com (1)	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	867	444	216.239.34.36
egbest2.com (2)	unknown	2019-05-19T21:31:59Z	2023-03-06T01:11:20Z	784	1244	104.21.44.231
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782	2372	35.241.9.150
iegybest.film (38)	unknown	2022-02-12T04:44:10Z	2023-03-09T15:33:44Z	26505	1285912	172.67.75.209
ocsp.pki.goog (2)	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686	1400	142.250.74.131
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606	127	35.167.56.184
naveljutmistress.com (6)	unknown	2023-01-24T03:32:25Z	2023-03-10T02:12:39Z	2687	16576	173.233.137.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	friendshipmale.com/sfp.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	initiallycompetitionunderwear.com	Sinkholed
2023-01-30	medium	naveljutmistress.com	Sinkholed
2023-01-30	medium	naveljutmistress.com	Sinkholed
2023-01-30	medium	nanouwho.com	Sinkholed
2023-01-30	medium	nanouwho.com	Sinkholed
2023-01-30	medium	fleraprt.com	Sinkholed
2023-01-30	medium	naveljutmistress.com	Sinkholed
2023-01-30	medium	naveljutmistress.com	Sinkholed
2023-01-30	medium	naveljutmistress.com	Sinkholed
2023-01-30	medium	naveljutmistress.com	Sinkholed
2023-01-30	medium	banquetunarmedgrater.com	Sinkholed
2023-01-30	medium	unseenreport.com	Sinkholed
2023-01-30	medium	unseenreport.com	Sinkholed
2023-01-31	medium	zadauque.net	Sinkholed
2023-01-30	medium	nanouwho.com	Sinkholed
2023-01-30	medium	oaphoace.net	Sinkholed
2023-01-30	medium	nanouwho.com	Sinkholed

ThreatFox

No alerts detected

HTTP Transactions (104)

URL IP Response Size

egbest2.com/

104.21.44.231

301 Moved Permanently

URL HTTP/1.1

egbest2.com/
IP

104.21.44.231:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: egbest2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 00:53:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 31 Jan 2023 01:53:13 GMT
Location: https://egbest2.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXlCPAxdjWHRHaw33ejMV52LB5wH%2Bf87rb0ftiIT%2F08lEdasoOIbFMyA5lawPdUSJNWge3qwLgb3Eb8QmB0hO%2FRWrYoGXFGnuWM86tNibQVv0rwmDxcyvpFXzjYLGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791e7819aee6b517-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

0c35c3ec659d3a26ea97e68d787bb043

d97e3672244efec5b7814f2d8a734cd1a9387854

4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14519
Expires: Tue, 31 Jan 2023 04:55:13 GMT
Date: Tue, 31 Jan 2023 00:53:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

d2e72d45afe3d391c204b5391599607c

149d68b9d00a720b6f380fa2324779dca9dbe26d

f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12393
Expires: Tue, 31 Jan 2023 04:19:47 GMT
Date: Tue, 31 Jan 2023 00:53:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

dcd75ca6daca51c5e39d431468511793

07f76d3bf23d65c9110d810fa71a994e39e085d3

73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 00:43:15 GMT
content-type: application/json
age: 599
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

302c7548412192add063ad6c8b99cf3b

e5d178931a27db036ce8daae302594d3ff7050b8

fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9846
Expires: Tue, 31 Jan 2023 03:37:20 GMT
Date: Tue, 31 Jan 2023 00:53:14 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

279
Hash

23eb68041c92f7e0506be4fb7c63bdc0

6234b7811a328e94d07301c2fda527193d39f1fc

8297b13b95d6415adefd387f4f958ca3470a63cb28272b10352c27515962d303

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4525
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 00:53:14 GMT
Last-Modified: Mon, 30 Jan 2023 23:37:49 GMT
Server: ECS (amb/6BA6)
X-Cache: HIT
Content-Length: 279

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: oEwduXh33XIhKNhl0qZL0ei10DXuxrOAvXWSBTJISTrcOkByz4Q68hKFWo8S6e6GsRX03yVRh7g=
x-amz-request-id: E3B9XYF9MASXEPJK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 00:50:58 GMT
age: 136
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 00:53:14 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345

URL HTTP/1.1

e1.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

345
Hash

57974600a6998dfdbb3756693525e3a7

4252708433c47ae78d8f05062d4fd2559d0c9597

a76e46905fe08582908b55df1c3618a80d0345c0302de04217e2b9d1afe166a1

HTTP Headers

                                        POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A76E46905FE08582908B55DF1C3618A80D0345C0302DE04217E2B9D1AFE166A1"
Last-Modified: Sat, 28 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12295
Expires: Tue, 31 Jan 2023 04:18:09 GMT
Date: Tue, 31 Jan 2023 00:53:14 GMT
Connection: keep-alive

iegybest.film/wp-content/uploads/2019/10/egybest_logo2.png

172.67.75.209

200 OK

1359

URL HTTP/2

iegybest.film/wp-content/uploads/2019/10/egybest_logo2.png
IP

172.67.75.209:0
ASN

#13335 CLOUDFLARENET

Magic

PNG image data, 130 x 35, 8-bit colormap, non-interlaced\012- data

Size

1359
Hash

590e926bf8a6aefeb46cce6507fd4cbc

b3e0c755de138a82ff3132b1f97f61ba44b0c17d

b41f3d52b4756760fe9e73c5e17ac25b5ae7714bd7d0975f42fa2155c7042c56

HTTP Headers

                                        GET /wp-content/uploads/2019/10/egybest_logo2.png HTTP/1.1
Host: iegybest.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:14 GMT
content-type: image/png
content-length: 1359
last-modified: Fri, 11 Oct 2019 23:41:10 GMT
etag: "5da11316-54f"
expires: Fri, 24 Nov 2023 17:20:49 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 5815945
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBLsvMqH6wNY2bNC2m0Lz19u8CjgyjAdh3X8bO1QBkI9wflPI2YrAFWni3fD4uY9XnU8SQkHvJne1ppQBdQRTjx4BNXSnFqnWR9TfliMLxYbAnE6UiJcz6uUkz7KI6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791e781d9c6cb50c-OSL
X-Firefox-Spdy: h2

iegybest.film/wp-content/uploads/2022/06/anime.png

172.67.75.209

200 OK

2508

URL HTTP/2

iegybest.film/wp-content/uploads/2022/06/anime.png
IP

172.67.75.209:0
ASN

#13335 CLOUDFLARENET

Magic

PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data

Size

2508
Hash

429eb65aa6ef62531677627f19895b6b

653170df93eb73c0a6ffc716eaa8806289689d87

b71cc884e91754b3dc964f122cbfd5358c2ca77070ddd5c87d1a7efa3accc38e

HTTP Headers

                                        GET /wp-content/uploads/2022/06/anime.png HTTP/1.1
Host: iegybest.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:14 GMT
content-type: image/png
content-length: 2508
last-modified: Sun, 19 Jun 2022 23:58:45 GMT
etag: "62afb835-9cc"
expires: Fri, 24 Nov 2023 17:20:49 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 5815945
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOAjg85u6NZksXa01xHHN%2B6jO9Ftie6qr89hytTmXbWLw%2FdfCpN%2FrT%2FfvzxxZ9sxitKXsKCu%2FAZeeYC2X8A8o6%2FHLXF0EKcjsRaZly6O%2FUz2RFrUz0YBZj1EgQlR9aE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791e781d9c6eb50c-OSL
X-Firefox-Spdy: h2

iegybest.film/wp-content/uploads/2022/05/src-default-new.jpg

172.67.75.209

200 OK

4720

URL HTTP/2

iegybest.film/wp-content/uploads/2022/05/src-default-new.jpg
IP

172.67.75.209:0
ASN

#13335 CLOUDFLARENET

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 175x263, components 3\012- data

Size

4720
Hash

a73a1de4af8cfb202312b296abaa61a2

48b06803630e5d00f0d953db31240912b21b8a75

1f027dbbe363187f01f1b007afc3607aaf7bf85db270b3b32ac4e2954e4f8282

HTTP Headers

                                        GET /wp-content/uploads/2022/05/src-default-new.jpg HTTP/1.1
Host: iegybest.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:14 GMT
content-type: image/jpeg
content-length: 4720
cache-control: public, max-age=31536000
cf-bgj: h2pri
etag: "627d40a5-1270"
expires: Fri, 24 Nov 2023 17:20:49 GMT
last-modified: Thu, 12 May 2022 17:15:17 GMT
pragma: public
cf-cache-status: HIT
age: 5815945
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpY6Li2DkR3qyt4ZeDLMUPIKKXAUZISqinUFN3t23zsWzVctw%2B44kwA8TaHMgPmXP7UgrcPNX251lxNYFayZkxwedWvW4b0dyLneIPXR498AyUsloBEFV14PZAHi9qU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791e781d9c70b50c-OSL
X-Firefox-Spdy: h2

iegybest.film/wp-content/plugins/image-sizes/assets/js/front.js?ver=3.6.1

172.67.75.209

200 OK

URL HTTP/2

iegybest.film/wp-content/plugins/image-sizes/assets/js/front.js?ver=3.6.1
IP

172.67.75.209:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /wp-content/plugins/image-sizes/assets/js/front.js?ver=3.6.1 HTTP/1.1
Host: iegybest.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:14 GMT
content-type: application/javascript
content-length: 0
last-modified: Sat, 26 Nov 2022 23:31:09 GMT
etag: "6382a1bd-0"
expires: Sun, 26 Nov 2023 23:54:06 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 5619548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0J80vMqj5kTLPYSv29tXExhZ8vQUbwPZ3I7MMpiGRKOY4tM27c3%2BqPA5t5BFX8Yt1P081S0cb1vc0dxR0%2F9SXa4GbrgxM%2Bojx0R3BeFErpJRWuk%2B1Qr88qDtWLIEoo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791e781dac75b50c-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

d81f874741beb45c89de8bb5c6de438e

a251ab903e654953631d84721479bbae55aa5cdf

ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 00:53:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

3ff98d0159f1d6cb29f3c1b29cf565ec

e76a363d83222b1c146b549227e0cd1a651bbab5

92525da956d49706bf39be91f228feab5fbdafcca3e44bffde4b8342478d752a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92525DA956D49706BF39BE91F228FEAB5FBDAFCCA3E44BFFDE4B8342478D752A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10071
Expires: Tue, 31 Jan 2023 03:41:05 GMT
Date: Tue, 31 Jan 2023 00:53:14 GMT
Connection: keep-alive

www.googletagmanager.com/gtag/js?id=G-XVZ77D8G75

142.250.74.168

200 OK

77224

URL HTTP/2

www.googletagmanager.com/gtag/js?id=G-XVZ77D8G75
IP

142.250.74.168:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (19467)

Size

77224
Hash

f02baa5b71d8e049ba6328f785003ca4

390c74728b6bcff23e757ce4730ec34c3a592297

7a50119e57d452d30f098ce679855695b61fa2335ecfe932022e28caebd6d3da

HTTP Headers

                                        GET /gtag/js?id=G-XVZ77D8G75 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 00:53:14 GMT
expires: Tue, 31 Jan 2023 00:53:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 00:41:41 GMT
age: 693
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

iegybest.film/wp-content/themes/old/Standard/UI/fonts/fa-solid-900.woff2

172.67.75.209

200 OK

140704

URL HTTP/2

iegybest.film/wp-content/themes/old/Standard/UI/fonts/fa-solid-900.woff2
IP

172.67.75.209:0
ASN

#13335 CLOUDFLARENET

Magic

Web Open Font Format (Version 2), TrueType, length 140704, version 331.17301\012- data

Size

140704
Hash

150120b3d9b448dd116680b66eba9bbe

cbbc03d0fdc2da1fe474f25a0bc10c702049759f

2a2399d510fe0bb91bf136a84c8f186c5bd3a57a2aac94a39bf167850588717f

HTTP Headers

                                        GET /wp-content/themes/old/Standard/UI/fonts/fa-solid-900.woff2 HTTP/1.1
Host: iegybest.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:14 GMT
content-type: font/woff2
content-length: 140704
last-modified: Thu, 21 Oct 2021 09:07:38 GMT
etag: "61712dda-225a0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6851
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ics5wFQrAnsjaEvemMpfcAbQoAwrGnN2PkLUuve90YlGYAOqOBtRvHqA4UiIgTUI98nLtjXnvgZP801D2lcUvZp7jqU5ysOlrqk0oLElxbUG2WA8oKfYkxftwCwqLus%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791e781ecd37b50c-OSL
X-Firefox-Spdy: h2

iegybest.film/wp-content/themes/old/Standard/UI/fonts/fa-brands-400.woff2

172.67.75.209

200 OK

77376

URL HTTP/2

iegybest.film/wp-content/themes/old/Standard/UI/fonts/fa-brands-400.woff2
IP

172.67.75.209:0
ASN

#13335 CLOUDFLARENET

Magic

Web Open Font Format (Version 2), TrueType, length 77376, version 331.17301\012- data

Size

77376
Hash

7c0be8b6640f024b6f4505161bf1bfd4

dabac3ea728295a50c882404a7716d3e0e24c042

485ef94c52a4c62277533950ca70e9c4b13f97eed65cc868b22bd8c37e3ada11

HTTP Headers

                                        GET /wp-content/themes/old/Standard/UI/fonts/fa-brands-400.woff2 HTTP/1.1
Host: iegybest.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:14 GMT
content-type: font/woff2
content-length: 77376
last-modified: Thu, 21 Oct 2021 09:07:46 GMT
etag: "61712de2-12e40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6851
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwM0VHJoEsfDRtJxaC5DVv7fvCaTmTtgzbBFXsGSzYX%2B1G1rdyL4lzVh6wUuWB%2FkTIKBixN3KPkJfzaR315u6g93MzjVlLl48DXBWa4MduYwfri7%2BCgLka5UPPKUijs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791e781eed53b50c-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

d81f874741beb45c89de8bb5c6de438e

a251ab903e654953631d84721479bbae55aa5cdf

ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 00:53:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

22b9916fc1fafc9bdc9bb37f9eac8a9a

86f640e134a741a0f906a8e3a0f5c6659dd0e394

a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13125
Expires: Tue, 31 Jan 2023 04:31:59 GMT
Date: Tue, 31 Jan 2023 00:53:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

2f30de61f5d420390a770e2bd7b32ef0

8aedbfe99a2ff8adbbdfd36275aaa6498669da99

e01df47c4e69c615d991bbd4c9297a1cfdd32c2be35a3d2af9a06954cbbbb927

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E01DF47C4E69C615D991BBD4C9297A1CFDD32C2BE35A3D2AF9A06954CBBBB927"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4977
Expires: Tue, 31 Jan 2023 02:16:11 GMT
Date: Tue, 31 Jan 2023 00:53:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

afb5271fdc3dc7d6e8c2646d112f9162

36f3bb9ed248ff9fd5ecf6e96b1a3f1735ed2186

7ff9c4ee385e11e1163d9e0050a72a47a2df019f99ff4c0df82b9f023f908fa0

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7FF9C4EE385E11E1163D9E0050A72A47A2DF019F99FF4C0DF82B9F023F908FA0"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5822
Expires: Tue, 31 Jan 2023 02:30:16 GMT
Date: Tue, 31 Jan 2023 00:53:14 GMT
Connection: keep-alive

qo.dunganof.com/1clkn/28311

23.109.248.179

200 OK

URL HTTP/1.1

qo.dunganof.com/1clkn/28311
IP

23.109.248.179:0
ASN

#7979 SERVERS-COM

Magic

ASCII text, with no line terminators

Size

26
Hash

414a242a6fee8464282857e475d3ef61

f669890350347f53aa9bd19c1a355692e8d17d2f

d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa

HTTP Headers

                                        GET /1clkn/28311 HTTP/1.1
Host: qo.dunganof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 00:53:14 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 01-Feb-2023 00:53:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Wed, 01-Feb-2023 00:53:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

push.services.mozilla.com/

35.167.56.184

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

35.167.56.184:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M7cC/iB96QOp3FblJPqPUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QPIHhG3KA2Qu8dEtlRiSPNiR/jY=

initiallycompetitionunderwear.com/89/b3/7d/89b37d3f5919bd6072571f91b8b0bd65.js

192.243.61.225

200 OK

20727

URL HTTP/1.1

initiallycompetitionunderwear.com/89/b3/7d/89b37d3f5919bd6072571f91b8b0bd65.js
IP

192.243.61.225:0
ASN

#39572 DataWeb Global Group B.V.

Magic

HTML document, ASCII text, with very long lines (60178), with no line terminators

Size

20727
Hash

f710a324038aa45cc2c22804d254051f

b4d58b9b795f54d9a93ff0105844bd22a29805ff

73d412cb4a0590c9512a448ca580865b09be8372dc5e0bbdabb5305bcb0523d6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /89/b3/7d/89b37d3f5919bd6072571f91b8b0bd65.js HTTP/1.1
Host: initiallycompetitionunderwear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 00:53:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 579672d4087b0f11a87b23555cae66a4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

bff238854142f88fbd8a67267020ca9b

e3b1c78276d279cf5961e0eb8e5b9209cd5bee5c

d3a9187e12d667c2a7f62106e18f9b34bd2b0ecc64ac233f18710d1315dac04e

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3A9187E12D667C2A7F62106E18F9B34BD2B0ECC64AC233F18710D1315DAC04E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12828
Expires: Tue, 31 Jan 2023 04:27:03 GMT
Date: Tue, 31 Jan 2023 00:53:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

d4779f45bd1b66d012525a3e5883696a

b41f8ce685897b9155588f2fbba93ed961cfec60

6167bef55b16b3c2b0f00aec2512ac044d7699ef19dd4a168f51c1fbf721a4d2

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6167BEF55B16B3C2B0F00AEC2512AC044D7699EF19DD4A168F51C1FBF721A4D2"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3965
Expires: Tue, 31 Jan 2023 01:59:20 GMT
Date: Tue, 31 Jan 2023 00:53:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

e2d2b00ed4a3970f9b7c4561eec1f2ba

5d51d00a750a05bcad6aac56b5dcd410afff7591

20f4ee50766ee62c45e9a18f9646a856c1ae9b702a055c7d9131026dce630c42

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F4EE50766EE62C45E9A18F9646A856C1AE9B702A055C7D9131026DCE630C42"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1706
Expires: Tue, 31 Jan 2023 01:21:41 GMT
Date: Tue, 31 Jan 2023 00:53:15 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471

URL HTTP/1.1

ocsp.sca1b.amazontrust.com/
IP

54.230.245.100:0
ASN

#16509 AMAZON-02

Magic

data

Size

471
Hash

faf1d8a7f1edd1251b55117f41d77161

7e6b55f7968cc7381b7aa4deeed12d2692f135a2

8c27b658d2267f2dd6d138e17751edaec11d04c9e0f6015212dd92fb583533bc

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137427
Date: Tue, 31 Jan 2023 00:53:15 GMT
Etag: "63d7c69b-1d7"
Expires: Wed, 01 Feb 2023 15:03:42 GMT
Last-Modified: Mon, 30 Jan 2023 13:31:07 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _yfR7apPWzK3lyuVOI27MsNyuoNlXl3SMzeU4ZyV9IYRV4pBikfGgg==
Age: 5555

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6ca7915c13771c606b34ca5d002cd1b6

6882033304889b6ea9eba35e6c97c5766063c7ad

4e19be0f82ef7a849b0ed469132acbdb7ca489cca96bf388b6c49d11671c6e49

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E19BE0F82EF7A849B0ED469132ACBDB7CA489CCA96BF388B6C49D11671C6E49"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2418
Expires: Tue, 31 Jan 2023 01:33:33 GMT
Date: Tue, 31 Jan 2023 00:53:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6ca7915c13771c606b34ca5d002cd1b6

6882033304889b6ea9eba35e6c97c5766063c7ad

4e19be0f82ef7a849b0ed469132acbdb7ca489cca96bf388b6c49d11671c6e49

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E19BE0F82EF7A849B0ED469132ACBDB7CA489CCA96BF388B6C49D11671C6E49"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2418
Expires: Tue, 31 Jan 2023 01:33:33 GMT
Date: Tue, 31 Jan 2023 00:53:15 GMT
Connection: keep-alive

my.rtmark.net/gid.js?userId=78ef0090b25742389cf1f83ff6d35fc0

139.45.195.8

200 OK

URL HTTP/2

my.rtmark.net/gid.js?userId=78ef0090b25742389cf1f83ff6d35fc0
IP

139.45.195.8:0
ASN

#9002 RETN Limited

Magic

JSON data\012- , ASCII text

Size

65
Hash

b5ec30e199cb7e7adc8ff48c738cd99d

a72bf7e873da23bb8c2b6b4022b70a052f4de9b5

77e0b95d724c0f8c91e2aee43a079a8b8bd9dbd1320d862fdb568999393f9e6b

HTTP Headers

                                        GET /gid.js?userId=78ef0090b25742389cf1f83ff6d35fc0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iegybest.film
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 00:53:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://iegybest.film
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=78ef0090b25742389cf1f83ff6d35fc0; expires=Wed, 31 Jan 2024 00:53:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

3.120.47.42

200 OK

URL HTTP/2

simplewebanalysis.com/stats
IP

3.120.47.42:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with no line terminators

Size

40
Hash

46a828318e8a5b2eb38bb3e15844e6a9

84561ae914868414a355eabb735d4d495f8963d3

59a9e9de9dad9a4788e9840a8420f0ee37048557cdcd886b19806c7e97f94c1e

HTTP Headers

                                        GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iegybest.film
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://iegybest.film
access-control-allow-credentials: true
set-cookie: uid_id2=99d7fa0a-684d-43ac-ad7a-38e7b9b5e52f:2:1; expires=Fri, 28 Jan 2033 00:53:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

naveljutmistress.com/pixel/purst?dl=0&th=0&sc=0&rs=1501&rd=1501&fd=801&bv=22.10.v.9&tmpl=70

173.233.137.44

200 OK

URL HTTP/1.1

naveljutmistress.com/pixel/purst?dl=0&th=0&sc=0&rs=1501&rd=1501&fd=801&bv=22.10.v.9&tmpl=70
IP

173.233.137.44:0
ASN

#7979 SERVERS-COM

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /pixel/purst?dl=0&th=0&sc=0&rs=1501&rd=1501&fd=801&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 00:53:15 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

naveljutmistress.com/89/1f/18/891f1800b21596f130a8a4b16846ef16.js

173.233.137.44

200 OK

13409

URL HTTP/1.1

naveljutmistress.com/89/1f/18/891f1800b21596f130a8a4b16846ef16.js
IP

173.233.137.44:0
ASN

#7979 SERVERS-COM

Magic

ASCII text, with very long lines (37132), with no line terminators

Size

13409
Hash

3d6ac0f1038e268b77f98a6c2dbd8090

e0b01df25bb5df3825d8dc8f1f00644ade2a27d8

bbdd7a2db9adee588961edec796d8d689c6a7a4a860f0d693ea9e7b46a3f8db1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /89/1f/18/891f1800b21596f130a8a4b16846ef16.js HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 00:53:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6505445cdd0591441ce284f225cf3064
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

iegybest.film/wp-content/uploads/2019/06/9446b3a03e4d5abf3312ca8a021cdf51.ico.png

172.67.75.209

200 OK

12950

URL HTTP/2

iegybest.film/wp-content/uploads/2019/06/9446b3a03e4d5abf3312ca8a021cdf51.ico.png
IP

172.67.75.209:0
ASN

#13335 CLOUDFLARENET

Magic

PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data

Size

12950
Hash

0ab3026db50558c0a51f04a3e6b08f84

e45eadc12aa31836cdca48c64ad01a291af775a9

876f8ecb872feb6cbf7238a6c8c39d4e9d855960666992aec489add64dda32e9

HTTP Headers

                                        GET /wp-content/uploads/2019/06/9446b3a03e4d5abf3312ca8a021cdf51.ico.png HTTP/1.1
Host: iegybest.film
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Cookie: ppu_show_on_89b37d3f5919bd6072571f91b8b0bd65=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:15 GMT
content-type: image/png
content-length: 12950
last-modified: Wed, 10 Mar 2021 20:18:09 GMT
etag: "60492981-3296"
expires: Sat, 20 Jan 2024 06:34:58 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 929897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAPZkrJIVdlwYXPl%2BQfIynkFfpMfvnA7RYrkttla25pgFxf%2BuOLAy4IMzyXqhijAHE2p8tdi9c9R1w7HTKpant2fF9Lz0GmX1esdvTvfQtMX66wF4NfPgjDcKyttbrQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791e7825b939b50c-OSL
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

3.120.47.42

200 OK

URL HTTP/2

simplewebanalysis.com/stats
IP

3.120.47.42:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with no line terminators

Size

40
Hash

46a828318e8a5b2eb38bb3e15844e6a9

84561ae914868414a355eabb735d4d495f8963d3

59a9e9de9dad9a4788e9840a8420f0ee37048557cdcd886b19806c7e97f94c1e

HTTP Headers

                                        GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iegybest.film
Connection: keep-alive
Referer: https://iegybest.film/
Cookie: uid_id2=99d7fa0a-684d-43ac-ad7a-38e7b9b5e52f:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://iegybest.film
access-control-allow-credentials: true
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344

URL HTTP/1.1

e1.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

344
Hash

fba2578a219c482ced81e299d0da0061

059d2a565118457c53f655c7c4e3faaa9ac0fc41

e94e09d0cc3d1767f4bfdb420aa7bb2be731d6427cd67980838959de3b2b2648

HTTP Headers

                                        POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E94E09D0CC3D1767F4BFDB420AA7BB2BE731D6427CD67980838959DE3B2B2648"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4847
Expires: Tue, 31 Jan 2023 02:14:02 GMT
Date: Tue, 31 Jan 2023 00:53:15 GMT
Connection: keep-alive

tzegilo.com/stattag.js

172.67.141.224

200 OK

5811

URL HTTP/2

tzegilo.com/stattag.js
IP

172.67.141.224:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text, with very long lines (13121), with no line terminators

Size

5811
Hash

b6134e80bccb6e7eea6d91b402baeca3

c514ba5e3f3754ff91835e35f0e387c2afde9876

5c81dd9d986850b2cb93acb0dc9fdbdd5c388a7a7a91f5b596db24da0044d42e

HTTP Headers

                                        GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Tue, 31 Jan 2023 00:53:15 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4776
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZw11tHIWU0i9AHJnC12xKn6heeokbA1cPDdDHikABZIY9mlCOjUwZRL9vck7sOFTSnRSCYmSN9iQXOzp5I4jcIsdm2%2FAABKxAvEBxg30ae%2FPwa7arTdK2OiLTZ89w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791e78267fb3b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

upgulpinon.com/1?z=4967771

139.45.197.242

404 Not Found

URL HTTP/2

upgulpinon.com/1?z=4967771
IP

139.45.197.242:0
ASN

#9002 RETN Limited

Magic

ASCII text, with no line terminators

Size

7
Hash

3b66fb7a307f3ca29bd59b2f354055bd

d6ae6ccb37eb272d94d4a5191fa50372f4d06bba

de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4

HTTP Headers

                                        GET /1?z=4967771 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iegybest.film/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 404 Not Found
server: nginx
date: Tue, 31 Jan 2023 00:53:15 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: dc723ada27f51a1f1ca64276fcb671af
access-control-expose-headers: X-Sc
x-sc: 4KdnrdofxFOHMlcU
set-cookie: scm=1; expires=Wed, 31 Jan 2024 00:53:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344

URL HTTP/1.1

e1.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

344
Hash

fba2578a219c482ced81e299d0da0061

059d2a565118457c53f655c7c4e3faaa9ac0fc41

e94e09d0cc3d1767f4bfdb420aa7bb2be731d6427cd67980838959de3b2b2648

HTTP Headers

                                        POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E94E09D0CC3D1767F4BFDB420AA7BB2BE731D6427CD67980838959DE3B2B2648"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4846
Expires: Tue, 31 Jan 2023 02:14:02 GMT
Date: Tue, 31 Jan 2023 00:53:16 GMT
Connection: keep-alive

nanouwho.com/9?z=4807448&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fiegybest.film%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=n8gf109948kt256336611c6h8rrne450

139.45.197.242

204 No Content

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

#1 JS:Script (size: 9691)

#2 JS:Script (size: 18617)

#3 JS:Script (size: 60178)

#4 JS:Script (size: 142)

#5 JS:Script (size: 64236)

#6 JS:Script (size: 409508)

#7 JS:Script (size: 289832)

#8 JS:Script (size: 44348)

#9 JS:Script (size: 0)

#10 JS:Script (size: 37132)

#11 JS:Script (size: 84608)

#12 JS:Script (size: 13121)

#13 JS:Script (size: 2147)

#14 JS:Script (size: 18081)

#15 JS:Script (size: 6311)

#16 JS:Script (size: 6)

#17 JS:Script (size: 153)

#18 JS:Script (size: 220118)

HTTP Transactions (104)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP