| ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/img/TN-en-20231009-popsignuptwoweeks-perspective_alpha_website_medium.jpg | 66.235.200.147 | 200 OK | 17 kB |
URL GET HTTP/2ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/img/TN-en-20231009-popsignuptwoweeks-perspective_alpha_website_medium.jpg IP66.235.200.147:443
Requested byhttps://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/ CertificateIssuerLet's Encrypt Subjectar-netflix-bpay.com Fingerprint2F:27:8A:79:E5:3E:49:91:40:01:DC:DF:15:47:18:CF:9F:F0:96:D7 ValidityTue, 02 Apr 2024 03:51:20 GMT - Mon, 01 Jul 2024 03:51:19 GMT
File typegzip compressed data, from Unix Hash0c966975e67abc58fcb315cb20b7ea4b f27766ed965e6033baf5c304678250aebbcc9d7a fe67026b132e7d7540a52332739e66c3fa34cd82ef4b29cfc9e6034d9bc36c46
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Netflix |
GET /Actualizar/ne/cll/cool/login.php/styles/img/TN-en-20231009-popsignuptwoweeks-perspective_alpha_website_medium.jpg HTTP/1.1
Host: ar-netflix-bpay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/
Cookie: PHPSESSID=66a5949714dfc6d4756fb65eff9e757a; _cfuvid=6Ivr7SSNW9VgWUlqs95gFGsTIuKyM_wjewbDtWdfeA0-1713526318859-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:32:03 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Fri, 19 Apr 2024 11:32:03 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 876c925a7aa056be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/css/login.css | 66.235.200.147 | | 11 kB |
URL ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/css/login.css IP66.235.200.147:0
CertificateIssuerLet's Encrypt Subjectar-netflix-bpay.com Fingerprint2F:27:8A:79:E5:3E:49:91:40:01:DC:DF:15:47:18:CF:9F:F0:96:D7 ValidityTue, 02 Apr 2024 03:51:20 GMT - Mon, 01 Jul 2024 03:51:19 GMT
File typegzip compressed data, from Unix Hashbfcc822bf7bae488e9ff14628b8c2164 367c31c3afbbaf2ed7f267103732715e2781771c 78ef174f243175fea35d85553366ace998cee0662fabe802c18355782e0b30e1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Netflix |
GET /Actualizar/ne/cll/cool/login.php/styles/css/login.css HTTP/1.1
Host: ar-netflix-bpay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/
Cookie: PHPSESSID=66a5949714dfc6d4756fb65eff9e757a; _cfuvid=6Ivr7SSNW9VgWUlqs95gFGsTIuKyM_wjewbDtWdfeA0-1713526318859-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:32:02 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Fri, 19 Apr 2024 11:32:02 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 876c92460d1556be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/css/login2.css | 66.235.200.147 | 200 OK | 24 kB |
URL GET HTTP/2ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/css/login2.css IP66.235.200.147:443
Requested byhttps://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/ CertificateIssuerLet's Encrypt Subjectar-netflix-bpay.com Fingerprint2F:27:8A:79:E5:3E:49:91:40:01:DC:DF:15:47:18:CF:9F:F0:96:D7 ValidityTue, 02 Apr 2024 03:51:20 GMT - Mon, 01 Jul 2024 03:51:19 GMT
File typeJavaScript source, ASCII text, with very long lines (2153), with CRLF line terminators Hash77f6a5f0d3736d5158663d25f5abb5ef 8a0e0f1767bcc9fbe9a80b9d00244c6c85b8cf44 8e95d269a3964a051f5cfc5f491662a89e55dbb15047180e92c6b3f3f59ebd53
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Netflix |
GET /Actualizar/ne/cll/cool/login.php/styles/css/login2.css HTTP/1.1
Host: ar-netflix-bpay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/
Cookie: PHPSESSID=66a5949714dfc6d4756fb65eff9e757a; _cfuvid=6Ivr7SSNW9VgWUlqs95gFGsTIuKyM_wjewbDtWdfeA0-1713526318859-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:32:00 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Fri, 19 Apr 2024 11:32:00 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 876c92460d1256be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/js/jquery.main.js | 66.235.200.147 | 200 OK | 24 kB |
URL GET HTTP/2ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/js/jquery.main.js IP66.235.200.147:443
Requested byhttps://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/ CertificateIssuerLet's Encrypt Subjectar-netflix-bpay.com Fingerprint2F:27:8A:79:E5:3E:49:91:40:01:DC:DF:15:47:18:CF:9F:F0:96:D7 ValidityTue, 02 Apr 2024 03:51:20 GMT - Mon, 01 Jul 2024 03:51:19 GMT
File typeJavaScript source, ASCII text, with very long lines (2153), with CRLF line terminators Hash77f6a5f0d3736d5158663d25f5abb5ef 8a0e0f1767bcc9fbe9a80b9d00244c6c85b8cf44 8e95d269a3964a051f5cfc5f491662a89e55dbb15047180e92c6b3f3f59ebd53
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Netflix |
GET /Actualizar/ne/cll/cool/login.php/js/jquery.main.js HTTP/1.1
Host: ar-netflix-bpay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/
Cookie: PHPSESSID=66a5949714dfc6d4756fb65eff9e757a; _cfuvid=6Ivr7SSNW9VgWUlqs95gFGsTIuKyM_wjewbDtWdfeA0-1713526318859-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:32:00 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Fri, 19 Apr 2024 11:32:00 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 876c92460d1c56be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/js/jquery.mask.js | 66.235.200.147 | 200 OK | 24 kB |
URL GET HTTP/2ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/js/jquery.mask.js IP66.235.200.147:443
Requested byhttps://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/ CertificateIssuerLet's Encrypt Subjectar-netflix-bpay.com Fingerprint2F:27:8A:79:E5:3E:49:91:40:01:DC:DF:15:47:18:CF:9F:F0:96:D7 ValidityTue, 02 Apr 2024 03:51:20 GMT - Mon, 01 Jul 2024 03:51:19 GMT
File typeJavaScript source, ASCII text, with very long lines (2153), with CRLF line terminators Hash77f6a5f0d3736d5158663d25f5abb5ef 8a0e0f1767bcc9fbe9a80b9d00244c6c85b8cf44 8e95d269a3964a051f5cfc5f491662a89e55dbb15047180e92c6b3f3f59ebd53
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Netflix |
GET /Actualizar/ne/cll/cool/login.php/js/jquery.mask.js HTTP/1.1
Host: ar-netflix-bpay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/
Cookie: PHPSESSID=66a5949714dfc6d4756fb65eff9e757a; _cfuvid=6Ivr7SSNW9VgWUlqs95gFGsTIuKyM_wjewbDtWdfeA0-1713526318859-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:31:59 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Fri, 19 Apr 2024 11:31:59 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 876c92460d1a56be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/img/nficon2016.png | 66.235.200.147 | 200 OK | 24 kB |
URL GET HTTP/2ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/img/nficon2016.png IP66.235.200.147:443
Requested byhttps://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/ CertificateIssuerLet's Encrypt Subjectar-netflix-bpay.com Fingerprint2F:27:8A:79:E5:3E:49:91:40:01:DC:DF:15:47:18:CF:9F:F0:96:D7 ValidityTue, 02 Apr 2024 03:51:20 GMT - Mon, 01 Jul 2024 03:51:19 GMT
File typeJavaScript source, ASCII text, with very long lines (2153), with CRLF line terminators Hash77f6a5f0d3736d5158663d25f5abb5ef 8a0e0f1767bcc9fbe9a80b9d00244c6c85b8cf44 8e95d269a3964a051f5cfc5f491662a89e55dbb15047180e92c6b3f3f59ebd53
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Netflix |
GET /Actualizar/ne/cll/cool/login.php/styles/img/nficon2016.png HTTP/1.1
Host: ar-netflix-bpay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/
Cookie: PHPSESSID=66a5949714dfc6d4756fb65eff9e757a; _cfuvid=6Ivr7SSNW9VgWUlqs95gFGsTIuKyM_wjewbDtWdfeA0-1713526318859-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:32:04 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Fri, 19 Apr 2024 11:32:04 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 876c925b5b9756be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/img/nficon2023.ico | 66.235.200.147 | 200 OK | 24 kB |
URL GET HTTP/2ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/styles/img/nficon2023.ico IP66.235.200.147:443
Requested byhttps://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/ CertificateIssuerLet's Encrypt Subjectar-netflix-bpay.com Fingerprint2F:27:8A:79:E5:3E:49:91:40:01:DC:DF:15:47:18:CF:9F:F0:96:D7 ValidityTue, 02 Apr 2024 03:51:20 GMT - Mon, 01 Jul 2024 03:51:19 GMT
File typeJavaScript source, ASCII text, with very long lines (2153), with CRLF line terminators Hash77f6a5f0d3736d5158663d25f5abb5ef 8a0e0f1767bcc9fbe9a80b9d00244c6c85b8cf44 8e95d269a3964a051f5cfc5f491662a89e55dbb15047180e92c6b3f3f59ebd53
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Netflix |
GET /Actualizar/ne/cll/cool/login.php/styles/img/nficon2023.ico HTTP/1.1
Host: ar-netflix-bpay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ar-netflix-bpay.com/Actualizar/ne/cll/cool/login.php/
Cookie: PHPSESSID=66a5949714dfc6d4756fb65eff9e757a; _cfuvid=6Ivr7SSNW9VgWUlqs95gFGsTIuKyM_wjewbDtWdfeA0-1713526318859-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:32:03 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Fri, 19 Apr 2024 11:32:03 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 876c925b5b9956be-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|