pruebascentralinvirzo.com Open in urlscan Pro
162.214.119.187 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
Submission: On May 26 via api (May 26th 2023, 2:04:29 am UTC) from JP — Scanned from JP

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 12 domains to perform 20 HTTP transactions. The main IP is 162.214.119.187, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is pruebascentralinvirzo.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 25th 2023. Valid for: 3 months.

This is the only time pruebascentralinvirzo.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
5	162.214.119.187 162.214.119.187	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.36.173 104.18.36.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1	172.64.152.222 172.64.152.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	18.176.247.126 18.176.247.126	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
1	99.84.140.9 99.84.140.9	16509 (AMAZON-02) (AMAZON-02)
1	54.251.223.244 54.251.223.244	16509 (AMAZON-02) (AMAZON-02)
20	15

5 162.214.119.187 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-219173.pruebascentralinvirzo.com

pruebascentralinvirzo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80f::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.222 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.176.247.126 (Tokyo, Japan) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-247-126.ap-northeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.207.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.140.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-9.nrt57.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.251.223.244 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-223-244.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 924	4 KB
5	pruebascentralinvirzo.com pruebascentralinvirzo.com	33 KB
4	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 210	2 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 12143 ic.tynt.com — Cisco Umbrella Rank: 7792 de.tynt.com — Cisco Umbrella Rank: 1609	9 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1025 bcp.crwdcntrl.net — Cisco Umbrella Rank: 863	12 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817	31 KB
1	33across.com cdn-tc.33across.com — Cisco Umbrella Rank: 24270	459 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 14688	182 B
1	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 14398
1	waust.at waust.at — Cisco Umbrella Rank: 41063	4 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 868	237 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 320	30 KB
20	12

	Domain	Requested by
6	ps.eyeota.net	4 redirects pruebascentralinvirzo.com
5	pruebascentralinvirzo.com	pruebascentralinvirzo.com
4	cm.g.doubleclick.net	4 redirects
2	maxcdn.bootstrapcdn.com	pruebascentralinvirzo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	cdn-tc.33across.com
1	cdn-tc.33across.com	de.tynt.com
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	pruebascentralinvirzo.com
1	cdn.tynt.com	waust.at
1	whos.amung.us	waust.at
1	t.dtscout.com	waust.at
1	waust.at	pruebascentralinvirzo.com
1	use.fontawesome.com	pruebascentralinvirzo.com
1	ajax.googleapis.com	pruebascentralinvirzo.com
20	15

This site contains no links.

Subject Issuer	Validity	Valid
pruebascentralinvirzo.com cPanel, Inc. Certification Authority	`2023-04-25` - `2023-07-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.dtscout.com GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
Frame ID: 50D97CFA94AB3E25F3A96DE3D95BB318
Requests: 12 HTTP requests in this frame

Frame: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/iframe.php
Frame ID: BAB725A6EAC9EFC27A1747EB6CBDA069
Requests: 6 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 69074D0A382FEA63C6111734263B679E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix - My Account

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

90 %
HTTPS

40 %
IPv6

12
Domains

15
Subdomains

15
IPs

5
Countries

357 kB
Transfer

990 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=DdDiN2RwE6pHDyI%2FdqLJCA%3D%3D&us_privacy=&33random=1685066666796.1&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=DdDiN2RwE6pHDyI%2FdqLJCA%3D%3D&us_privacy=&33random=1685066666796.1&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mkw0QXFLVDdueDczaVlTYzZDZnpYeGZnelYza1Nicktkcm1MUE5UZE5Cb00&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mkw0QXFLVDdueDczaVlTYzZDZnpYeGZnelYza1Nicktkcm1MUE5UZE5Cb00&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESED6vaarOvN0SaFp6332ypAo&google_cver=1

Request Chain 17

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=DdDiN2RwE6pHDyI%2FdqLJCA%3D%3D&us_privacy=&33random=1685066666796.3&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=DdDiN2RwE6pHDyI%2FdqLJCA%3D%3D&us_privacy=&33random=1685066666796.3&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmRxTGtxSnhzczhUdEc4U2lZSmpZcklibDJlY3FRYXFsTEZqNE94bnQ4S1E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MmRxTGtxSnhzczhUdEc4U2lZSmpZcklibDJlY3FRYXFsTEZqNE94bnQ4S1E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEO06BTl1-5qINw6u3RiVv0k&google_cver=1

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request page.php Show response
pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/ 4 KB
5 KB 504ms
129ms Document
text/html 162.214.119.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.214.119.187 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-219173.pruebascentralinvirzo.com

Software

Apache /

Resource Hash

3ae86d788a7781c2fc29f96412178d2833578baa11e3b3bff988d8442d28d5bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 May 2023 02:04:25 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 19ms
12ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 603
age: 15288780
cdn-cachedat: 09/27/2021 14:18:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0f1310bf9ea8d4961a2ada07a2669960
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7cd27283bb6be3af-NRT
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 45ms
2ms Script
text/javascript 2404:6800:4004:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 06:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 May 2024 06:35:44 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 18ms
11ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 603, 617, 617, 617, 617
age: 1156992
cdn-cachedat: 2021-06-08 11:00:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 68ed376e32c5cd61208c3e2716560319
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7cd27283bb6ce3af-NRT
cdn-requestpullsuccess: True

GET
H/1.1 200
OK form.js Show response
pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/includes/js/ 3 KB
4 KB 122ms
122ms Script
application/javascript 162.214.119.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/includes/js/form.js

Requested by

Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.214.119.187 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-219173.pruebascentralinvirzo.com

Software

Apache /

Resource Hash

7b3370dacb6abbca6fef5e005a155bfd4121467a84007fe2fec23df37cd13564

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 02:04:25 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 21 Feb 2018 05:46:50 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3147
X-Xss-Protection: 1; mode=block

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.6/js/ 657 KB
237 KB 33ms
27ms Script
application/javascript 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.6/js/all.js
Requested by: Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:04:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: MVHM7P0MV8ANWS0K
age: 2484965
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 2j97VRWXN/RglzI0QN6prGhgd6EiXRP/YPzAtrvDIIKicbS44QRiAszI2STJsk2y5vMJzlwlQjE=
last-modified: Wed, 30 Jun 2021 15:27:50 GMT
server: cloudflare
etag: W/"44f077b456f3decb0d1b00769927c002"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkolMEHbG0ab8TenJeH2WpPU7ViqaL9DgY00Ufa4MNlHDyuxWRkn8%2F29FYIbN2SqINxiouqpS5Vnqj07zLN5%2Fpoz17S7rsSC5gXouVZwLVk41Sr2GzV8TDiYxrjRf87p3Z%2BMebxPb0qSrF%2B3dksJY7BM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 7cd27283b972f6b5-NRT

GET
H/1.1 200
OK logo.png
pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/includes/img/ 11 KB
11 KB 346ms
117ms Image
image/png 162.214.119.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/includes/img/logo.png

Requested by

Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.214.119.187 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-219173.pruebascentralinvirzo.com

Software

Apache /

Resource Hash

5c05d002230b0f4799e37cc907dfa5e10d737808f5fc7da57c44878eea443226

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 02:04:25 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 21 May 2018 20:48:22 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10960
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK loading.gif
pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/includes/img/ 12 KB
13 KB 385ms
130ms Image
image/gif 162.214.119.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/includes/img/loading.gif

Requested by

Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.214.119.187 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-219173.pruebascentralinvirzo.com

Software

Apache /

Resource Hash

8191e57a7677ccf16deb6ebc3647f80affccdf1cc8ebc5f8e5e432d6007f1792

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 02:04:25 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 14 Feb 2018 21:58:22 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12555
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK iframe.php Show response
pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/ Frame BAB7 244 B
667 B 260ms
139ms Document
text/html 162.214.119.187
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/iframe.php

Requested by

Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.214.119.187 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

vps-219173.pruebascentralinvirzo.com

Software

Apache /

Resource Hash

7716798279a37367a1c1b98b9cb340e822b714aa3d41887829b19f317cc9b00b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 May 2023 02:04:25 GMT
Keep-Alive: timeout=5, max=98
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block

GET
H2 200 s.js Show response
waust.at/ Frame BAB7 8 KB
4 KB 34ms
14ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/iframe.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:04:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2616
etag: W/"63c04115-2170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxutEYBFOk6xygms3EyFDx%2BoKfvNBkJtbhTxUFebt%2Fz8J9Gxf1YoubMwwx7P1GwFU%2BFvOkRlz2KnqLGjDNvGcIEC047C2x4%2Fq3Khh%2FvKpd5g1gvt4wCuRKC0P7YklvZyNGA%2FZnTq"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7cd272857d188a6f-NRT
expires: Sat, 27 May 2023 01:20:49 GMT

GET
H2 500 /
t.dtscout.com/i/ Frame BAB7 0
0 378ms
354ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpruebascentralinvirzo.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fnetflix%2Fiframe.php&j=https%3A%2F%2Fpruebascentralinvirzo.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fnetflix%2Fpage.php%3Fresource_url%3Dhttps
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:04:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zM8V8sjj008AhGg11JPR7z6xiQtuQhXUDtFJSsyrJcNX%2F7kUa2KCUIBaeytx%2FhPbTL4IJS8hxkP%2BR0vG5p8Iui1kuxoSP7aV56n8qfHfCJZIBXvWH1NUaMEbWrzbCbRWhIzT8AWsX8ltx7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-s: mtl1
cf-ray: 7cd27285c9671f33-NRT

GET
H2 200 / Show response
whos.amung.us/pingjs/ Frame BAB7 28 B
182 B 263ms
242ms Script
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=eywg3mp7fu&t=Ip%3A%20146.70.201.176%20-%20146.70.201.176%20%5BNetflxx-1%5D&c=s&x=https%3A%2F%2Fpruebascentralinvirzo.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fnetflix%2Fiframe.php&y=https%3A%2F%2Fpruebascentralinvirzo.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fnetflix%2Fpage.php%3Fresource_url%3Dhttps&a=0&d=0.275&v=27&r=7874
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b57ee62287ec5cb6756eade52389d8faf85cf614e37f956f147af3aac518382d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:04:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cd27285c97af68d-NRT
content-type: text/javascript;charset=UTF-8

GET
H2 200 tc.js Show response
cdn.tynt.com/ Frame BAB7 18 KB
7 KB 25ms
8ms Script
application/javascript 104.18.36.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:04:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 15:48:17 GMT
server: cloudflare
age: 36928
etag: W/"64109741-4750"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7cd272876dd38a6c-NRT
expires: Mon, 29 May 2023 02:04:26 GMT

GET
DATA 200
OK truncated
/ Frame BAB7 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 398ms
129ms Image
image/gif 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!eywg3mp7fu&lm=5&ts=1685066666215&dn=TC&iso=0&pu=https%3A%2F%2Fpruebascentralinvirzo.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fnetflix%2Fpage.php%3Fresource_url%3Dhttps&t=Netflix%20-%20My%20Account&chmob=0
Requested by: Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:04:26 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 815 B
2 KB 393ms
130ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!eywg3mp7fu&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fpruebascentralinvirzo.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fnetflix%2Fpage.php%3Fresource_url%3Dhttps
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: e3ba02c6cb8adbc5cd528c68a1b6f15259ec83a91dff31d1b6acdbcca73208b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Fri, 26 May 2023 02:04:25 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 815
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame 6907 343 B
459 B 14ms
7ms Document
text/html 172.64.152.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!eywg3mp7fu&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Fpruebascentralinvirzo.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fnetflix%2Fpage.php%3Fresource_url%3Dhttps
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 179776
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 7cd2728bebe5263e-NRT
content-encoding: gzip
content-type: text/html
date: Fri, 26 May 2023 02:04:26 GMT
etag: W/"64109741-157"
expires: Mon, 29 May 2023 02:04:26 GMT
last-modified: Tue, 14 Mar 2023 15:48:17 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=DdDiN2RwE6pHDyI%2FdqLJCA%3D%3D&us_privacy=&33random=1685066666796.1&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=DdDiN2RwE6pHDyI%2FdqLJCA%3D%3D&us_privacy=&33random=1685066666796.1&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mkw0QXFLVDdueDczaVlTYzZDZnpYeGZnelYza1Nicktkcm1MUE5UZE5Cb00&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mkw0QXFLVDdueDczaVlTYzZDZnpYeGZnelYza1Nicktkcm1MUE5UZE5Cb00&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESED6vaarOvN0SaFp6332ypAo&google_cver=1

70 B
440 B

7ms
7ms

Image
image/gif

18.176.247.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESED6vaarOvN0SaFp6332ypAo&google_cver=1
Requested by: Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
Protocol: HTTP/1.1
Server: 18.176.247.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-247-126.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 26 May 2023 02:04:27 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 02:04:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESED6vaarOvN0SaFp6332ypAo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 419
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=DdDiN2RwE6pHDyI%2FdqLJCA%3D%3D&us_privacy=&33random=1685066666796.3&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=DdDiN2RwE6pHDyI%2FdqLJCA%3D%3D&us_privacy=&33random=1685066666796.3&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmRxTGtxSnhzczhUdEc4U2lZSmpZcklibDJlY3FRYXFsTEZqNE94bnQ4S1E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MmRxTGtxSnhzczhUdEc4U2lZSmpZcklibDJlY3FRYXFsTEZqNE94bnQ4S1E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEO06BTl1-5qINw6u3RiVv0k&google_cver=1

70 B
440 B

8ms
8ms

Image
image/gif

18.176.247.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEO06BTl1-5qINw6u3RiVv0k&google_cver=1
Requested by: Host: pruebascentralinvirzo.com
URL: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
Protocol: HTTP/1.1
Server: 18.176.247.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-247-126.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pruebascentralinvirzo.com/wordpress/wp-content/themes/twentytwentythree/netflix/page.php?resource_url=https
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 26 May 2023 02:04:27 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 02:04:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEO06BTl1-5qINw6u3RiVv0k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 419
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame 6907 38 KB
12 KB 8ms
2ms Script
text/javascript 99.84.140.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.140.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-9.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c36b267e342d19baff1de9a351733ececad5674876ed983144b1599a794e1584

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 21:17:00 GMT
content-encoding: gzip
via: 1.1 9f78e7804f23090eee2a2126385f5d96.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:07:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C3
age: 17247
etag: W/"af2c67c9a4173630eff57c282be91151"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: KtX-F4K9GkQfXgI0s4Lbk19cBB-n72hdVFx5ngkWEkiE0Fc35ExZxg==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 6907 235 B
695 B 241ms
100ms XHR
application/json 54.251.223.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.223.244 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-223-244.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 30411b4f01b8a88ed6c9b112f08263ee7173e77463473bb92bde62eb46f6d938

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 May 2023 02:04:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.42.21.251
access-control-allow-credentials: true
content-length: 235
expires: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pruebascentralinvirzo.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 13207fff04cdfcbf76332d95ff35e368
.tynt.com/	1970-01-20 20:50:02	Name: uid Value: DdDiN2RwE6pHDyI/dqLJCA==
.tynt.com/	1970-01-20 14:14:02	Name: pids Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1685066666796%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1685066666796%7D%5D
.eyeota.net/	1970-01-20 20:51:29	Name: mako_uid Value: 18855ccd37e-40890000010e516b
.eyeota.net/	1970-01-20 12:04:27	Name: SERVERID Value: 21313~DM
.doubleclick.net/	1970-01-20 21:40:26	Name: IDE Value: AHWqTUnWUbP1sH1jEBnvpji0gnID8pZIqa8cctTXb243KkqF6v-XapRib9bnRwVYNZ8
.crwdcntrl.net/	1970-01-20 18:33:14	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 18:33:14	Name: _cc_id Value: b6cb908882de829dbfdc00172153e165

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fpruebascentralinvirzo.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fnetflix%2Fiframe.php&j=https%3A%2F%2Fpruebascentralinvirzo.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fnetflix%2Fpage.php%3Fresource_url%3Dhttps Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bcp.crwdcntrl.net
cdn-tc.33across.com
cdn.tynt.com
cm.g.doubleclick.net
de.tynt.com
ic.tynt.com
maxcdn.bootstrapcdn.com
pruebascentralinvirzo.com
ps.eyeota.net
t.dtscout.com
tags.crwdcntrl.net
use.fontawesome.com
waust.at
whos.amung.us
104.18.36.173
142.250.207.2
162.214.119.187
172.64.152.222
18.176.247.126
2404:6800:4004:80f::200a
2606:4700:10::ac43:88d
2606:4700:20::681a:407
2606:4700:21::8d65:780b
2606:4700::6812:acf
2606:4700:e2::ac40:840f
54.251.223.244
67.202.105.33
67.202.105.34
99.84.140.9
1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
30411b4f01b8a88ed6c9b112f08263ee7173e77463473bb92bde62eb46f6d938
3ae86d788a7781c2fc29f96412178d2833578baa11e3b3bff988d8442d28d5bd
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5c05d002230b0f4799e37cc907dfa5e10d737808f5fc7da57c44878eea443226
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
7716798279a37367a1c1b98b9cb340e822b714aa3d41887829b19f317cc9b00b
7b3370dacb6abbca6fef5e005a155bfd4121467a84007fe2fec23df37cd13564
8191e57a7677ccf16deb6ebc3647f80affccdf1cc8ebc5f8e5e432d6007f1792
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278
b57ee62287ec5cb6756eade52389d8faf85cf614e37f956f147af3aac518382d
c36b267e342d19baff1de9a351733ececad5674876ed983144b1599a794e1584
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3ba02c6cb8adbc5cd528c68a1b6f15259ec83a91dff31d1b6acdbcca73208b5
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

pruebascentralinvirzo.com Open in urlscan Pro 162.214.119.187 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

90 %HTTPS

40 %IPv6

12 Domains

15 Subdomains

15 IPs

5 Countries

357 kBTransfer

990 kBSize

8 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

8 Cookies

1 Console Messages

Security Headers

Indicators

pruebascentralinvirzo.com Open in urlscan Pro
162.214.119.187 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

90 %
HTTPS

40 %
IPv6

12
Domains

15
Subdomains

15
IPs

5
Countries

357 kB
Transfer

990 kB
Size

8
Cookies

20 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!