netfilx.xyz - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3034::681c:1eec, located in United States and belongs to CLOUDFLARENET, US. The main domain is netfilx.xyz.

This is the only time netfilx.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3034::681c:1eec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	220.242.139.165 220.242.139.165	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1	119.23.165.163 119.23.165.163	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
7	4

3 2606:4700:3034::681c:1eec (United States)

ASN13335 (CLOUDFLARENET, US)

netfilx.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 220.242.139.165 (Netherlands)

ASN54994 (QUANTILNETWORKS, US)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.23.165.163 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.zcb98.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	51.la js.users.51.la ia.51.la	4 KB
3	netfilx.xyz netfilx.xyz	3 KB
1	zcb98.com www.zcb98.com
7	3

	Domain	Requested by
3	netfilx.xyz	netfilx.xyz
2	ia.51.la	netfilx.xyz
1	www.zcb98.com	netfilx.xyz
1	js.users.51.la	netfilx.xyz
7	4

This site contains links to these domains. Also see Links.

Domain
www.51.la

Subject Issuer	Validity	Valid
*.users.51.la GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-15` - `2021-03-19`	3 years	crt.sh
zcb98.com Encryption Everywhere DV TLS CA - G1	`2019-03-29` - `2020-03-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://netfilx.xyz/
Frame ID: 62659B959A29A0C29D188E3647AACF7A
Requests: 4 HTTP requests in this frame

Frame: https://www.zcb98.com/bts/eyJwIjoiaHQwMTEiLCJjIjoiNjAwMDQ0IiwibSI6IndhcCJ9.jsp
Frame ID: B587BC9706DA4ECE47FCFB1BCF327BE0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

7
Requests

29 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

7 kB
Transfer

10 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.51.la/?20508603

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response netfilx.xyz/	2 KB 2 KB	599ms 572ms	Document text/html	2606:4700:3034::681c:1eec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://netfilx.xyz/ Protocol HTTP/1.1 Server 2606:4700:3034::681c:1eec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `58e77625cfb7120a5041b070293a24203efc8d45c921e9b3ff17b97f2160db89` Request headers Host netfilx.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 01 Mar 2020 19:13:03 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d88b90ce3a936b5409a6128552506f5481583089982; expires=Tue, 31-Mar-20 19:13:02 GMT; path=/; domain=.netfilx.xyz; HttpOnly; SameSite=Lax Last-Modified Thu, 26 Dec 2019 12:53:48 GMT Vary Accept-Encoding CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 56d53166ea53d6cd-FRA Content-Encoding gzip
GET H/1.1	200 OK	20508603.js Show response js.users.51.la/	5 KB 3 KB	573ms 533ms	Script application/javascript	220.242.139.165 QUANTILNETWORKS
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/20508603.js Requested by Host: netfilx.xyz URL: http://netfilx.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 220.242.139.165 , Netherlands, ASN54994 (QUANTILNETWORKS, US), Reverse DNS Software nginx/1.14.0 / Resource Hash `574c73b8f89ccd6a44988f6f99472c25409e7be2ede36e650d76f09485379a10` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-id 20508603 Date Sun, 01 Mar 2020 19:13:03 GMT Content-Encoding gzip Transfer-Encoding chunked X-Via 1.1 PSxgHKG8rt113:9 (Cdn Cache Server V2.0)[28 200 2], 1.1 ld84:6 (Cdn Cache Server V2.0)[430 200 2], 1.1 PShlamstdAMS1uw80:5 (Cdn Cache Server V2.0)[516 200 2] Content-Disposition inline;filename=f.txt Connection keep-alive Request-Id 000001709784200B9414C15FFC18CF78 x-reserved amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAc5wRO8JO38cr8GoykYveF0LIgDODA Last-Modified Wed Nov 27 23:15:47 CST 2019 Server nginx/1.14.0 ETag "173d73646b8f080c4072665fc2d0fb2e" Vary Accept-Encoding Content-Type application/javascript;charset=UTF-8 version-id G001116EAD6EC0CBFFFF905321250B3C
GET H/1.1	200	go1 ia.51.la/	0 255 B	618ms 601ms	Image application/octet-stream	183.131.207.66 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Show image Full URL http://ia.51.la/go1?id=20508603&pvFlag=1 Requested by Host: netfilx.xyz URL: http://netfilx.xyz/ Protocol HTTP/1.1 Server 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software CloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 01 Mar 2020 19:13:03 GMT Server CloudWAF Connection keep-alive Content-Length 0 Content-Type application/octet-stream
GET H/1.1	200 OK	auto.html Show response netfilx.xyz/ Frame B587	1 KB 1004 B	549ms 548ms	Document text/html	2606:4700:3034::681c:1eec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://netfilx.xyz/auto.html Requested by Host: netfilx.xyz URL: http://netfilx.xyz/ Protocol HTTP/1.1 Server 2606:4700:3034::681c:1eec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a5bd16bf842364808dd001609550ab936ee8f19547628848f940d77607f4b753` Request headers Host netfilx.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Cookie __cfduid=d88b90ce3a936b5409a6128552506f5481583089982 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 01 Mar 2020 19:13:03 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Last-Modified Mon, 01 Apr 2019 14:55:34 GMT Vary Accept-Encoding CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 56d5316a9f12d6cd-FRA Content-Encoding gzip
GET H/1.1	200 OK	h5.html Show response netfilx.xyz/ Frame B587	1 KB 740 B	546ms 546ms	Document text/html	2606:4700:3034::681c:1eec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://netfilx.xyz/h5.html Requested by Host: netfilx.xyz URL: http://netfilx.xyz/auto.html Protocol HTTP/1.1 Server 2606:4700:3034::681c:1eec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fd2f78193ed0d73b8049a1ad1d6781c477a3c91e8c643ae41b691089da14a915` Request headers Host netfilx.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://netfilx.xyz/auto.html Accept-Encoding gzip, deflate Accept-Language en-US Cookie __cfduid=d88b90ce3a936b5409a6128552506f5481583089982 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://netfilx.xyz/auto.html Response headers Date Sun, 01 Mar 2020 19:13:04 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Last-Modified Mon, 10 Jun 2019 16:01:38 GMT Vary Accept-Encoding CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 56d5316e0a3ed6cd-FRA Content-Encoding gzip
GET H/1.1	200	go1 ia.51.la/	0 255 B	661ms 641ms	Image application/octet-stream	183.131.207.66 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Show image Full URL http://ia.51.la/go1?id=20508603&rt=1583089983701&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1583089983701&tt=&kw=&cu=http%253A%252F%252Fnetfilx.xyz%252F%25231583089983141&pu= Requested by* Host: netfilx.xyz URL: http://netfilx.xyz/ Protocol HTTP/1.1 Server 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software CloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 01 Mar 2020 19:13:04 GMT Server CloudWAF Connection keep-alive Content-Length 0 Content-Type application/octet-stream
GET H2	200	eyJwIjoiaHQwMTEiLCJjIjoiNjAwMDQ0IiwibSI6IndhcCJ9.jsp www.zcb98.com/bts/ Frame B587	0 0	7440ms 880ms	Document text/html	119.23.165.163 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://www.zcb98.com/bts/eyJwIjoiaHQwMTEiLCJjIjoiNjAwMDQ0IiwibSI6IndhcCJ9.jsp Requested by Host: netfilx.xyz URL: http://netfilx.xyz/h5.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 119.23.165.163 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Tengine / PHP/5.6.38 Resource Hash Request headers :method GET :authority www.zcb98.com :scheme https :path /bts/eyJwIjoiaHQwMTEiLCJjIjoiNjAwMDQ0IiwibSI6IndhcCJ9.jsp pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer http://netfilx.xyz/h5.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer http://netfilx.xyz/h5.html Response headers status 200 server Tengine date Sun, 01 Mar 2020 19:13:11 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding Accept-Encoding x-powered-by PHP/5.6.38 expires Mon, 02 Mar 2020 07:13:11 GMT cache-control max-age=43200 x-cache MISS content-encoding gzip

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
js.users.51.la
netfilx.xyz
www.zcb98.com
119.23.165.163
183.131.207.66
220.242.139.165
2606:4700:3034::681c:1eec
574c73b8f89ccd6a44988f6f99472c25409e7be2ede36e650d76f09485379a10
58e77625cfb7120a5041b070293a24203efc8d45c921e9b3ff17b97f2160db89
a5bd16bf842364808dd001609550ab936ee8f19547628848f940d77607f4b753
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd2f78193ed0d73b8049a1ad1d6781c477a3c91e8c643ae41b691089da14a915

netfilx.xyz Open in urlscan Pro 2606:4700:3034::681c:1eec Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

29 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

7 kBTransfer

10 kBSize

0 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

netfilx.xyz Open in urlscan Pro
2606:4700:3034::681c:1eec Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

29 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

7 kB
Transfer

10 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions