btc.netflex.ovh Open in urlscan Pro
176.133.76.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://btc.netflex.ovh/
Effective URL:
http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F
Submission Tags: @phishunt_io
Submission: On August 27 via api (August 27th 2023, 8:25:25 pm UTC) from DE — Scanned from FR

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 176.133.76.105, located in Cysoing, France and belongs to BOUYGTEL-ISP, FR. The main domain is btc.netflex.ovh.

This is the only time btc.netflex.ovh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	176.133.76.105 176.133.76.105	5410 (BOUYGTEL-ISP) (BOUYGTEL-ISP)
1	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
8	2

8 176.133.76.105 (Cysoing, France) 1 redirects

ASN5410 (BOUYGTEL-ISP, FR)
PTR: 176-133-76-105.abo.bbox.fr

btc.netflex.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

getumbrel.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	netflex.ovh 1 redirects btc.netflex.ovh	2 MB
1	github.io getumbrel.github.io	196 KB
8	2

	Domain	Requested by
8	btc.netflex.ovh	1 redirects btc.netflex.ovh
1	getumbrel.github.io
8	2

This site contains no links.

Subject Issuer	Validity	Valid
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F
Frame ID: 98173D55DD3D6E00FE7830747B7AA1A5
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Umbrel

Page URL History Show full URLs

https://btc.netflex.ovh/ HTTP 302
http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

8
Requests

13 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2254 kB
Transfer

2315 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://btc.netflex.ovh/ HTTP 302
http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
btc.netflex.ovh/
Redirect Chain

https://btc.netflex.ovh/
http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F

899 B
1 KB

1275ms
941ms

Document
text/html

176.133.76.105
BOUYGTEL-ISP

General

Check archive.org

Show headers Download Go to

Full URL: http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F
Protocol: HTTP/1.1
Server: 176.133.76.105 Cysoing, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS: 176-133-76-105.abo.bbox.fr
Software: /
Resource Hash: 932404e54e5433c35d5e90db14b71dcade220a75a4761608f69e177b50efbbbb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 899
Content-Type: text/html; charset=UTF-8
Date: Sun, 27 Aug 2023 20:25:17 GMT
ETag: W/"383-181fc3045d8"
Keep-Alive: timeout=5
Last-Modified: Thu, 14 Jul 2022 10:10:31 GMT

Redirect headers

content-length: 182
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 20:25:16 GMT
location: http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F
server: nginx
vary: Accept

GET
H/1.1 200
OK app.65f6aa45.css
btc.netflex.ovh/css/ 293 KB
293 KB 1001ms
1000ms Stylesheet
text/css 176.133.76.105
BOUYGTEL-ISP

General

Check archive.org

Show headers Download Go to

Full URL: http://btc.netflex.ovh:2000/css/app.65f6aa45.css
Requested by: Host: btc.netflex.ovh
URL: http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F
Protocol: HTTP/1.1
Server: 176.133.76.105 Cysoing, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS: 176-133-76-105.abo.bbox.fr
Software: /
Resource Hash: e2b6071a5de091b100773e82a40da2ee709ae1d83a9d0681cd54ef94d3f07c91

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 20:25:18 GMT
Last-Modified: Thu, 14 Jul 2022 10:10:31 GMT
ETag: W/"493fc-181fc3045d8"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 300028

GET
H/1.1 200
OK app.ab94624e.js Show response
btc.netflex.ovh/js/ 29 KB
29 KB 999ms
999ms Script
application/javascript 176.133.76.105
BOUYGTEL-ISP

General

Check archive.org

Show headers Download Go to

Full URL: http://btc.netflex.ovh:2000/js/app.ab94624e.js
Requested by: Host: btc.netflex.ovh
URL: http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F
Protocol: HTTP/1.1
Server: 176.133.76.105 Cysoing, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS: 176-133-76-105.abo.bbox.fr
Software: /
Resource Hash: 85fd1716fca1b01f99c800b1902bf071c469973c6c4298db76f13e6206776b50

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 20:25:18 GMT
Last-Modified: Thu, 14 Jul 2022 10:10:31 GMT
ETag: W/"740a-181fc3045d8"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 29706

GET
H/1.1 200
OK chunk-vendors.5ff0ba32.js Show response
btc.netflex.ovh/js/ 1 MB
1 MB 1142ms
812ms Script
application/javascript 176.133.76.105
BOUYGTEL-ISP

General

Check archive.org

Show headers Download Go to

Full URL: http://btc.netflex.ovh:2000/js/chunk-vendors.5ff0ba32.js
Requested by: Host: btc.netflex.ovh
URL: http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F
Protocol: HTTP/1.1
Server: 176.133.76.105 Cysoing, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS: 176-133-76-105.abo.bbox.fr
Software: /
Resource Hash: 5a1370056bac781bc3bcb4919a6aba41078bb4e128d096284086e27ea94eedfe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 20:25:18 GMT
Last-Modified: Thu, 14 Jul 2022 10:10:31 GMT
ETag: W/"150555-181fc3045d8"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1377621

GET
H/1.1 200
OK wallpaper Show response
btc.netflex.ovh/v1/account/ 0
163 B 155ms
154ms XHR
text/plain 176.133.76.105
BOUYGTEL-ISP

General

Check archive.org

Show headers Download Go to

Full URL: http://btc.netflex.ovh:2000/v1/account/wallpaper
Requested by: Host: btc.netflex.ovh
URL: http://btc.netflex.ovh:2000/js/chunk-vendors.5ff0ba32.js
Protocol: HTTP/1.1
Server: 176.133.76.105 Cysoing, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS: 176-133-76-105.abo.bbox.fr
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 20:25:19 GMT
Connection: keep-alive
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Content-Length: 0
Keep-Alive: timeout=5

GET
H/1.1 200
OK apps Show response
btc.netflex.ovh/v1/ 38 B
250 B 153ms
153ms XHR
application/json 176.133.76.105
BOUYGTEL-ISP

General

Check archive.org

Show headers Download Go to

Full URL: http://btc.netflex.ovh:2000/v1/apps?origin=host&app=bitcoin&path=%2F
Requested by: Host: btc.netflex.ovh
URL: http://btc.netflex.ovh:2000/js/chunk-vendors.5ff0ba32.js
Protocol: HTTP/1.1
Server: 176.133.76.105 Cysoing, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS: 176-133-76-105.abo.bbox.fr
Software: /
Resource Hash: d673382e92f2aa9be31391c13a00d754d075147270a670bad1afa306c2d9e163

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 20:25:19 GMT
Connection: keep-alive
ETag: W/"26-BCVXMjHjNt2e/rv9njqFGAGnL4c"
Content-Length: 38
Keep-Alive: timeout=5
Content-Type: application/json; charset=utf-8

GET
H2 200 icon.svg
getumbrel.github.io/umbrel-apps-gallery/bitcoin/ 259 KB
196 KB 74ms
20ms Image
image/svg+xml 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getumbrel.github.io/umbrel-apps-gallery/bitcoin/icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

06229da982bc61ff8a245defc2b33f9d3f0d832b0e1ffe6fe4e4b3a4f94d39b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-fastly-request-id: a6fc9e7bc964e609bc78884675b33afd519a62fa
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Aug 2023 20:25:19 GMT
age: 233
x-cache: HIT
x-cache-hits: 1
x-proxy-cache: MISS
content-length: 200172
x-served-by: cache-lcy-eglc8600056-LCY
last-modified: Wed, 16 Aug 2023 21:19:16 GMT
server: GitHub.com
x-github-request-id: 9D48:131A:3DDF11:3F58CA:64EBA6E4
x-timer: S1693167920.552962,VS0,VE2
etag: W/"64dd3d54-40b59"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Sun, 27 Aug 2023 19:51:24 GMT

GET
H/1.1 200
OK 1.jpg
btc.netflex.ovh/wallpapers/ 388 KB
388 KB 58ms
58ms Image
image/jpeg 176.133.76.105
BOUYGTEL-ISP

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://btc.netflex.ovh:2000/wallpapers/1.jpg
Protocol: HTTP/1.1
Server: 176.133.76.105 Cysoing, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS: 176-133-76-105.abo.bbox.fr
Software: /
Resource Hash: a981e4807e9a5ddf582ed6f54251a29ec1e963308252693b368e10e42e67bebb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://btc.netflex.ovh:2000/?origin=host&app=bitcoin&path=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 20:25:19 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

btc.netflex.ovh
getumbrel.github.io
176.133.76.105
2606:50c0:8003::153
06229da982bc61ff8a245defc2b33f9d3f0d832b0e1ffe6fe4e4b3a4f94d39b4
5a1370056bac781bc3bcb4919a6aba41078bb4e128d096284086e27ea94eedfe
85fd1716fca1b01f99c800b1902bf071c469973c6c4298db76f13e6206776b50
932404e54e5433c35d5e90db14b71dcade220a75a4761608f69e177b50efbbbb
a981e4807e9a5ddf582ed6f54251a29ec1e963308252693b368e10e42e67bebb
d673382e92f2aa9be31391c13a00d754d075147270a670bad1afa306c2d9e163
e2b6071a5de091b100773e82a40da2ee709ae1d83a9d0681cd54ef94d3f07c91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

btc.netflex.ovh Open in urlscan Pro 176.133.76.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

13 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

2254 kBTransfer

2315 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

btc.netflex.ovh Open in urlscan Pro
176.133.76.105 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

13 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2254 kB
Transfer

2315 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions