urlscan.io logo urlscan.io
SecurityTrails logo

additive-conseil.fr Open in urlscan Pro
2001:bc8:4::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://objectstorage.us-ashburn-1.oraclecloud.com/p/nyYeDcUqQbMp61adSmP7k0ALWJXt7DNnOQ4A6TXr1MNAYKz_codvwsmMZOOuyrNc/n/idiodagmlroe/b/b4d1a1e7-d03...
Effective URL: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Submission: On June 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2001:bc8:4::3, located in France and belongs to Online SAS, FR. The main domain is additive-conseil.fr.
This is the only time additive-conseil.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
1 134.70.24.1 31898 (ORACLE-BM...)
2 3 2001:bc8:4::3 12876 (Online SAS)
7 2a00:86c0:209... 40027 (NETFLIX-ASN)
1 62.210.16.62 12876 (Online SAS)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
19 7
1    134.70.24.1 (United States)

ASN31898 (ORACLE-BMC-31898, US)
objectstorage.us-ashburn-1.oraclecloud.com
3    2001:bc8:4::3 (France)

ASN12876 (Online SAS, FR)
additive-conseil.fr
7    2a00:86c0:2091::1 (United States)

ASN40027 (NETFLIX-ASN, US)
codex.nflxext.com
assets.nflxext.com
1    62.210.16.62 (France)

ASN12876 (Online SAS, FR)
PTR: pf-lb-2.online.net
www.additive-conseil.fr
6    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Domain Requested by
6 cdn.cookielaw.org additive-conseil.fr
cdn.cookielaw.org
4 codex.nflxext.com additive-conseil.fr
3 assets.nflxext.com additive-conseil.fr
codex.nflxext.com
3 additive-conseil.fr 2 redirects additive-conseil.fr
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.additive-conseil.fr additive-conseil.fr
1 objectstorage.us-ashburn-1.oraclecloud.com
19 7

This site contains links to these domains. Also see Links.

Domain
policies.google.com
help.netflix.com
optout.aboutads.info
onetrust.com
Subject Issuer Validity Valid
objectstorage.us-ashburn-1.oraclecloud.com
DigiCert SHA2 Secure Server CA		 2020-04-23 -
2021-06-22		 a year crt.sh
*.1.nflxso.net
DigiCert SHA2 Secure Server CA		 2021-05-15 -
2021-06-15		 a month crt.sh
additive-conseil.fr
R3		 2021-04-20 -
2021-07-19		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh

This page contains 1 frames:

Primary Page: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Frame ID: EC5DCEF479F04377BA2E865B56DCFAD4
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://objectstorage.us-ashburn-1.oraclecloud.com/p/nyYeDcUqQbMp61adSmP7k0ALWJXt7DNnOQ4A6TXr1MNAYKz_codvwsmMZOOuyrNc/n/idiodag... Page URL
  2. http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php Page URL

Page Statistics

19
Requests

84 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

841 kB
Transfer

2106 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://objectstorage.us-ashburn-1.oraclecloud.com/p/nyYeDcUqQbMp61adSmP7k0ALWJXt7DNnOQ4A6TXr1MNAYKz_codvwsmMZOOuyrNc/n/idiodagmlroe/b/b4d1a1e7-d03e-4035-b910-b8d6d09900deb4d1a1e7-d03e-4035-b910-b8d6d09900deb4d1a1e7-d03e-4035-b910-b8d6d09900de/o/b4d1a1e7-d03e-4035-b910-b8d6d09900deb4d1a1e7-d03e-4035-b910-b8d6d09900de/000000000000000000000000000000000000000000 Page URL
  2. http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login HTTP 301
  • https://additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login HTTP 301
  • https://www.additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
Request Chain 9
  • http://additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login HTTP 301
  • https://additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
Request Chain 10
  • http://additive-conseil.fr/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1 HTTP 301
  • https://additive-conseil.fr/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
000000000000000000000000000000000000000000
objectstorage.us-ashburn-1.oraclecloud.com/p/nyYeDcUqQbMp61adSmP7k0ALWJXt7DNnOQ4A6TXr1MNAYKz_codvwsmMZOOuyrNc/n/idiodagmlroe/b/b4d1a1e7-d03e-4035-b910-b8d6d09900deb4d1a1e7-d03e-4035-b910-b8d6d09900... 		201 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://objectstorage.us-ashburn-1.oraclecloud.com/p/nyYeDcUqQbMp61adSmP7k0ALWJXt7DNnOQ4A6TXr1MNAYKz_codvwsmMZOOuyrNc/n/idiodagmlroe/b/b4d1a1e7-d03e-4035-b910-b8d6d09900deb4d1a1e7-d03e-4035-b910-b8d6d09900deb4d1a1e7-d03e-4035-b910-b8d6d09900de/o/b4d1a1e7-d03e-4035-b910-b8d6d09900deb4d1a1e7-d03e-4035-b910-b8d6d09900de/000000000000000000000000000000000000000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.70.24.1 , United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
a3e58f09a57da5c716b830397396ccdbd247ee7e9688ebe997cfc6893a3e8c9e

Request headers

Host
objectstorage.us-ashburn-1.oraclecloud.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
Content-Length
201
content-md5
RGIFfy1FJRfR6amY+78+1A==
last-modified
Fri, 28 May 2021 07:50:57 GMT
etag
9f800dfe-e802-4395-a454-b048682075b4
version-id
c94a7544-1b7d-45b5-9303-c1d0ae6f2c6c
storage-tier
Standard
Content-Type
text/html
date
Tue, 01 Jun 2021 16:30:57 GMT
opc-request-id
iad-1:jNJJXuWOwpAhhPbT94EqGcngLOjr1QdxlSV5ntgSP7dGipSK6oahFadYmz1uAz2o
x-api-id
native
access-control-allow-origin
*
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
access-control-allow-credentials
true
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Primary Request login.php
additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/ 		199 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Protocol
HTTP/1.1
Server
2001:bc8:4::3 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx / PHP/7.3.16
Resource Hash
6cf1725c6bf472e8a1e23e8fb8c30a77c9d16acaba39656c378559e2a28ccbd9

Request headers

Host
additive-conseil.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Tue, 01 Jun 2021 16:30:57 GMT
Content-Type
text/html; charset-UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.16
Vary
Accept-Encoding
Content-Encoding
gzip
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v9ea20e9d/js/js/bootstrap.js,common%7Cbootstrap.js/2/0b2H3i022V2M2X052I303h070m003j2_3d2S322Y3c2O31340a013e0O/bck/true/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v9ea20e9d/js/js/bootstrap.js,common%7Cbootstrap.js/2/0b2H3i022V2M2X052I303h070m003j2_3d2S322Y3c2O31340a013e0O/bck/true/none
Requested by
Host: additive-conseil.fr
URL: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9b78b8b5f9f92d78da5310000708c14ac0c3e27cc5d1450d1a8ed963c289474a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 16:30:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16070400
req_id
d41c47b6-00f2-4d10-9d8c-ab6667b11bbd
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Content-Length
3643
Expires
Fri, 03 Dec 2021 20:29:12 GMT
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v9ea20e9d/js/js/components%7Clogin%7CloginControllerClient.js/2/0b2H3i022V2M2X052I303h070m003j2_3d2S322Y3c2O31340a013e0O/l/true/ 		896 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v9ea20e9d/js/js/components%7Clogin%7CloginControllerClient.js/2/0b2H3i022V2M2X052I303h070m003j2_3d2S322Y3c2O31340a013e0O/l/true/none
Requested by
Host: additive-conseil.fr
URL: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0c217819352260f17503b87d07a592584409bb14b7f9817cb501cff48bb0cafb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 16:30:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16070400
req_id
8660a498-f534-4b1b-8af8-72a80bb42cb5
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Content-Length
278310
Expires
Fri, 03 Dec 2021 20:28:59 GMT
WebsiteDetect
www.additive-conseil.fr/personalization/cl2/freeform/
Redirect Chain
  • http://additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
  • https://additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
  • https://www.additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
Requested by
Host: additive-conseil.fr
URL: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.210.16.62 , France, ASN12876 (Online SAS, FR),
Reverse DNS
pf-lb-2.online.net
Software
/
Resource Hash

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date
Tue, 01 Jun 2021 16:30:58 GMT
server
nginx
X-Powered-By
PHP/7.3.16
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://www.additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
X-Redirect-By
WordPress
Expires
Wed, 11 Jan 1984 05:00:00 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: additive-conseil.fr
URL: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://additive-conseil.fr
Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 01 Jun 2021 16:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
H8Znzy3Akix+HhQXpXQuNw==
age
5428
vary
Accept-Encoding
content-length
5809
cf-request-id
0a6a030d40000097de58af8000000001
x-ms-lease-status
unlocked
last-modified
Mon, 31 May 2021 01:45:10 GMT
server
cloudflare
etag
0x8D923D5BA342B8A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3d5459c4-601e-0081-5d92-567ab1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6589d45b9a7a97de-FRA
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9ea20e9d/css/css/less%7Ccore%7Cerror-page.less/1/ayuCwJ4Hsv9BGI/none/true/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9ea20e9d/css/css/less%7Ccore%7Cerror-page.less/1/ayuCwJ4Hsv9BGI/none/true/none
Requested by
Host: additive-conseil.fr
URL: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 16:30:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16070400
req_id
aa9fb4c7-b1e2-4910-8a03-da78ee564697
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Content-Length
2595
Expires
Mon, 29 Nov 2021 17:24:19 GMT
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9ea20e9d/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/ayuCwJ4Hsv9BGI/none/true/ 		132 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9ea20e9d/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/ayuCwJ4Hsv9BGI/none/true/none
Requested by
Host: additive-conseil.fr
URL: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4b27429d411b25e69d402d57928be186a16ece667fd2a68ea3556802a3b6690b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 16:30:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16070400
req_id
3d6d2cf6-5de1-4a12-af19-0318245502df
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Content-Length
21827
Expires
Mon, 29 Nov 2021 17:23:37 GMT
FR-en-20210524-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/8dc3f88b-a96a-4d8a-af9a-a69e6f3b2506/bb7a5118-ab49-46b1-b42f-d254cdebf2ba/ 		323 KB
323 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/ffe/siteui/vlv3/8dc3f88b-a96a-4d8a-af9a-a69e6f3b2506/bb7a5118-ab49-46b1-b42f-d254cdebf2ba/FR-en-20210524-popsignuptwoweeks-perspective_alpha_website_large.jpg
Requested by
Host: additive-conseil.fr
URL: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8fe6aa483e3c9d132bca6cb76b2b8caa4c37757981d7cb3bce26c79035baef35

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 16:30:57 GMT
Last-Modified
Wed, 26 May 2021 14:23:13 GMT
Server
nginx
Content-MD5
LHCA5QgSz/RraYZ+9mpLrQ==
Content-Type
image/jpeg
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
330305
Expires
Wed, 02 Jun 2021 16:19:28 GMT
FB-f-Logo__blue_57.png
assets.nflxext.com/ffe/siteui/login/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/ffe/siteui/login/images/FB-f-Logo__blue_57.png
Requested by
Host: additive-conseil.fr
URL: http://additive-conseil.fr/Netflix.com.au/Support/Account/activation/update/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 16:30:57 GMT
Last-Modified
Thu, 30 Jun 2016 17:48:49 GMT
Server
nginx
Content-MD5
ozykfvEQtuPsUIa4d2QH0w==
Content-Type
image/png
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1455
Expires
Tue, 01 Sep 2020 03:45:12 GMT
WebsiteDetect
additive-conseil.fr/personalization/cl2/freeform/
Redirect Chain
  • http://additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
  • https://additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
0
0
WebsiteScreen
additive-conseil.fr/personalization/cl2/freeform/
Redirect Chain
  • http://additive-conseil.fr/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1
  • https://additive-conseil.fr/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1
0
0
87b6a5c0-0104-4e96-a291-092c11350111.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/87b6a5c0-0104-4e96-a291-092c11350111.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722171182a1f656e8d502dd5ed5708d5315b1b281536777b78242fb408e0ed9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 01 Jun 2021 16:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
9ewFVvLrzQ8zjABYc0Hj7Q==
age
1570
vary
Accept-Encoding
content-length
1558
cf-request-id
0a6a03138e000097de1eb03000000001
x-ms-lease-status
unlocked
last-modified
Wed, 19 May 2021 23:30:43 GMT
server
cloudflare
etag
0x8D91B1E1EF6A6BC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d5a35c2e-801e-00ed-1416-4dd162000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6589d465a95697de-FRA
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9ea20e9d/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/ayuCwJ4Hsv9BGI/none/true/none
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Origin
http://additive-conseil.fr
Referer
https://codex.nflxext.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 16:30:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jan 2018 01:50:51 GMT
Server
nginx
Content-MD5
fPYVbMSBJEtaJUNi17c/AA==
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73566
Expires
Sun, 06 Sep 2020 03:01:35 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		164 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 16:30:59 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6589d468086c05d0-FRA
cf-request-id
0a6a031507000005d0b0a9a000000001
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.6.0/ 		338 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://additive-conseil.fr
Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 01 Jun 2021 16:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
Xs4BplpA7QV+zkRYpo3+wA==
vary
Accept-Encoding
content-length
73082
cf-request-id
0a6a03153b000097de520ff000000001
x-ms-lease-status
unlocked
last-modified
Thu, 10 Sep 2020 01:36:33 GMT
server
cloudflare
etag
0x8D85529F2EBAD26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55d1e78e-801e-002a-5603-57ada3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6589d4683b1797de-FRA
expires
Wed, 09 Jun 2021 16:31:00 GMT
en.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/d8b56389-964b-4a1f-aa83-3a9db8f1b6a4/ 		35 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/d8b56389-964b-4a1f-aa83-3a9db8f1b6a4/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5423ee8c983864788ec228f7d57bd875c11cc5af4a517f13ef3501366111a1c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 01 Jun 2021 16:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YiCnSRyQBuLCH02A7uJEnw==
age
1139
vary
Accept-Encoding
content-length
11099
cf-request-id
0a6a03161a000097de30b78000000001
x-ms-lease-status
unlocked
last-modified
Wed, 19 May 2021 23:30:49 GMT
server
cloudflare
etag
0x8D91B1E22D3DA3A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
37c5818f-c01e-0062-5616-4d9f3e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6589d469cc0c97de-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 01 Jun 2021 16:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
R7qOr1WClmhADOzbz5s+Bw==
vary
Accept-Encoding
content-length
3248
cf-request-id
0a6a03165c000097de36861000000001
x-ms-lease-status
unlocked
last-modified
Thu, 10 Sep 2020 01:36:24 GMT
server
cloudflare
etag
0x8D85529EDFDCA3B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b561c4c9-e01e-0057-3f03-57316b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6589d46a2c4597de-FRA
expires
Wed, 09 Jun 2021 16:31:00 GMT
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 		57 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://additive-conseil.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 01 Jun 2021 16:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
Mg7iJdVoxVGmqw/VwCobbQ==
vary
Accept-Encoding
content-length
14112
cf-request-id
0a6a03165c000097de1b2be000000001
x-ms-lease-status
unlocked
last-modified
Thu, 10 Sep 2020 01:36:26 GMT
server
cloudflare
etag
0x8D85529EEE93F94
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d8f369d0-701e-0119-7603-57b2db000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6589d46a2c4697de-FRA
expires
Wed, 09 Jun 2021 16:31:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
additive-conseil.fr
URL
https://additive-conseil.fr/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
Domain
additive-conseil.fr
URL
https://additive-conseil.fr/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper object| netflix object| Codex object| C object| global object| process object| util function| jQuery function| jsonFeed object| otStubData object| Optanon object| OneTrust

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

additive-conseil.fr
assets.nflxext.com
cdn.cookielaw.org
codex.nflxext.com
geolocation.onetrust.com
objectstorage.us-ashburn-1.oraclecloud.com
www.additive-conseil.fr
additive-conseil.fr
134.70.24.1
2001:bc8:4::3
2606:4700:10::6814:b844
2606:4700::6810:9440
2a00:86c0:2091::1
62.210.16.62
0c217819352260f17503b87d07a592584409bb14b7f9817cb501cff48bb0cafb
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
4b27429d411b25e69d402d57928be186a16ece667fd2a68ea3556802a3b6690b
5423ee8c983864788ec228f7d57bd875c11cc5af4a517f13ef3501366111a1c0
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
6cf1725c6bf472e8a1e23e8fb8c30a77c9d16acaba39656c378559e2a28ccbd9
722171182a1f656e8d502dd5ed5708d5315b1b281536777b78242fb408e0ed9b
8fe6aa483e3c9d132bca6cb76b2b8caa4c37757981d7cb3bce26c79035baef35
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9b78b8b5f9f92d78da5310000708c14ac0c3e27cc5d1450d1a8ed963c289474a
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
a3e58f09a57da5c716b830397396ccdbd247ee7e9688ebe997cfc6893a3e8c9e
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739