Submitted URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987#:~:text=https%3A//-,netguard%2Dkyc.com,-Additio...
Effective URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Submission: On August 14 via manual from AU — Scanned from NZ

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 2606:4700:10::6816:20ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.phishportal.com.
TLS certificate: Issued by E1 on July 24th 2023. Valid for: 3 months.
This is the only time www.phishportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:10:... 13335 (CLOUDFLAR...)
17 1
Apex Domain
Subdomains
Transfer
17 phishportal.com
www.phishportal.com
181 KB
17 1
Domain Requested by
17 www.phishportal.com www.phishportal.com
17 1

This site contains links to these domains. Also see Links.

Domain
www.fraudwatchinternational.com
Subject Issuer Validity Valid
phishportal.com
E1
2023-07-24 -
2023-10-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Frame ID: 317B98FF66F618FACC1E833BC53F2F97
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Login - PhishPortal

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

181 kB
Transfer

718 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request show
www.phishportal.com/admin/fwimp/incidents/
5 KB
2 KB
Document
General
Full URL
https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29fde54d34c5fe3c81bd60c7237d01c161bd66d02bf11c41ed9ad8d520e5259e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f6cad91fa091c5f-AKL
content-encoding
gzip
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 22:36:40 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY
bootstrap.min.css
www.phishportal.com/themes/fwimp/css/
98 KB
17 KB
Stylesheet
General
Full URL
https://www.phishportal.com/themes/fwimp/css/bootstrap.min.css
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03a6e270d3fb8ea163be2933d58a8e1524148b56ed22a3f0e72a2a08d822dae6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
17160
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"1867a-5fbc8a4366a89-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd431c5f-AKL
components.css
www.phishportal.com/themes/fwimp/css/
331 KB
36 KB
Stylesheet
General
Full URL
https://www.phishportal.com/themes/fwimp/css/components.css
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
963c53b0fc57420a962c901fca6dc8365ca335a0d913a2272d05d60c04794173
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
37099
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"52ddc-5fbc8a4366a89-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd471c5f-AKL
darkblue.css
www.phishportal.com/themes/fwimp/css/
41 KB
4 KB
Stylesheet
General
Full URL
https://www.phishportal.com/themes/fwimp/css/darkblue.css
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7bcc43b1b5607f6f74c536aa395f20a3d5d3aaa78217aaa1a935e7ee31aac8c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
4178
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"a4ce-5fbc8a4366a89-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd4a1c5f-AKL
signin.css
www.phishportal.com/themes/fwimp/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.phishportal.com/themes/fwimp/css/signin.css
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c320d6f8017ff96dcb1a3b77a81faae22162ef2722739d73bf4fb01eeca172
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
1148
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"10e0-5fbc8a4366a89-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd4c1c5f-AKL
core.util.js
www.phishportal.com/js/
7 KB
3 KB
Script
General
Full URL
https://www.phishportal.com/js/core.util.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a73ad5ef63447db82a3586363a25e91350f12d7db1770851a2fd0312fa5390
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
2726
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"1de3-5fbc8a42ee8aa-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd4d1c5f-AKL
jquery-3.1.1.min.js
www.phishportal.com/js/
85 KB
29 KB
Script
General
Full URL
https://www.phishportal.com/js/jquery-3.1.1.min.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f2c86bfe7ee21b7909359e9482891dfe0afad7308c0468ce9ecdfcadc20297
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
30086
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"152c0-5fbc8a42ef84a-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd501c5f-AKL
jquery-migrate-3.1.0.min.js
www.phishportal.com/js/
9 KB
3 KB
Script
General
Full URL
https://www.phishportal.com/js/jquery-migrate-3.1.0.min.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4e2ded272ce00d1a6969ebe5eb38944206031221822825c53a5bde72ad11f6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
3290
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"231d-5fbc8a42ef84a-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd521c5f-AKL
jquery.cookie.js
www.phishportal.com/js/
4 KB
1 KB
Script
General
Full URL
https://www.phishportal.com/js/jquery.cookie.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ed4b98a29b8104ee0724dbba59b54db9181197ee1ebcad1ba2351c09bad7edc
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
1326
referrer-policy
no-referrer
last-modified
Thu, 20 Apr 2023 05:17:30 GMT
server
cloudflare
etag
"f11-5f9bda8431327-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd531c5f-AKL
jquery.autocomplete.js
www.phishportal.com/js/
13 KB
4 KB
Script
General
Full URL
https://www.phishportal.com/js/jquery.autocomplete.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ce594335217344603708092f5e9ac0e28c27c057c51c6c9905c9052ae1eb5f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
4274
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"35cc-5fbc8a42ef84a-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd561c5f-AKL
generic-autocomplete.js
www.phishportal.com/js/
1 KB
765 B
Script
General
Full URL
https://www.phishportal.com/js/generic-autocomplete.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d07e51736d65259b59b5be15b2c919854dbac4948d8a146d375a1a48797d7e7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
645
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"5e2-5fbc8a42ee8aa-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad93cd581c5f-AKL
bazooka.admin.js
www.phishportal.com/js/
51 KB
14 KB
Script
General
Full URL
https://www.phishportal.com/js/bazooka.admin.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b0550f0ae73d2bc4fbecc1231b7f511f32b0a13dde7545f7a495b253260b8a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
13957
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"cbd4-5fbc8a42ee8aa-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad947e6c1c5f-AKL
validate.login.js
www.phishportal.com/js/
551 B
365 B
Script
General
Full URL
https://www.phishportal.com/js/validate.login.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fb4aab19dfe0c99a9eb0ad75c4c5e1c1f6da8ee48ae4d13a3252e89c18a0a82
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
280
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"227-5fbc8a42f36ca-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad947e6e1c5f-AKL
display.js
www.phishportal.com/themes/fwimp/js/
4 KB
1 KB
Script
General
Full URL
https://www.phishportal.com/themes/fwimp/js/display.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3401c53e2f3e46198f9c0c7d196c104a0ccd630992c84eeec81bb2899831316
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
1341
referrer-policy
no-referrer
last-modified
Thu, 20 Apr 2023 05:17:32 GMT
server
cloudflare
etag
"fb4-5f9bda85bbbb2-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad947e711c5f-AKL
adminutils.js
www.phishportal.com/themes/fwimp/js/
2 KB
1 KB
Script
General
Full URL
https://www.phishportal.com/themes/fwimp/js/adminutils.js?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f41ddbcf63fe2c91dc53c7731876c9f47d58a5bae98f4e24bfb4174d13fe05e4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
1076
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"99b-5fbc8a4372609-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad947e721c5f-AKL
review-section.css
www.phishportal.com/themes/fwimp/css/
283 B
274 B
Stylesheet
General
Full URL
https://www.phishportal.com/themes/fwimp/css/review-section.css?v=TestTag-3960-ge89ce3038
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a103209e56b4ca489aa7f1c37a7ffa4e207e2ed720c3e9fa8b1e8b85f15890
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
cf-cache-status
DYNAMIC
content-encoding
gzip
content-length
188
referrer-policy
no-referrer
last-modified
Tue, 16 May 2023 05:14:10 GMT
server
cloudflare
etag
"11b-5fbc8a4366a89-gzip"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad947e741c5f-AKL
logo-fwi.png
www.phishportal.com/themes/fwimp/images/
61 KB
61 KB
Image
General
Full URL
https://www.phishportal.com/themes/fwimp/images/logo-fwi.png?v=1.1
Requested by
Host: www.phishportal.com
URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e1a8907ec59502598cd08f29881293466a1982c7a680947e2efaf1e4f6e46a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 22:36:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
last-modified
Tue, 16 May 2023 05:14:10 GMT
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
server
cloudflare
etag
"f4e4-5fbc8a436f729"
x-frame-options
DENY
content-type
image/png
permissions-policy
sync-xhr=(self), sync-script=(self), encrypted-media=(self), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=()
accept-ranges
bytes
cf-ray
7f6cad9679da1c5f-AKL
content-length
62692

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| noIframe string| URL_CMSROOT function| addLoadEvent function| addResizeEvent function| addEvent function| showWindow function| submitFormToWindow function| setFocus function| getObject function| getStyleObject function| toggleLayer function| showLayer function| hideLayer function| writeEmbed function| writeFlash function| writeShockWave function| writeQuickTime function| writeRealMedia function| writeWindowsMedia function| $ function| jQuery function| GenericAutoComplete string| urlHelpRoot number| scrollTimerID function| selectMenuItem function| showRibbon function| checkScroll function| ribbonScroll function| loadHtml

2 Cookies

Domain/Path Name / Value
www.phishportal.com/ Name: PHPSESSID
Value: 0t8epp2uo4i1rs2g351j76sf3o
www.phishportal.com/ Name: menuSection
Value: %22PhishPortal%22

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vibrate'.
network error URL: https://www.phishportal.com/admin/fwimp/incidents/show?incidentId=SGU-772987#:~:text=https%3A//-,netguard%2Dkyc.com,-Additional%20URLs
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; object-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY