phishing.eset.com Open in urlscan Pro
91.228.165.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://phishing.eset.com/
Effective URL:
https://phishing.eset.com/en-us/report
Submission Tags: @phish_report
Submission: On October 24 via api (October 24th 2024, 7:04:56 pm UTC) from FI — Scanned from SE

Summary HTTP 20 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 91.228.165.98, located in Slovakia and belongs to ESET-AS, SK. The main domain is phishing.eset.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on November 20th 2023. Valid for: a year.

This is the only time phishing.eset.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	91.228.165.98 91.228.165.98	50881 (ESET-AS) (ESET-AS)
3	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
20	5

14 91.228.165.98 (Slovakia) 1 redirects

ASN50881 (ESET-AS, SK)
PTR: h1-phishing-v.eset.com

phishing.eset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	eset.com 1 redirects phishing.eset.com	82 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3	969 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
1	gstatic.com www.gstatic.com	216 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	80 KB
20	5

	Domain	Requested by
14	phishing.eset.com	1 redirects phishing.eset.com
3	www.google.com	phishing.eset.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	phishing.eset.com
20	5

This site contains links to these domains. Also see Links.

Domain
www.eset.com
go.eset.com

Subject Issuer	Validity	Valid
phishing.eset.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-19`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://phishing.eset.com/en-us/report
Frame ID: 23F9D3473140194A06C18AF7644CC0AB
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdtrRATAAAAAOuntFS_3Q5gLagSDK-yrUo4yg6w&co=aHR0cHM6Ly9waGlzaGluZy5lc2V0LmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&theme=light&size=normal&cb=jf9224jp7xkt
Frame ID: E74B1838C0A669F1BA4C39999EACE009
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LdtrRATAAAAAOuntFS_3Q5gLagSDK-yrUo4yg6w
Frame ID: 8C9907B573CC61019615B4EA57C0EADF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Report a phishing page - ESET

Page URL History Show full URLs

http://phishing.eset.com/ HTTP 307
https://phishing.eset.com/ HTTP 301
https://phishing.eset.com/en-us/report Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

20
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

397 kB
Transfer

970 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eset.com/
Title: ESET

Search URL Search Domain Scan URL

URL: https://go.eset.com/phish-help
Title: Learn more about phishing

Search URL Search Domain Scan URL

URL: https://www.eset.com/int/about/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.eset.com/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.eset.com/legal-information/
Title: Legal Information

Search URL Search Domain Scan URL

URL: https://www.eset.com/int/cookie-policy/
Title: More info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://phishing.eset.com/ HTTP 307
https://phishing.eset.com/ HTTP 301
https://phishing.eset.com/en-us/report Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request report Show response
phishing.eset.com/en-us/
Redirect Chain

http://phishing.eset.com/
https://phishing.eset.com/
https://phishing.eset.com/en-us/report

20 KB
7 KB

202ms
74ms

Document
text/html

91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.eset.com/en-us/report

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

0a96f7713530055ff6d24047d0a64af8937f959cd72a671df5fc1a6cbf8259d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,POST
Cache-Control: no-cache, private
Connection: keep-alive, close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Oct 2024 19:04:51 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Referrer-Policy: strict-origin
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 98
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,POST
Connection: keep-alive, close
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Oct 2024 19:04:51 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Location: https://phishing.eset.com/en-us/report
Referrer-Policy: strict-origin
Server: Apache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 99
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
phishing.eset.com/ 15 KB
4 KB 193ms
65ms Stylesheet
text/css 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.eset.com/style.css

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/en-us/report

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

1969255f495f3e4fe2a77d27f6526a48dc8589453982927415169c3b1c52be2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

Content-Encoding: gzip
ETag: "3a14-61f78132f2714-gzip"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:51 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: sameorigin
Cache-Control: max-age=2628000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 3698
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
969 B 185ms
69ms Script
text/javascript 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/en-us/report

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

ESF /

Resource Hash

667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 19:04:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 24 Oct 2024 19:04:51 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK jquery.min.js Show response
phishing.eset.com/js/ 92 KB
33 KB 204ms
72ms Script
application/javascript 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.eset.com/js/jquery.min.js

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/en-us/report

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

Content-Encoding: gzip
ETag: "16eac-61f78132f2714-gzip"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:51 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: sameorigin
Cache-Control: max-age=2628000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 33140
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
80 KB 201ms
73ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3G2V7X

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/en-us/report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68de99c4a31aeb6ee6b95f3b7a3e01ee0e453faaf40b14a211a5ec2a1d87d495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 24 Oct 2024 19:04:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 19:04:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 18:15:49 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80895
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 544 KB
216 KB 124ms
56ms Script
text/javascript 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Origin: https://phishing.eset.com
Referer: https://phishing.eset.com/

Response headers

content-encoding: gzip
age: 5062
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 17:40:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 17:40:29 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220736
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK header_background.png
phishing.eset.com/img/ 3 KB
4 KB 200ms
67ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/header_background.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

4f9496ec138623eb5b19c113ee583f5457ab9c139beaf72f7f70229b531ec147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "b18-61f78132f2714"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:51 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/png
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 2840
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK header_logo_eset.png
phishing.eset.com/img/ 5 KB
6 KB 270ms
65ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/header_logo_eset.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

28b2f25729e071a818762b98c0382643c75edc71a85843b1ae9f1124a0572e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "138f-61f78132f2714"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:51 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/png
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 5007
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK globe.png
phishing.eset.com/img/ 3 KB
4 KB 384ms
65ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/globe.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

4675a70702851626374c276b45ecc9bca4cbac412b68c423d20d248b6a56180d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "c80-61f78132f2714"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:52 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/png
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 3200
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK arrow.png
phishing.eset.com/img/ 3 KB
4 KB 392ms
67ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/arrow.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

0a6867c983c2b1f6eb0447ee18a7980969be2b6c938488f3e1eca94f6c6a5cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "b09-61f78132f232c"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:52 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/png
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 2825
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK separator.png
phishing.eset.com/img/ 3 KB
4 KB 394ms
68ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/separator.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

626d0e38df9bbd5f17e42787fb1cb06c311511cf87f1e73df9f16dfa1d67495d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "d85-61f78132f2714"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:52 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/png
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 3461
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK box-gray.png
phishing.eset.com/img/ 197 B
1008 B 192ms
67ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/box-gray.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

b6445ca1d538b9207b94351791bdf991dd6ed34a9eaa5af1fb604ef59f6cf646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "c5-61f78132f232c"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:51 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/png
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 197
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK btn_blue2_left.png
phishing.eset.com/img/ 3 KB
4 KB 185ms
64ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/btn_blue2_left.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

082a26c7088c5a3fa9b8004c8d1ffb788ed86570cd2d7534c0481823780947ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "b84-61f78132f232c"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:51 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/png
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 2948
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK btn_blue2_right.png
phishing.eset.com/img/ 3 KB
4 KB 186ms
65ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/btn_blue2_right.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

e4b8726214c982914da69d772b40abe7fb3feba41639ca9f6afc1584a4101632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "b8e-61f78132f232c"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:51 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/png
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 2958
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK btn_blue2_mid.png
phishing.eset.com/img/ 3 KB
4 KB 185ms
64ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/btn_blue2_mid.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

8f7831bbdee1467eb657271914960132bb1892497f482af3992045c04a0948e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "b25-61f78132f232c"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:51 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/png
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 2853
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 184ms
56ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3G2V7X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

content-encoding: gzip
age: 5917
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 19:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 17:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame E74B 0
0 195ms
84ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdtrRATAAAAAOuntFS_3Q5gLagSDK-yrUo4yg6w&co=aHR0cHM6Ly9waGlzaGluZy5lc2V0LmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&theme=light&size=normal&cb=jf9224jp7xkt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FQHKDPbvviTJiW8mkL0EeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.eset.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FQHKDPbvviTJiW8mkL0EeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 19:04:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
422 B 64ms
63ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=59982264&t=pageview&_s=1&dl=https%3A%2F%2Fphishing.eset.com%2Fen-us%2Freport&ul=se-se&de=UTF-8&dt=Report%20a%20phishing%20page%20-%20ESET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=445507754&gjid=926090844&cid=409480503.1729796692&tid=UA-160836-77&_gid=1073997119.1729796692&_r=1&_slc=1&gtm=45He4al0n81K3G2V7Xza200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101794737~101823847&z=937557583

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type: text/plain
Referer: https://phishing.eset.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 19:04:52 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://phishing.eset.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H/1.1 200
OK favicon.ico
phishing.eset.com/ 1 KB
2 KB 197ms
69ms Other
image/vnd.microsoft.icon 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.eset.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

13d1a190e6a23400b5547645f6f047e82b37c0edbadc1bc65616e3bbe245c4e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://phishing.eset.com/

Response headers

ETag: "57e-61f78132f1f44"
Access-Control-Allow-Methods: GET,HEAD,POST
X-Content-Type-Options: nosniff
Date: Thu, 24 Oct 2024 19:04:52 GMT
Last-Modified: Mon, 12 Aug 2024 08:13:58 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Content-Type: image/vnd.microsoft.icon
X-Frame-Options: sameorigin
Cache-Control: max-age=31536000, public
Connection: keep-alive, close
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin
Accept-Ranges: bytes
Content-Length: 1406
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 8C99 0
0 72ms
71ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LdtrRATAAAAAOuntFS_3Q5gLagSDK-yrUo4yg6w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MPXMQB_jRP1BIEg6HTG3QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.eset.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MPXMQB_jRP1BIEg6HTG3QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 19:04:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
phishing.eset.com/	1970-01-21 00:30:03	Name: XSRF-TOKEN Value: eyJpdiI6IjErYzZYVzVMKy9RMnVzd1lNS21wbHc9PSIsInZhbHVlIjoiN3loeEN1T0xtNGhkVjE5VFdNdUhvekY0dFVxUzNaL3pweDlWaFFPWFVacmZqVHg5QzQ5UFpzSzlpdFpsdUR4WGRacklwNHlSZUZHMlBwZ3FEV1NZdld4RnJnOFI4M3h6cFJNRlhUdkVtUEJBc0xqL1pIcmpqejIrenBTMDFreEUiLCJtYWMiOiJkMGNkMTA2NGNiYTQxZDgxMTY4ZmE2YmI4MjQ1Y2ZlZWY0MjhlOWU5ZmYyYzlkOTliYzg5MWY4OGNlYzc5OTI0IiwidGFnIjoiIn0%3D
phishing.eset.com/	1970-01-21 00:30:03	Name: laravel_session Value: eyJpdiI6ImpPT2R5emlFRXRRN1pOc2hZMkloK1E9PSIsInZhbHVlIjoiVis1Ym5wVGNVT3FuaFgyQUtMNDRLNU14VE9qWU45T2UzZWY1M3FEc1U2MFJkalFhZytGTTc4VlpGTmFFL0Z4ajBQaUwzZ1VtMzBGdHhKOTNieHNROFZiaG9jNVNvRnFrYllwVnpqeGxpY1l2NDlPRjhYSU5YYWxZR2UreTJ0cGMiLCJtYWMiOiJiMTQxN2Y1MDBmNjkyNTk5ZmVjNjNjZWYxYjcyNTVkMjZlOTMzMjczYzc4YWVjMDU1NDU2ZWFjZTlhODhhZWIxIiwidGFnIjoiIn0%3D
phishing.eset.com/	1970-01-21 00:30:03	Name: Zr411DdBmOGMSz99Pv8IzrxOUapUWQRHtd4eS0ig Value: eyJpdiI6Ikx4N3IvelZlOW5jeURwMExxK25nc1E9PSIsInZhbHVlIjoiN0hCNFl5d2l2aHIrb3duV2c2VWVIV0FmMFA0aGQ4VFppWlVrZEU1UUpMSXV6VHNZcExZU1BlbFpkeE5RL2lNdWVCV3NNN2NTSS9BZ29oTG54Wm1MVEs4clNWVWJSWjJTUS8ycGdNcXRDUEZjMVZUMzZRQ1VRaGhRMVNpQzNWS0M0Rmxpc3owNVorMzRJYUFsNDlVV04zbDN1RWdMODcxLy9DK1ViV1c0dXlhUEFOUWRySXh3cHVBTkUrd1R1RVhRZmlDUWJLUkRBM3MzelovY0xUcWc5WWZlejJMeEttVFRORDVMR3c5OU1lNHdMNGpmbjFESnlnVE1RaWszMUttT2tPWnhBOWFFWHpPUTZYT3d6cnFUK1BPNTZwV3BDbEhYVVJhRW1RdXNGR1gvKzNQQ3ZyR2ZKbHNsWTQ2eVhBWFBBRVgrc04vNUpzMXl1LzVhOXFrWTJQMTQ4d2tYOVR4SlQ2WGFZMEF1UUhlMFZJcFlOU0ZHVURpRlI3TEVDZm1aYlFreXdqdGM5K0pXOFlON1RBdnBwaldudzJhK3F6L3NiU1plMmxScmxYeFlYd0g1WVpSb0xiS3o5R0JRY1VSUC9TWDUrNlBtc3JRSEg0czVkSS9QQ1FGbTFhNUpkbHFpa2VYd01ZV25aRkM2ZEJtTGRXd05xSTZhcGNudFM1UVF3Y0orYmpXbXdOdDNTVkdDdmdYTkREaXkzNkczKy80bkpjNy9yU3o2Qm94WnlGbW45aXQyREZYdDdvNG1hdlB0WnZCdnpwd2UwU2NwY2JhUU4yZFNJR2hPVHljejZDcmtpTmVvLzh1TlM4eU5GdWNjWjhxQzFrQVkyZXZoNkxoWm1sbXdIb1pvZHBGWlBUWEtqMjk5VDB5b2owUVpIRmJjQ05IcFNkWWZUb3N3ZzhEaUF0elJHUVR0MThzUUVHYlg0KzhVNlBjNmpvUzZaVW1tdnFmYkFWNEdkd3RHMFU3VGFHZWhZZUdHV0NkR0k4SjBiVTI1cTd1U1UwaHcyenkzZ3V0cnBjUzNPMlk3aTlIWUtzQ2x1blloY2NwUUVBa0FBcExrUVhzbDVLZzdTQU5GcEkzUS9JaFkwWUhHLzhLYiIsIm1hYyI6IjAzZjJhMmY3YWU2NTU2Nzc3NjExMGUwYWU0MmQxOTJlM2E3NjU0Y2VkMWUyMDYyZmNlNTI2NDk3ZmFlYzI1ZDkiLCJ0YWciOiIifQ%3D%3D
.eset.com/	1970-01-21 10:05:56	Name: _ga Value: GA1.2.409480503.1729796692
.eset.com/	1970-01-21 00:31:23	Name: _gid Value: GA1.2.1073997119.1729796692
.eset.com/	1970-01-21 00:29:56	Name: _gat_UA-160836-77 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vr'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

phishing.eset.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
172.217.18.4
216.58.206.35
2a00:1450:4001:813::2008
2a00:1450:4001:828::200e
91.228.165.98
082a26c7088c5a3fa9b8004c8d1ffb788ed86570cd2d7534c0481823780947ce
0a6867c983c2b1f6eb0447ee18a7980969be2b6c938488f3e1eca94f6c6a5cb5
0a96f7713530055ff6d24047d0a64af8937f959cd72a671df5fc1a6cbf8259d7
13d1a190e6a23400b5547645f6f047e82b37c0edbadc1bc65616e3bbe245c4e8
1969255f495f3e4fe2a77d27f6526a48dc8589453982927415169c3b1c52be2c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
28b2f25729e071a818762b98c0382643c75edc71a85843b1ae9f1124a0572e89
4675a70702851626374c276b45ecc9bca4cbac412b68c423d20d248b6a56180d
4f9496ec138623eb5b19c113ee583f5457ab9c139beaf72f7f70229b531ec147
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
626d0e38df9bbd5f17e42787fb1cb06c311511cf87f1e73df9f16dfa1d67495d
667c83b6a02c499e26b4b94d89295391f7eb3cac903554b02ec343d9a89f2ba4
68de99c4a31aeb6ee6b95f3b7a3e01ee0e453faaf40b14a211a5ec2a1d87d495
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8f7831bbdee1467eb657271914960132bb1892497f482af3992045c04a0948e0
b6445ca1d538b9207b94351791bdf991dd6ed34a9eaa5af1fb604ef59f6cf646
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e4b8726214c982914da69d772b40abe7fb3feba41639ca9f6afc1584a4101632

phishing.eset.com Open in urlscan Pro 91.228.165.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

397 kBTransfer

970 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

6 Cookies

3 Console Messages

Security Headers

Indicators

phishing.eset.com Open in urlscan Pro
91.228.165.98 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

397 kB
Transfer

970 kB
Size

6
Cookies

20 HTTP transactions
0 data transactions