companyregistrationkolkata.net
97.74.86.180  Malicious Activity! Public Scan Open in urlscan Pro

Internal
urlscan.io (IP) urlscan.io (Domain)
Effective Hostname
VirusTotal SecurityTrails crt.sh
Submitted URL
Google Safe Browsing Archive.org
Effective URL Pivot
Google Safe Browsing Archive.org
Effective IP
VirusTotal SecurityTrails Domaintools Censys
Go To Rescan
Add Verdict Report
Submitted URL:
http://companyregistrationkolkata.net/live 8yr old
Effective URL:
https://companyregistrationkolkata.net/live 8yr old
Submission: On July 31 via manual (July 31st 2025, 2:48:20 am UTC) from IN — Scanned from AU
Summary HTTP 8 Redirects  Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 97.74.86.180, located in Singapore, Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is companyregistrationkolkata.net. 8yr old
TLS certificate: Issued by E5 on July 8th 2025. Valid for: 3mo.
This is the only time companyregistrationkolkata.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bendigo Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
3 97.74.86.180 97.74.86.180 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 173.194.174.104 173.194.174.104 15169 (GOOGLE) (GOOGLE)
3 2404:6800:400... 2404:6800:4008:c06::5e 15169 (GOOGLE) (GOOGLE)
1 173.194.174.106 173.194.174.106 15169 (GOOGLE) (GOOGLE)
8 4
Apex Domain
Subdomains		 Transfer
3 gstatic.com
www.gstatic.com 10yr old
711 KB
3 companyregistrationkolkata.net
companyregistrationkolkata.net 8yr old
15 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5 13yr old
43 KB
8 3
Domain Requested by
3 www.gstatic.com www.google.com
3 companyregistrationkolkata.net companyregistrationkolkata.net
2 www.google.com companyregistrationkolkata.net
www.gstatic.com
8 3

This site contains no links.

Subject Issuer Validity Valid
*.companyregistrationkolkata.net
E5		 2025-07-08 -
2025-10-06		 3mo crt.sh
*.google.com
WE2		 2025-07-07 -
2025-09-29		 3mo crt.sh
*.gstatic.com
WE2		 2025-07-07 -
2025-09-29		 3mo crt.sh

This page contains 2 frames:

Primary Page: https://companyregistrationkolkata.net/live
Frame ID: B285C0A80A8B6545DA8624DB9AB1CD9F
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV_5ArAAAAANMWYPGPKOdl_X3xUJxz8XrGjTao&co=aHR0cHM6Ly9jb21wYW55cmVnaXN0cmF0aW9ua29sa2F0YS5uZXQ6NDQz&hl=en&v=DBIsSQ0s2djD_akThoRUDeHa&size=invisible&anchor-ms=20000&execute-ms=15000&cb=tudvh5er1qtw
Frame ID: 31829E867735DD594B7D8EBBC56D2703
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Le Fromage Francais

Page URL History Show full URLs

  1. http://companyregistrationkolkata.net/live HTTP 307
    https://companyregistrationkolkata.net/live Page URL

Detected technologies

(Web frameworks)
Overall confidence: 100%
Detected patterns
(Security)
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

8
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

768 kB
Transfer

1729 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://companyregistrationkolkata.net/live HTTP 307
    https://companyregistrationkolkata.net/live Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol		 Status Resource
Path		 Size
x-fer		 Time
Latency		 Type
MIME-Type		 IP
Location
GET
H/1.1 		200
OK 		Primary Request live Show response
companyregistrationkolkata.net/
Redirect Chain
  • http://companyregistrationkolkata.net/live
  • https://companyregistrationkolkata.net/live
8 KB
9 KB 		2110ms
1244ms 		Document
text/html		 97.74.86.180
AS-26496-GO-DADDY...
General
Check archive.org
Download Go to
Full URL
https://companyregistrationkolkata.net/live
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
97.74.86.180 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
180.86.74.97.host.secureserver.net
Software
Apache /
Resource Hash
3ff57e276e43a7f090738181684336b1921c8b1ba677163619908e3107211399

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 31 Jul 2025 02:48:22 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Location
https://companyregistrationkolkata.net/live
Non-Authoritative-Reason
HttpsUpgrades
GET
H/1.1 		200
OK 		bbg.webp
companyregistrationkolkata.net/assets/ 		5 KB
6 KB 		144ms
142ms 		Image
image/webp		 97.74.86.180
AS-26496-GO-DADDY...
General
Check archive.org
Download Go to Show image
Full URL
https://companyregistrationkolkata.net/assets/bbg.webp
Requested by
Host: companyregistrationkolkata.net
URL: https://companyregistrationkolkata.net/live
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
97.74.86.180 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
180.86.74.97.host.secureserver.net
Software
Apache /
Resource Hash
a5b235d1e7eaf3a56a24aabf87f37686bdd1d3e6d1812ffc64c038cc138babcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://companyregistrationkolkata.net/live

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5436
Keep-Alive
timeout=5, max=99
Date
Thu, 31 Jul 2025 02:48:22 GMT
Last-Modified
Tue, 22 Jul 2025 23:16:21 GMT
Content-Type
image/webp
Server
Apache
GET
H3 		200
 api.js Show response
www.google.com/recaptcha/ 		2 KB
1 KB 		373ms
189ms 		Script
text/javascript		 173.194.174.104
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdV_5ArAAAAANMWYPGPKOdl_X3xUJxz8XrGjTao
Requested by
Host: companyregistrationkolkata.net
URL: https://companyregistrationkolkata.net/live
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f104.1e100.net
Software
ESF /
Resource Hash
34c0bddf9645655fca745efc6c251fab7c8eb74021c6d787c10953e470be86e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://companyregistrationkolkata.net/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 31 Jul 2025 02:48:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 31 Jul 2025 02:48:22 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
GET
H2 		200
 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/DBIsSQ0s2djD_akThoRUDeHa/ 		782 KB
335 KB 		659ms
220ms 		Script
text/javascript		 2404:6800:4008:c06::5e
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/DBIsSQ0s2djD_akThoRUDeHa/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdV_5ArAAAAANMWYPGPKOdl_X3xUJxz8XrGjTao
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c06::5e , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e26f447433f06b68f0e4bb3eb75020a33b3ef92fa4de64a02854f10d64826e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://companyregistrationkolkata.net
Referer
https://companyregistrationkolkata.net/

Response headers

content-encoding
gzip
age
24300
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Thu, 30 Jul 2026 20:03:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Jul 2025 20:03:23 GMT
last-modified
Sun, 27 Jul 2025 22:01:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
access-control-allow-origin
*
content-length
341909
x-xss-protection
0
server
sffe
GET
H3 		200
 anchor Show response
www.google.com/recaptcha/api2/ Frame 3182 		73 KB
42 KB 		380ms
198ms 		Document
text/html		 173.194.174.106
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV_5ArAAAAANMWYPGPKOdl_X3xUJxz8XrGjTao&co=aHR0cHM6Ly9jb21wYW55cmVnaXN0cmF0aW9ua29sa2F0YS5uZXQ6NDQz&hl=en&v=DBIsSQ0s2djD_akThoRUDeHa&size=invisible&anchor-ms=20000&execute-ms=15000&cb=tudvh5er1qtw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DBIsSQ0s2djD_akThoRUDeHa/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f106.1e100.net
Software
ESF /
Resource Hash
128ada67e047d64e98a63350b59b244d842741182c24e8a2eca916014482fdf2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MYFobgmz9d2RBsDTKIVBvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://companyregistrationkolkata.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MYFobgmz9d2RBsDTKIVBvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Jul 2025 02:48:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
GET
H2 		200
 styles__ltr.css
www.gstatic.com/recaptcha/releases/DBIsSQ0s2djD_akThoRUDeHa/ Frame 3182 		78 KB
42 KB 		649ms
217ms 		Stylesheet
text/css		 2404:6800:4008:c06::5e
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/DBIsSQ0s2djD_akThoRUDeHa/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV_5ArAAAAANMWYPGPKOdl_X3xUJxz8XrGjTao&co=aHR0cHM6Ly9jb21wYW55cmVnaXN0cmF0aW9ua29sa2F0YS5uZXQ6NDQz&hl=en&v=DBIsSQ0s2djD_akThoRUDeHa&size=invisible&anchor-ms=20000&execute-ms=15000&cb=tudvh5er1qtw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c06::5e , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb602c9090441aa43cb41546b4d373ecb520d6303558ce462841b4f0b55d3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
59827
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Thu, 30 Jul 2026 10:11:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Jul 2025 10:11:18 GMT
last-modified
Sun, 27 Jul 2025 22:01:00 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
content-length
42122
x-xss-protection
0
server
sffe
GET
H2 		200
 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/DBIsSQ0s2djD_akThoRUDeHa/ Frame 3182 		782 KB
334 KB 		952ms
521ms 		Script
text/javascript		 2404:6800:4008:c06::5e
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/DBIsSQ0s2djD_akThoRUDeHa/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdV_5ArAAAAANMWYPGPKOdl_X3xUJxz8XrGjTao&co=aHR0cHM6Ly9jb21wYW55cmVnaXN0cmF0aW9ua29sa2F0YS5uZXQ6NDQz&hl=en&v=DBIsSQ0s2djD_akThoRUDeHa&size=invisible&anchor-ms=20000&execute-ms=15000&cb=tudvh5er1qtw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c06::5e , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e26f447433f06b68f0e4bb3eb75020a33b3ef92fa4de64a02854f10d64826e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
24302
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Thu, 30 Jul 2026 20:03:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Jul 2025 20:03:23 GMT
last-modified
Sun, 27 Jul 2025 22:01:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
access-control-allow-origin
*
content-length
341909
x-xss-protection
0
server
sffe
GET
H/1.1 		200
OK 		favicon.ico
companyregistrationkolkata.net/ 		0
242 B 		141ms
141ms 		Other
image/x-icon		 97.74.86.180
AS-26496-GO-DADDY...
General
Check archive.org
Download Go to
Full URL
https://companyregistrationkolkata.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
97.74.86.180 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
180.86.74.97.host.secureserver.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://companyregistrationkolkata.net/live

Response headers

Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
0
Keep-Alive
timeout=5, max=98
Date
Thu, 31 Jul 2025 02:48:26 GMT
Last-Modified
Tue, 13 Feb 2024 02:23:34 GMT
Content-Type
image/x-icon
Server
Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bendigo Bank (Banking)

8 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| toggleNextState object| recaptcha object| closure_lm_943238

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path Expires Name / Value
companyregistrationkolkata.net/ 1970-01-21
07:12:17 		Name: XSRF-TOKEN
Value: eyJpdiI6ImdjK0ZBZFlLdWQ4dEtHbTB5WitNU0E9PSIsInZhbHVlIjoiTnQ2bWkxL1VhYi9DQmRreWxXK2xWaFhRa0hVUEtPSDZIRzMvU29EZUhBaWpFeE9LR0hyMkROZlB2cWN0Tkp2ZlY2Y21KQzZ3OXg0cDFkU2c1SEN0bWwyU1FOL0hKVHoxeU4yNis5QU5kMm1yVGJyY1lTbDZzK05FNE5abnZYbXciLCJtYWMiOiIyMDNlNmM5ZjJmNTMxNDMwNjc0MDgxYzQ1OTgzNTRhZjZjZjAwOTI3YjQyMTJhNTA0NDY4NDYwMmIzMjA0MDZmIiwidGFnIjoiIn0%3D
companyregistrationkolkata.net/ 1970-01-21
07:12:17 		Name: laravel_session
Value: eyJpdiI6IjNRdlZSSnNFbTBrOWl5cGcvSC9SSkE9PSIsInZhbHVlIjoialc1MjUwQUxBTnBVYjdXM3doZGVKOWdnMkJISFRTdXJOcmZXWjZVNmNheVAzeE5TRGNocWVEYUlXajR0UFZkRnVPSHpJTDgya0hvYTkyNCtxc2hZODh2OC9taExzSTh5ajhWY3diVmg1RU1EQlliSjNkM0hEUG1MSGlLS1R1VDYiLCJtYWMiOiIyMTUzY2UxYmE5YjA2M2ZkZmNiMzI5YjBlOTYyMWZmNjA0NjA5OGI2NzQ0ZGQ5NjQ2M2I4M2Q0NTAzZWQ1NWQwIiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source Level URL
Text
recommendation verbose URL: https://companyregistrationkolkata.net/live
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o