phishing.eset.com Open in urlscan Pro
91.228.165.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://phishing.eset.com/
Effective URL:
https://phishing.eset.com/en-us/report
Submission: On April 22 via api (April 22nd 2024, 11:57:29 am UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 91.228.165.98, located in Slovakia and belongs to ESET-AS, SK. The main domain is phishing.eset.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on November 20th 2023. Valid for: a year.

This is the only time phishing.eset.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	91.228.165.98 91.228.165.98	50881 (ESET-AS) (ESET-AS)
3	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
20	5

14 91.228.165.98 (Slovakia) 1 redirects

ASN50881 (ESET-AS, SK)
PTR: h1-phishing-v.eset.com

phishing.eset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	eset.com 1 redirects phishing.eset.com	82 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	856 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
1	gstatic.com www.gstatic.com	199 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	58 KB
20	5

	Domain	Requested by
14	phishing.eset.com	1 redirects phishing.eset.com
3	www.google.com	phishing.eset.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	phishing.eset.com
20	5

This site contains links to these domains. Also see Links.

Domain
www.eset.com
go.eset.com

Subject Issuer	Validity	Valid
phishing.eset.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://phishing.eset.com/en-us/report
Frame ID: 4FDC9B863697EA06435F4E6DDC95D64F
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdtrRATAAAAAOuntFS_3Q5gLagSDK-yrUo4yg6w&co=aHR0cHM6Ly9waGlzaGluZy5lc2V0LmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&theme=light&size=normal&cb=8x5eq3serydf
Frame ID: 52116DB7F39107994E30852F7563C65A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LdtrRATAAAAAOuntFS_3Q5gLagSDK-yrUo4yg6w
Frame ID: 2AB6E6753C442FA9C4FCC9E8943F014D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Report a phishing page - ESET

Page URL History Show full URLs

http://phishing.eset.com/ HTTP 307
https://phishing.eset.com/ HTTP 301
https://phishing.eset.com/en-us/report Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

20
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

358 kB
Transfer

856 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eset.com/
Title: ESET

Search URL Search Domain Scan URL

URL: https://go.eset.com/phish-help
Title: Learn more about phishing

Search URL Search Domain Scan URL

URL: https://www.eset.com/int/about/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.eset.com/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.eset.com/legal-information/
Title: Legal Information

Search URL Search Domain Scan URL

URL: https://www.eset.com/int/cookie-policy/
Title: More info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://phishing.eset.com/ HTTP 307
https://phishing.eset.com/ HTTP 301
https://phishing.eset.com/en-us/report Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request report Show response
phishing.eset.com/en-us/
Redirect Chain

http://phishing.eset.com/
https://phishing.eset.com/
https://phishing.eset.com/en-us/report

20 KB
7 KB

116ms
45ms

Document
text/html

91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.eset.com/en-us/report

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

110d943d20241f78220ff6f7e662d0629e6201acf8c5a4842b4484fe2ea2f691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,POST
Cache-Control: no-cache, private
Connection: keep-alive, close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Apr 2024 11:57:24 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Referrer-Policy: strict-origin
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 98
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,POST
Connection: keep-alive, close
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Apr 2024 11:57:24 GMT
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Location: https://phishing.eset.com/en-us/report
Referrer-Policy: strict-origin
Server: Apache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 99
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
phishing.eset.com/ 15 KB
4 KB 105ms
35ms Stylesheet
text/css 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.eset.com/style.css

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/en-us/report

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

1969255f495f3e4fe2a77d27f6526a48dc8589453982927415169c3b1c52be2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 3698
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "3a14-609ca04bc5596-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: text/css
X-Frame-Options: sameorigin
Cache-Control: max-age=2628000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
856 B 84ms
34ms Script
text/javascript 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/en-us/report

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

a58ff2de4d6a14e055a553e83a4e67aea6aaf589a57364305eec36105cce9ef3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 11:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 22 Apr 2024 11:57:24 GMT

GET
H/1.1 200
OK jquery.min.js Show response
phishing.eset.com/js/ 92 KB
33 KB 113ms
41ms Script
application/javascript 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.eset.com/js/jquery.min.js

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/en-us/report

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 33140
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "16eac-609ca04bc5596-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: application/javascript
X-Frame-Options: sameorigin
Cache-Control: max-age=2628000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 152 KB
58 KB 90ms
37ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3G2V7X

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/en-us/report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f16121b04a890c7da687447c0dec5be89073126a368040f8f845ccb979698bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 11:57:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58731
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Apr 2024 11:57:24 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 499 KB
199 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Origin: https://phishing.eset.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 11:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203369
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Apr 2025 11:39:00 GMT

GET
H/1.1 200
OK header_background.png
phishing.eset.com/img/ 3 KB
4 KB 105ms
35ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/header_background.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

4f9496ec138623eb5b19c113ee583f5457ab9c139beaf72f7f70229b531ec147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 2840
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "b18-609ca04bc5596"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/png
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK header_logo_eset.png
phishing.eset.com/img/ 5 KB
6 KB 148ms
36ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/header_logo_eset.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

28b2f25729e071a818762b98c0382643c75edc71a85843b1ae9f1124a0572e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 5007
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "138f-609ca04bc5596"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/png
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK globe.png
phishing.eset.com/img/ 3 KB
4 KB 210ms
36ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/globe.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

4675a70702851626374c276b45ecc9bca4cbac412b68c423d20d248b6a56180d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 3200
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "c80-609ca04bc5596"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/png
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK arrow.png
phishing.eset.com/img/ 3 KB
4 KB 209ms
35ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/arrow.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

0a6867c983c2b1f6eb0447ee18a7980969be2b6c938488f3e1eca94f6c6a5cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 2825
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "b09-609ca04bc45f6"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/png
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK separator.png
phishing.eset.com/img/ 3 KB
4 KB 213ms
37ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/separator.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

626d0e38df9bbd5f17e42787fb1cb06c311511cf87f1e73df9f16dfa1d67495d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 3461
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "d85-609ca04bc5596"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/png
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK box-gray.png
phishing.eset.com/img/ 197 B
1008 B 98ms
35ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/box-gray.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

b6445ca1d538b9207b94351791bdf991dd6ed34a9eaa5af1fb604ef59f6cf646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 197
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "c5-609ca04bc45f6"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/png
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK btn_blue2_left.png
phishing.eset.com/img/ 3 KB
4 KB 97ms
34ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/btn_blue2_left.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

082a26c7088c5a3fa9b8004c8d1ffb788ed86570cd2d7534c0481823780947ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 2948
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "b84-609ca04bc5596"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/png
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK btn_blue2_right.png
phishing.eset.com/img/ 3 KB
4 KB 101ms
37ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/btn_blue2_right.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

e4b8726214c982914da69d772b40abe7fb3feba41639ca9f6afc1584a4101632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 2958
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "b8e-609ca04bc5596"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/png
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK btn_blue2_mid.png
phishing.eset.com/img/ 3 KB
4 KB 100ms
35ms Image
image/png 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.eset.com/img/btn_blue2_mid.png

Requested by

Host: phishing.eset.com
URL: https://phishing.eset.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

8f7831bbdee1467eb657271914960132bb1892497f482af3992045c04a0948e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 2853
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "b25-609ca04bc5596"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/png
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3G2V7X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Apr 2024 11:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 556
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Apr 2024 13:48:08 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 5211 0
0 93ms
50ms Document
text/html 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdtrRATAAAAAOuntFS_3Q5gLagSDK-yrUo4yg6w&co=aHR0cHM6Ly9waGlzaGluZy5lc2V0LmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&theme=light&size=normal&cb=8x5eq3serydf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wg24MiA9NXXsOqs9K2DNMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://phishing.eset.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wg24MiA9NXXsOqs9K2DNMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Apr 2024 11:57:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 31ms
30ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=62896363&t=pageview&_s=1&dl=https%3A%2F%2Fphishing.eset.com%2Fen-us%2Freport&ul=de-de&de=UTF-8&dt=Report%20a%20phishing%20page%20-%20ESET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1116790757&gjid=1057993212&cid=1225460762.1713787045&tid=UA-160836-77&_gid=1073626038.1713787045&_r=1&_slc=1&gtm=45He44h0n81K3G2V7Xza200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=982302109

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 11:57:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://phishing.eset.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK favicon.ico
phishing.eset.com/ 1 KB
2 KB 103ms
35ms Other
image/vnd.microsoft.icon 91.228.165.98
ESET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.eset.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.228.165.98 , Slovakia, ASN50881 (ESET-AS, SK),

Reverse DNS

h1-phishing-v.eset.com

Software

Apache /

Resource Hash

13d1a190e6a23400b5547645f6f047e82b37c0edbadc1bc65616e3bbe245c4e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://phishing.eset.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 11:57:25 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive, close
Content-Length: 1406
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 10 Nov 2023 10:45:27 GMT
Server: Apache
ETag: "57e-609ca04bc45f6"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: GET,HEAD,POST
Content-Type: image/vnd.microsoft.icon
Cache-Control: max-age=31536000, public
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 2AB6 0
0 36ms
35ms Document
text/html 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LdtrRATAAAAAOuntFS_3Q5gLagSDK-yrUo4yg6w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x1uJBnXdPpEkqncJ7bEwmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://phishing.eset.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-x1uJBnXdPpEkqncJ7bEwmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Apr 2024 11:57:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
phishing.eset.com/	1970-01-20 20:03:14	Name: XSRF-TOKEN Value: eyJpdiI6IkxQM25KOUR0ZGxSYWd4RzBKMCtiZVE9PSIsInZhbHVlIjoiaU5OQ3BpYWVMRnhzd0hYZ2pOaUxKbTMyRGdIL050eGNkWXNsWlJuYitFakM4aEp3UTlBT1RuaDVGdlpBR2hXM1U4UXJrc3orV2VTUDNLN1RZQ0YzTW51OUNzakRHMklReXlpcG5BRFMxb2lVOHVCc3BlNUd3YUxCaWd0SCtmQVAiLCJtYWMiOiIxNzkzNjE2MGRjZjRmMTY2MDFjMmEwOWI4OTJlODg4NmQ1NGEwMjNhOWQ3MzFkOGE2MDUzN2Y0MjcwMmE3MGZhIiwidGFnIjoiIn0%3D
phishing.eset.com/	1970-01-20 20:03:14	Name: laravel_session Value: eyJpdiI6IkROODNDQ1lTcnF0WVA0WjRISXczcFE9PSIsInZhbHVlIjoiMmlkUXBEamlqZjFJUGRRSkduNTVjUVBIWFBBWWxxNy91WmI1YVhvbjVOTDdhVzRWRnJNSTBiR1JHR3dnZjdVUWoxYlFJd3M0RUw1OTZqUW1mQ0R0RWxTdjJiZi9PaEgrSEFMVEl5REE2TmhnSkxLc1NwTnA1Zy8zNmphSlh6MDUiLCJtYWMiOiIyZjkwNzY1OGM1MzY2ZGU4ZGQxNmFmZDAyZDQ2NTFjNGY1ZmQzZjczMzdmOTBiZDYyNTg3YmI3MWJmOGY1Yjc2IiwidGFnIjoiIn0%3D
phishing.eset.com/	1970-01-20 20:03:14	Name: kGYUBrWXDsuWNQNIjWq4sWIdPApT1wYUFSDR2QUL Value: eyJpdiI6IlYvVERNeVZLYjdrdTNScWo0S012SXc9PSIsInZhbHVlIjoiaTdDbEUxUlA3M2E2M3ZqYW1DcXgxUXZwdk1ZZ00rSisxZS9kdlJEWHJUZHRTaTEzRThKRXY2WjFRRXl4Qi9Ea3lReThuQm9WaWhXTDYvRkZwQ1Q3M211NXVSM2pQRkpRaGVjRFNqUEUrR3RtREE5cGhTZGFQZ24xcXhWR1A5bTRWM2ZXRGM1TEU2MXN0UTBDTzhIWmowbm9xY1g1b29iclFaNkFNMWxMZVFlMFIxR21OaUdGU1NuTjNKU3ZHM3JtNjkzMkJUMkZjTDYzSm1wRjNodmtBS1JNZjZ0N1UvM3NmRWxuZUNKWWIvVjdpY005WmJqTE9HaWUzSlErN2hlbURHNFROdXBOeXZoVkJVNllyOVkzTHRtUnc0dnlkeVl0ZXg0M1hHYWdMRlYwUGRDbWJRdWl6TTQvbzkwNGlwWUQybzFLN0ovZFFRaUlTYkxyMGNSWmZtS29vVHdhSkp6Z0VwZDFuRFVwZWlhOXdkTU1IVUhiQWIvZ0VXb1VNYlNkTFZvN1V5MmN3MHE3ZDlkZS9XUnJ3UXpBa01iMFdaNkNSdjIxMDExRkJOTEh1SGc5Rk05a2lxZWdjSjlDMU1wYTBJRERBR3VITWw2eEQ4OTZFazBkLzdFNDE4VE94ckkzL1lVZThGOHVKbUV3Q2w2bWR4cUZZTW1aYkNPZXJSbjZCOC84Rk1lLzhZNWRENzJwSUx6UFdwUVRQMFRxaUtQdEhuQWkxMGN6ak1sU3pMcGU3OWh1TTRUK0QyUDBwc2JpdkVac01FV2pLd1I2eUNKaUZGS3h0QkRUVmQ5aEtyQUNPUkpraW9BdDl6QzB0TWVWSjUzZWlWV3BYdnVDeGxUWSsrejZLczJ3MWJUMW1YNG11dEp2SXhSb0U5TW1Mak04MlpDcm9PWXB2K2t3MVd3MEl3T2F2VDlLT3BuUkVEUzRJZUpHVjN4LzJZYWhpMVUwdTZQZ2VVdTVmVXBWOGVEK2VYU1U2bmoxRklsZFZ0aGRrWmNqNlVPcE9SUU9TNHByMjJWMkt6MFNkZ3BWUXBLVENNSkhzL3ozQXNQNEJLSnJUWGxkZ0Z2YWVkdThzZHVaeTNvQWM2ekxHL25ZTjVJciIsIm1hYyI6IjBjMmQ1ZTE2NjI5NTZkMGVjNGU5ZTkxNzhmMzg4NjI3MTFiOTIyODBjZDlhYTYzZDgwNGUxYjEzZjk4MzgwOTMiLCJ0YWciOiIifQ%3D%3D
.eset.com/	1970-01-21 05:39:07	Name: _ga Value: GA1.2.1225460762.1713787045
.eset.com/	1970-01-20 20:04:33	Name: _gid Value: GA1.2.1073626038.1713787045
.eset.com/	1970-01-20 20:03:07	Name: _gat_UA-160836-77 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vr'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

phishing.eset.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.185.196
2a00:1450:4001:803::200e
2a00:1450:4001:811::2003
2a00:1450:4001:81d::2008
91.228.165.98
082a26c7088c5a3fa9b8004c8d1ffb788ed86570cd2d7534c0481823780947ce
0a6867c983c2b1f6eb0447ee18a7980969be2b6c938488f3e1eca94f6c6a5cb5
110d943d20241f78220ff6f7e662d0629e6201acf8c5a4842b4484fe2ea2f691
13d1a190e6a23400b5547645f6f047e82b37c0edbadc1bc65616e3bbe245c4e8
1969255f495f3e4fe2a77d27f6526a48dc8589453982927415169c3b1c52be2c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
28b2f25729e071a818762b98c0382643c75edc71a85843b1ae9f1124a0572e89
4675a70702851626374c276b45ecc9bca4cbac412b68c423d20d248b6a56180d
4f9496ec138623eb5b19c113ee583f5457ab9c139beaf72f7f70229b531ec147
626d0e38df9bbd5f17e42787fb1cb06c311511cf87f1e73df9f16dfa1d67495d
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137
8f7831bbdee1467eb657271914960132bb1892497f482af3992045c04a0948e0
a58ff2de4d6a14e055a553e83a4e67aea6aaf589a57364305eec36105cce9ef3
b6445ca1d538b9207b94351791bdf991dd6ed34a9eaa5af1fb604ef59f6cf646
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e4b8726214c982914da69d772b40abe7fb3feba41639ca9f6afc1584a4101632
f16121b04a890c7da687447c0dec5be89073126a368040f8f845ccb979698bbe

phishing.eset.com Open in urlscan Pro 91.228.165.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

358 kBTransfer

856 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

6 Cookies

3 Console Messages

Security Headers

Indicators

phishing.eset.com Open in urlscan Pro
91.228.165.98 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

358 kB
Transfer

856 kB
Size

6
Cookies

20 HTTP transactions
0 data transactions