Henning Klevjer, a student at the University of Oslo in Norway, has described a method of encoding pages entirely within a URI. His paper (PDF) is available online. Does Is there any chance that ESET NOD32 provides any protection against this attack? I'm guessing it doesn't due to the fact that the page being rendered is from data mostly in the URI so no HTTP filtering is done, and I don't believe that ESET NOD32 has any insight into what the browser is rendering. If the page was pulling in data from known malware sites, then I could see that part of the thread mitigtated.