firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 09:14:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: v44ZSs4dD2JW0JxF-TZ_e-PbgMOwCB5bWso-NP1b_FEXOZfTjfwfrw==
Age: 3306
xooom-home.in/
200 OK 8.5 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9959)
Hash e78790a0216133dc3de1d51f312f5071
5827b0f5f977ab34dabc837612c306addc348ac4
31ce0c2ca3a955d55a7c804ef5c8656177b4ff54d45c134fc35a38c4624c1375
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET / HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=0
Last-Modified: Sun, 18 Sep 2022 05:31:31 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQeefRej3ngS2lVD6JXP9EYxHwp%2B%2F373whvQxTr8T%2BZdlTCTkDqvmQDQeaxi7rXyJHLSgthbe20eYkOSOVAkUH94RzMSPO1hOo3DpijUWI6%2F9OzkYIFY8lOUxnEVrukO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e2016f1fdbb50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10362
Expires: Wed, 21 Sep 2022 13:02:11 GMT
Date: Wed, 21 Sep 2022 10:09:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7HMj0pCXH9hFDbH7MieisiVTdH51AirNxVtRUMFauo5lQDHzWZq2Mw==
age: 20056
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 10:09:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.1.min.js
200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.1.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 2c8fb5f779970f005faea6e0f60c7e85
c9b676abdb36ea6ccf133eb7641236a7f53dd815
d14d28eea362f345cb56e1ae1244737768d80bc60dea930f308bde89dfa0c0f1
GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xooom-home.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:09:29 GMT
content-encoding: gzip
content-length: 30957
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-15e40"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663754969.dop203.sk1.t,1663754969.cds252.sk1.hn,1663754969.cds206.sk1.c
X-Firefox-Spdy: h2
xooom-home.in/index_1.html
200 OK 633 B URL HTTP/1.1 xooom-home.in/index_1.html
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (1851), with no line terminators
Hash 2b35b9d12c9ddc8ed5756263f796bf68
b746318f1751db2f0f9f61cb620b391d2abb38ff
c1fa9957bbbfdd832b92aa160d317321edc2d6ffe6ee7d42bd3e42b95c54be57
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /index_1.html HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=0
Last-Modified: Fri, 09 Sep 2022 09:29:12 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngh7oSS0HLBZrpHOu%2FDH5rQsRACTY%2F7cGY%2FB9E9EH4ec8wHxKhWAo1E3z3gAr%2BcuEU2oYQPfgJ6Onto0GKYm7sCJxxQ7xeG3YBE0f8vmh2C9fp54vZ9VKYcrJ96lSS3C"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e20171ab4db50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:09:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xooom-home.in/index_3.html
200 OK 273 B URL HTTP/1.1 xooom-home.in/index_3.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (309)
Hash 6e07cba1e71559056833307f5fdd7e0b
1ffc445f290bb859719594c3799cbbecb928e126
f6361b9daa0459ecac1d7e97e856d5d006867bad6ef428a9cfc01db7486a8bb7
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /index_3.html HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=0
Last-Modified: Fri, 09 Sep 2022 09:29:13 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7QgQNxHCKEK8JfTsL7ZGNCBSg9v9QS%2B2uXvKg6RSPQ7Sjc4cqYXQjhkhITCIT4tL%2FYcriTXsX7ZqyL5djGEZaz%2FWWkRVSs8doAYyXQvmZjPQ6Q1QTq8MHwrsqWXD03F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e20171ac960afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xooom-home.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 13:42:27 GMT
expires: Sat, 16 Sep 2023 13:42:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 419222
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xooom-home.in/ttb6FCoZNodtISkM.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/ttb6FCoZNodtISkM.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /ttb6FCoZNodtISkM.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:20 GMT
ETag: W/"0-183219510b8"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yg%2B6%2F3HB%2FFN9BZkN58WCDPl0bQXR3VsJFi4ldBTB0Fv9yxDNBoaz553qac9kHW2VPtAQpvEz0TF%2FfijofaVYFIKaniu3j6sIG9A8NbNsnWSJOTl2KQj1N1JnsK3YAPrj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201725f22b518-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/5lJPM2fAYsQkV9dy.png
200 OK 81 B URL HTTP/1.1 xooom-home.in/5lJPM2fAYsQkV9dy.png
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Analyzer Verdict Alert openphish TD Bank Group
GET /5lJPM2fAYsQkV9dy.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 81
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:06 GMT
ETag: W/"51-1832194d7ec"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OnAirO1SdZATT5YEgONAedWd1x0A75xyBxJmElcG8FTJ8xAlXMrReNaQRtpFYJ3etr7imqm4k7hArvIfyp%2BYiazjF5NnM8nC8VglDMq4pzBkGZF69wS3%2Boi2wJNEiQp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201725d520afe-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:09:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xooom-home.in/ttb6FCoZNodtISkM-2.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/ttb6FCoZNodtISkM-2.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /ttb6FCoZNodtISkM-2.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:20 GMT
ETag: W/"0-18321950ef0"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uySO5FtwhEuHNPhewWgFueayL4S%2Fku%2BkN%2BFsvuDODS%2BCNvUJqyrd2y843TmSVtFD7WLEzS1WRjuMZ%2FsyOBnNEnwwgW%2FW4Y1oMosdyyZAEB4Gb5HDwB8vaSJbczLnFPwh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201726c4ab50f-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/ttb6FCoZNodtISkM-1.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/ttb6FCoZNodtISkM-1.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /ttb6FCoZNodtISkM-1.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:19 GMT
ETag: W/"0-18321950d14"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jk%2FTElFU%2FVTSY86Fud73h%2BlosEyK0MiDbPThW58aA5xPLu4m1jh0pBSBozi%2BQkOpOpyyNaogvwySCGjLzLW6ordx7heBIhFUpLA7EUR4%2BfbhDeJCwQq0sF%2FjF%2Bbn1hVK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201726b86b50b-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/MhwEyduuFk0MxpDt.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/MhwEyduuFk0MxpDt.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /MhwEyduuFk0MxpDt.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:16 GMT
ETag: W/"0-18321950044"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWn9dVPX5hZPTYWTOP8jLa3H0BMfURUTmSS5KOzvVTK58TQyasgAZn8sa%2B3stdjcuulp9eXIcbRGVNv%2F9BLAjuHKwhnS4S2zRG8aZPRx5G8phGokfPpgXD9QDABtknmH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201726abf0b59-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/index_4.html
200 OK 341 B URL HTTP/1.1 xooom-home.in/index_4.html
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (373), with no line terminators
Hash 06a518b7907cc681a628acacc659701f
7fcb4a5aa37cdfbaad7590c2d6599ee42f6048c1
725b26e00a47aba4c543de87683a8b1f038231184eedbbe291a577eef721c9d7
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /index_4.html HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=0
Last-Modified: Fri, 09 Sep 2022 09:29:13 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07ZqZodVKIf%2FWPN3rAOan%2FUyp22hPc8bY5WJwVvetNrlLZvsce61ljrWOEqE%2BdbxK3J0kJguzak%2BVdztoN02WaX6xcdW6UCmlNmmaXB60M1zdLd92yTrjplzfUTJ3g%2BB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e20172ede00afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
xooom-home.in/styles.14a50f9555310c5a926d.css
200 OK 46 kB URL HTTP/1.1 xooom-home.in/styles.14a50f9555310c5a926d.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65413), with CRLF line terminators
Hash e092a1c2d9db562dd9db6ebac6a0abed
d7d86ac6b305eca9885f84a62bcac1d764bb5984
8acc54833bb310e9d311e8008bc3a348c1061dfad42a12c110c15e233fb717ec
Analyzer Verdict Alert openphish TD Bank Group
GET /styles.14a50f9555310c5a926d.css HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:18 GMT
ETag: W/"4adce-18321950970"
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4B9x%2B0NDxA8J0lss%2FIY6IfDr%2BFPStYocnYhcaglOmku490vOqenFxOzrlAiVazdPR171PfbgCMoScJpwDLwjdV7fE55KmE94Wba2HxOk9HqY27rCscRaiVPmYGvpEU7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20171bafeb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
xooom-home.in/index_2.html
200 OK 416 B URL HTTP/1.1 xooom-home.in/index_2.html
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (469), with no line terminators
Hash 845ea4c848c3e78f4f8c5235579056d8
9815b7e5641cfcc6733eb11df22487e5c93055e0
260f9dc7a434785304bf471c5565d5edc9029b24b73084226782b990ef79a06d
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /index_2.html HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=0
Last-Modified: Fri, 09 Sep 2022 09:29:13 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuruvsvMmD%2FVxiptuHzr8JULgmZQRhoSNInTqb6PJ1aAQ52Ftn%2FTv3k80ij1bOKPFrHWWAmS10ovuIExIVb97HykFTnqJFjVlnnWZEZzYRloPMH4DDrWs8jBpq3KA03n"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e20172bf82b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
xooom-home.in/LkByJCL4cY1aBfVx.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/LkByJCL4cY1aBfVx.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /LkByJCL4cY1aBfVx.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:16 GMT
ETag: W/"0-1832194fe84"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVembToQ3y9ixjkwJfhutsFK4XNrzJErOZ%2BaM2m3tJ%2BlfdNqV4BmXIVlBOC2Nq6jA%2BMXjm%2BcugyDYky4Zw26qSOGFD43m776P89253Y03Z2LYTIWz5H9NJsoG7QBYEWQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20172fd06b50f-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/LkByJCL4cY1aBfVx-1.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/LkByJCL4cY1aBfVx-1.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /LkByJCL4cY1aBfVx-1.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:14 GMT
ETag: W/"0-1832194f9c4"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6ZwiFqerqwPvgLgmCQaeGkoyQPVD%2BcTos%2B3TIlS90PVp0tBa65EPu2T4pyAdnnckuru%2FAyKksj3uctnrt2dxlSPNnhILDrja88jNEpe8K7cNmQXSY5DbQW8tNAD2x57"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201731c5db50b-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/LkByJCL4cY1aBfVx-2.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/LkByJCL4cY1aBfVx-2.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /LkByJCL4cY1aBfVx-2.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:15 GMT
ETag: W/"0-1832194faf4"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XssX5HJfP3hgRzIypMmHKwipxcbXR%2FY2M0d7lnTTpbYMgiNqmV4wZqH7xVopx%2Bdeqo9jiMPfhVbaQTjNPL80vrZsVYAsg%2BauvS2XNKQwLUnjbHji3KcTpph0BfkSaLZ7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201733e1e0afe-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/LkByJCL4cY1aBfVx-3.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/LkByJCL4cY1aBfVx-3.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /LkByJCL4cY1aBfVx-3.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:15 GMT
ETag: W/"0-1832194fb8c"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRVT%2Fi0VeoRm%2FP6zw4utQVM8YsryZADGrYoKOIiqoZVl1pOrrFm80qC1daBQfy9iDymD2xfHwrJWR%2BIbClHDIUvmwln%2B6vW63W4Q6%2BCAYGf8NPPC%2BzdEG36LCGpzyOtj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201735d3db521-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/LkByJCL4cY1aBfVx
200 OK 0 B URL HTTP/1.1 xooom-home.in/LkByJCL4cY1aBfVx
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /LkByJCL4cY1aBfVx HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 09 Sep 2022 09:29:14 GMT
ETag: W/"0-1832194f7c4"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GZuBIiRU0h3T0pKf4qtHIpgLrZHC%2Fn9TEOUF86AiYSk760dOVoveDvNmCXQRjofArKBNo%2FFZkpXfAJOrDCq1wRe%2FEoBUE8zND5oiuyiaaIjtYNhThyVhes0mRjrCFg1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e201735b980b59-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/LkByJCL4cY1aBfVx-4.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/LkByJCL4cY1aBfVx-4.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /LkByJCL4cY1aBfVx-4.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:15 GMT
ETag: W/"0-1832194fcbc"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PskHxN5WayZ6%2BlaK3t4AxvncPlumN9qNzRi2lR6930xLwzRQVcShRkkEq5lsZviEevzFxYeo1XYrMD%2FdFrK6NZ%2FQHGfcSIxUnYrCuGzIuWA9haerk8Dx%2BIr9HGYPU%2BKi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20173683ab518-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/LkByJCL4cY1aBfVx-5.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/LkByJCL4cY1aBfVx-5.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /LkByJCL4cY1aBfVx-5.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:15 GMT
ETag: W/"0-1832194fd54"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajcuQzZ7dLVQds33UcyG5Cr8sLqUA%2FmSvfJ2Kfhp%2FN%2FOozpA5VrUIsPgOFsR6JWPjOGqY5giHAPA5o5%2FiToPzWvcbZz893iKyhkSPxeEKbVxmJqllfdq%2BzJ%2BqaOEXbiJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201738da1b50f-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/country_ca.png
200 OK 228 B URL HTTP/1.1 xooom-home.in/country_ca.png
IP
File type PNG image data, 44 x 32, 8-bit colormap, non-interlaced\012- data
Hash 6734710d514e2b970927d9656f239ee7
ff5544805b41ebfeacdc1a6adcec634943d51c85
0373017fc21c582e0897f8f97d648ccc9fbd188a315b74940a86cbfdb4f361fb
Analyzer Verdict Alert openphish TD Bank Group
GET /country_ca.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 228
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:06 GMT
ETag: W/"e4-1832194da48"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zztxh42BNKHzhnppb9MuAY2h6ArwSMAvP5Uo2lZnf5q2JGlv9xoiMu7XRuPy%2FbpaOU%2FOimBZrWu6%2BLwVbkVwRN1M9ibupuPdfKqg8OkvdJDGmMA8sM%2FL1p95APJCZ8XE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20173ad32b50b-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/td-logo.png
200 OK 3.2 kB URL HTTP/1.1 xooom-home.in/td-logo.png
IP
File type PNG image data, 89 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash d6ec7ee7762d9cd12060f73045d408cb
d88f3d0e766fff7f28d3defefe5789f1b4607a74
e9682e19c129f7675bf49c78b22a6fb88b0d7fe6442cb6f3e2b555b5e94bb3ca
Analyzer Verdict Alert openphish TD Bank Group
GET /td-logo.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 3175
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:17 GMT
ETag: W/"c67-18321950358"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7GlP6MNThyHQnW7Dk%2BxVCwwurlNxKp9AhLGTzXCXiWIPZzwxEF%2F%2BRD37iDdlRKjoi3eosh8EfKxpWy%2BzGiIhfO9pGLAt3tRCoJb3YL82%2F%2BHjL73h0En%2BylA3bNcxgZ2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201742e6fb50f-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/weblysleekuil-webfont.6755d12c56285cf53676.woff2
200 OK 19 kB URL HTTP/1.1 xooom-home.in/weblysleekuil-webfont.6755d12c56285cf53676.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18916, version 0.6553\012- data
Hash 72edbbed6903a12b8b4cec692cceb12c
994bef1431bd74db54f55db8591a5ce8852d0004
7f8f92a1913474ebb54f27bb9a908eb8006c76665ed14ed7ebea958b661b4b7a
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /weblysleekuil-webfont.6755d12c56285cf53676.woff2 HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://xooom-home.in/styles.14a50f9555310c5a926d.css
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: font/woff2
Content-Length: 18916
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:22 GMT
ETag: W/"49e4-183219517d0"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BL0PDAIHeL4OIEBkhJ2M0tofWEc76ucgpLazRjaVfX%2Ffncnh%2FXnT4EAPlKK%2BxT3G%2FSKZ5W7pCdJMwQlLJvvHmvzw3xLl%2Fi%2B2IEuEkXCykZH51L9qrsAb%2F60trSSJy3n"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20173f907b518-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/weblysleekuisl-webfont.66604a205b26ae0393b2.woff2
200 OK 22 kB URL HTTP/1.1 xooom-home.in/weblysleekuisl-webfont.66604a205b26ae0393b2.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21472, version 0.6553\012- data
Hash 126e02064a18f3b18704b05b369a7d10
4e0b6c5bf20f976ac41df32bf9d9b8ccc102d8a3
8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /weblysleekuisl-webfont.66604a205b26ae0393b2.woff2 HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://xooom-home.in/styles.14a50f9555310c5a926d.css
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: font/woff2
Content-Length: 21472
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:24 GMT
ETag: W/"53e0-18321951d34"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7lb5sXJaoGdN9xgD5CMRwr3DhKmw1ufMSqOjswuZMzlz1pUMyOOs%2FgwQUIHJTDC15vbHphugaxk4JXyp3ns13V8gwp28KuxBAXxj2D62jOYx4TH94zk1I8vnvUzhKYD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20173cea20afe-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/TDGraphik-Light-Web.ac32324d8d2bb0cdec57.woff2
200 OK 38 kB URL HTTP/1.1 xooom-home.in/TDGraphik-Light-Web.ac32324d8d2bb0cdec57.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 37564, version 1.0\012- data
Hash 7a410328894badfcdb0e2f48e2d2919f
af7164d1f63a19aef55636f18011ee547eb496f2
43ad095f34da8d8d17e1aa49feec927460e0f3cd1d58448164d2f65c19477f97
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /TDGraphik-Light-Web.ac32324d8d2bb0cdec57.woff2 HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://xooom-home.in/styles.14a50f9555310c5a926d.css
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: font/woff2
Content-Length: 37564
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:18 GMT
ETag: W/"92bc-183219506f4"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCGHipwayai2U0Z9jaRgH%2BMNDWqcjlwDjIO9EDY2ZUX8yNGP%2FaEwuAOom8znb%2BlRTp%2Bu0LArI6T3AW5s7n4CvZnT8Gmt9fFj9D%2F79p4FCDANA2xvxfBmTDBoL2FqJK7M"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20173edf9b521-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/LVxRG2tzLtdnJNan.png
200 OK 81 B URL HTTP/1.1 xooom-home.in/LVxRG2tzLtdnJNan.png
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Analyzer Verdict Alert openphish TD Bank Group
GET /LVxRG2tzLtdnJNan.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 81
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:16 GMT
ETag: W/"51-1832194ffb0"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUSoLgK4yTVNK31rXfrt9uFhz4pM7H%2Bxhf%2B8aeSrZTzEYTch8xti0h18GKOqAFS4mVq8zIIuTnpO6Jj%2FW5v7R1U6%2BHnfen2nuu00ZLDm9JTUXchEBfCS9myGweE5ZKPE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201747ebdb50f-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/DX_jZVWwKffuyhhM.png
200 OK 0 B URL HTTP/1.1 xooom-home.in/DX_jZVWwKffuyhhM.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish TD Bank Group
GET /DX_jZVWwKffuyhhM.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_2.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:07 GMT
ETag: W/"0-1832194ddd8"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRHE%2FvUjkxogQnuhJ5duoYG2%2BFVwRirJSmoJdNuSzJtIRsEa0aDUWoSgjtX4I8yVjw2P68CnME0VfEHTVkDYVTNRT3cBMdJnNGBimAh%2FY%2F0TkswCZcZzQtE9hALJWi%2B4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201748a0eb518-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 10:03:22 GMT
Expires: Wed, 21 Sep 2022 10:46:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dq4LDcRutk1p1nkQ6YjDAISqb5e0n61BsgmX8y4JfJBCxAczQuw2zA==
Age: 368
xooom-home.in/icons.4a4e4163bc508eee5cec.woff2
200 OK 49 kB URL HTTP/1.1 xooom-home.in/icons.4a4e4163bc508eee5cec.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 48892, version 1.0\012- data
Hash 97ca9b9b49614925613feb4158e1f51b
f0876338238f24a889b137c5cc047c3e09b3e4df
90400b04843bd9ff25ca2b1864b794caf7f50dfd1171707339ab9c0cf63c78c7
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /icons.4a4e4163bc508eee5cec.woff2 HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://xooom-home.in/styles.14a50f9555310c5a926d.css
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: font/woff2
Content-Length: 48892
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:10 GMT
ETag: W/"befc-1832194e8f4"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyCK7ESJNPSeAOtqrnz2wPWfRwDspkn5XGCHWfbV%2Fl41kDqDxNt1yz9VbCg0dXRShaQeFghIGVX%2BAKtTRh7C%2FSC6Vm0bRGI11Bfi2EImAPGPolqGecSWjcjVlkVLyVQk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20173ec270b59-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/country_us.png
200 OK 156 B URL HTTP/1.1 xooom-home.in/country_us.png
IP
File type PNG image data, 44 x 32, 4-bit colormap, non-interlaced\012- data
Hash 41cc8bb4b75bb0eade7233b4cfcb08a3
d90cf942e3bac8385867d96cd6cd1cd9136bacc1
d6b16b0f2068f7256c58f598770ae2ab34dfa4a4add0316fdd5057b1953a408c
Analyzer Verdict Alert openphish TD Bank Group
GET /country_us.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:07 GMT
ETag: W/"9c-1832194dc18"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dL1MMOuXa9BS3DgnuT%2FhezdO%2BusPulp9TVYSbt8znWbBnGAXVz2IU2aUkyBLiEzAoTIwZOG4QwZFF51rQmMcqcCciDtOISEgA00h0AVlQRxcmSnWdTP7tG3sUqcWYWjy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20174befeb521-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/DvN7Rl9Ww6QESL-J.png
200 OK 81 B URL HTTP/1.1 xooom-home.in/DvN7Rl9Ww6QESL-J.png
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Analyzer Verdict Alert openphish TD Bank Group
GET /DvN7Rl9Ww6QESL-J.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/index_1.html
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 81
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:07 GMT
ETag: W/"51-1832194dc9c"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceKTHDSh5%2BaxTjv3oBoRftjLO64JCPjfQXs7M6JWa%2BzAXmp4UWfQogQYicx8iRrYlDn8mezvB9MxJBVYL1j3FwuDgE45q4a%2Bo9rUABpO140%2BmqB0Ejdc%2FwqygKiUTOOE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201749f630afe-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/footer_seat.png
200 OK 158 kB URL HTTP/1.1 xooom-home.in/footer_seat.png
IP
File type PNG image data, 636 x 566, 8-bit/color RGBA, non-interlaced\012- data
Size 158 kB (157576 bytes)
Hash b1d7c3170c6dfafd7e89ea29aadf3c53
6f7131956ce52c3a40d7d9bfc723afc7de2422e0
2e3f935ac779b7440c7ce9981857ed58156acf3c0c4e65bac733b31210f6fb97
Analyzer Verdict Alert openphish TD Bank Group
GET /footer_seat.png HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/png
Content-Length: 157576
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:09 GMT
ETag: W/"26788-1832194e5f0"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkFJnrilRPil7ICcEwRMXsUl7%2BjhdPONT4I6epYcWoZtRbOC4nzZ3YwAcXX0Vig%2BTB%2F72aXL0oiJgJ5GruQSouVav5T%2BNioY%2FpKszo4C48LKbpqqahvQivbYV8jTmWsJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e201743db5b50b-OSL
alt-svc: h2=":443"; ma=60
xooom-home.in/favicon.ico
200 OK 117 B URL HTTP/1.1 xooom-home.in/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash 6d8519fd624376c046cbf7661a83df22
8e00dae9b4726163dcae0aebf1cca5525a33afec
21e02c0bf789c64daeaf95e96ce96ebea2ab3ee9495a4695dd35a132ac50c1bc
Analyzer Verdict Alert openphish TD Bank Group
GET /favicon.ico HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:09:30 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=14400
Last-Modified: Fri, 09 Sep 2022 09:29:08 GMT
ETag: W/"13e-1832194def8"
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvlmNGYhwVGVEYjR8D%2FWqEeo7Dz8ZTMiJmlk7XOqT8aftHp6ajGbyq5ZRju91X6zPdMRo5QBrtEIlsr%2FUp6YTz8U6eh2XLEa%2BRaGVd8ZnoguWCAGcEw%2BJ6Dm%2BCpHK0ww"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e20175af38b50b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6337
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:09:30 GMT
Last-Modified: Wed, 21 Sep 2022 08:23:53 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3/9+O1S+nlmrFiGNh0EZBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ed+cC4+WuNWclC3E1GfyS+E9KTY=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11042
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:09:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11042
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:09:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11042
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:09:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 42458
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 70271
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 285c04fe0904d41ab1c0259942fa26ec
3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34
b91184725a4171202201b5478271a3ab361c54a8893b4dee70d941821a2e70a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10293
x-amzn-requestid: 0c8a78d5-44be-47f4-927a-f39b0d0dc86f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yvoh3GT2oAMFvig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63295472-73b322996216171a342783b7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 05:49:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: a7rPEaM9bqheTlQP1Hr5xwHgW8HenLAvoH95TTtGFu0169tsGnheFQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:29:09 GMT
age: 42023
etag: "3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4eb6d1b35f680bfec656941b6167fd23
344c6000dbdafdb5105edc93a082d640c3e95ddc
67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 44003
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 44774
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4df06b3e4176e8f080c997bfae578142
0850ed5db509f8a75439eca5866c2bb6ca3195d3
43e8bfd931d778ac5ebf2d4a8c9915cb05394b6499f9a8575cfc8ce93edd7d92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4789
x-amzn-requestid: fd67c05a-0e9f-4b9d-9c26-512548f75b99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvYxG8TIAMFfbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c37-687c7aef7c45adce6f7ac52d;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tLkR_htJKic-P8EhJeRkLB5uZmGsjj9OV-qKakop9O8ySOMognSgjw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:08:20 GMT
age: 43272
etag: "0850ed5db509f8a75439eca5866c2bb6ca3195d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xooom-home.in/forms/%3C%=token%%3E
400 Bad Request 155 B URL HTTP/1.1 xooom-home.in/forms/%3C%=token%%3E
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 38b4930f1180292d1f82d7e7f9bac8cd
cda1f69ec2d5c3ad7184074eeb051b3881bbb757
efca0895b4d88b27a94249f8e7ac0083eff0a4ff3ac37c2841b3f6d7e11c1905
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /forms/%3C%=token%%3E HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 21 Sep 2022 10:09:32 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -
xooom-home.in/forms/%3C%=token%%3E
400 Bad Request 155 B URL HTTP/1.1 xooom-home.in/forms/%3C%=token%%3E
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 38b4930f1180292d1f82d7e7f9bac8cd
cda1f69ec2d5c3ad7184074eeb051b3881bbb757
efca0895b4d88b27a94249f8e7ac0083eff0a4ff3ac37c2841b3f6d7e11c1905
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /forms/%3C%=token%%3E HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 21 Sep 2022 10:09:34 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -
xooom-home.in/forms/%3C%=token%%3E
400 Bad Request 155 B URL HTTP/1.1 xooom-home.in/forms/%3C%=token%%3E
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 38b4930f1180292d1f82d7e7f9bac8cd
cda1f69ec2d5c3ad7184074eeb051b3881bbb757
efca0895b4d88b27a94249f8e7ac0083eff0a4ff3ac37c2841b3f6d7e11c1905
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /forms/%3C%=token%%3E HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 21 Sep 2022 10:09:36 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -
xooom-home.in/forms/%3C%=token%%3E
400 Bad Request 155 B URL HTTP/1.1 xooom-home.in/forms/%3C%=token%%3E
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 38b4930f1180292d1f82d7e7f9bac8cd
cda1f69ec2d5c3ad7184074eeb051b3881bbb757
efca0895b4d88b27a94249f8e7ac0083eff0a4ff3ac37c2841b3f6d7e11c1905
Analyzer Verdict Alert openphish TD Bank Group
fortinet Phishing
GET /forms/%3C%=token%%3E HTTP/1.1
Host: xooom-home.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://xooom-home.in/
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Wed, 21 Sep 2022 10:09:38 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -
172.67.144.218
93.184.220.29
23.36.76.226