loomish.com Open in urlscan Pro
192.254.232.252  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request card.htm Show response loomish.com/wp-includes/ID3/	59 KB 16 KB	531ms 202ms	Document text/html	192.254.232.252 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://loomish.com/wp-includes/ID3/card.htm Protocol HTTP/1.1 Server 192.254.232.252 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software nginx/1.14.0 / Resource Hash eea451699c8483d038194c354c08ae0267d41f248c11f2a76b4146a9ba1e5c4f Request headers Host loomish.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx/1.14.0 Date Sun, 07 Oct 2018 03:01:19 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Last-Modified Sat, 06 Oct 2018 14:28:16 GMT Content-Encoding gzip
GET S	200	bootstrap-min.css www.paypalobjects.com/digitalassets/c/website/marketing/global/ss7/css/	118 KB 20 KB	97ms 6ms	Stylesheet text/css	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/website/marketing/global/ss7/css/bootstrap-min.css Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:19 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 15 Jun 2016 23:09:52 GMT server Apache vary Accept-Encoding content-type text/css status 200 cache-control max-age=7776000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 19747 expires Sat, 05 Jan 2019 03:01:19 GMT
GET S	200	bootstrap-theme-min.css www.paypalobjects.com/digitalassets/c/website/marketing/global/ss7/css/	23 KB 3 KB	101ms 12ms	Stylesheet text/css	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/website/marketing/global/ss7/css/bootstrap-theme-min.css Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:19 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 15 Jun 2016 23:09:52 GMT server Apache vary Accept-Encoding content-type text/css status 200 cache-control max-age=7776000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 2776 expires Sat, 05 Jan 2019 03:01:19 GMT
GET S	200	77b924a83312878dd46ac7dff08d0eecb52c7b.css www.paypalobjects.com/eboxapps/css/2c/	161 B 340 B	101ms 12ms	Stylesheet text/css	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/eboxapps/css/2c/77b924a83312878dd46ac7dff08d0eecb52c7b.css Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 04ff6df7393311dca2858a4964c0b78c8c6d7e05ce7e2df78cde2a86f358c2da Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:19 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 20 Dec 2016 01:13:59 GMT server Apache vary Accept-Encoding content-type text/css status 200 cache-control max-age=7776000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 132 expires Sat, 05 Jan 2019 03:01:19 GMT
GET S	200	b6a170848d6e52520ff377847df91ba670da58.css www.paypalobjects.com/eboxapps/css/57/	225 KB 35 KB	102ms 12ms	Stylesheet text/css	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/eboxapps/css/57/b6a170848d6e52520ff377847df91ba670da58.css Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7d8d74f3e63a9f0a9ecd6939d9494fa44251fbbf3407f38486058019c64d6aa1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:19 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 01 Aug 2018 20:26:21 GMT server Apache vary Accept-Encoding content-type text/css status 200 cache-control max-age=7776000 strict-transport-security max-age=31536000 accept-ranges bytes content-length 35429 expires Sat, 05 Jan 2019 03:01:19 GMT
GET H/1.1	404 Not Found	Cookie set google_analytics_auto.js loomish.com/	0 0	1116ms 1071ms	Script text/html	192.254.232.252 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://loomish.com/google_analytics_auto.js Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol HTTP/1.1 Server 192.254.232.252 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS Software nginx/1.14.0 / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host loomish.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://loomish.com/wp-includes/ID3/card.htm Connection keep-alive Cache-Control no-cache Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Sun, 07 Oct 2018 03:01:20 GMT Content-Encoding gzip Server nginx/1.14.0 Vary Accept-Encoding,Cookie Connection keep-alive Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Set-Cookie PHPSESSID=f55d82e5ad83d2a929ca5d6530e82068; path=/ Expires Wed, 11 Jan 1984 05:00:00 GMT
GET S	200	oneTouchInject.min.js Show response www.paypalobjects.com/web/res/e59/ec6c2b16fc0a5365f00c2a3798b1c/	3 KB 2 KB	102ms 13ms	Script application/x-javascript	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/web/res/e59/ec6c2b16fc0a5365f00c2a3798b1c/oneTouchInject.min.js Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash bb0137cafd9fd7cb0dd226887a73a0c265b53f41979d7a51c4563543b80aa2d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:19 GMT x-pad avoid browser bug x-content-type-options nosniff last-modified Tue, 18 Oct 2016 22:40:13 GMT server Apache vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=7776000 strict-transport-security max-age=31536000 accept-ranges bytes content-encoding gzip content-length 1334 expires Sat, 05 Jan 2019 03:01:19 GMT
GET S	200	vendors-react-min-15-2-1.js Show response www.paypalobjects.com/digitalassets/c/website/marketing/global/ss7/js/	145 KB 43 KB	8ms 6ms	Script application/x-javascript	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/website/marketing/global/ss7/js/vendors-react-min-15-2-1.js Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 031e03a8d5b71587acfa61901e792304b985f91ffc6e594e179d59f292f5db3c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:19 GMT x-pad avoid browser bug x-content-type-options nosniff last-modified Mon, 11 Jul 2016 22:04:44 GMT server Apache vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=7776000 strict-transport-security max-age=31536000 accept-ranges bytes content-encoding gzip content-length 44076 expires Sat, 05 Jan 2019 03:01:19 GMT
GET S	200	19f76736c697605fcf04cee356cecf0fdb1dc2.js Show response www.paypalobjects.com/eboxapps/js/b0/	68 KB 22 KB	10ms 9ms	Script application/x-javascript	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/eboxapps/js/b0/19f76736c697605fcf04cee356cecf0fdb1dc2.js Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a67e3180db776a94176d35d785374d2ad85a3d836c476eb003098afa8b5fc4d8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:19 GMT x-pad avoid browser bug x-content-type-options nosniff last-modified Wed, 29 Aug 2018 20:51:44 GMT server Apache vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=7776000 strict-transport-security max-age=31536000 accept-ranges bytes content-encoding gzip content-length 22224 expires Sat, 05 Jan 2019 03:01:19 GMT
GET S	404	c86c6a0519u2uxzD2vfQp3SHiTaF67gsVfzLy5nJFq.js www.paypalobjects.com/eboxapps/js/8b/	0 0	206ms 205ms	Script text/html	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/eboxapps/js/8b/c86c6a0519u2uxzD2vfQp3SHiTaF67gsVfzLy5nJFq.js Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache expires Sun, 07 Oct 2018 03:01:19 GMT cache-control max-age=0, no-cache, no-store content-type text/html; charset=iso-8859-1
GET S	200	pa.js Show response www.paypalobjects.com/pa/js/min/	29 KB 10 KB	11ms 10ms	Script application/x-javascript	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/js/min/pa.js Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 17580e53b0df728ea5ad89feb3a46355405aa07f79f7150919a2c12049e90157 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:19 GMT x-pad avoid browser bug x-content-type-options nosniff last-modified Wed, 19 Sep 2018 03:03:44 GMT server Apache vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=3600 strict-transport-security max-age=31536000 accept-ranges bytes content-encoding gzip content-length 10189 expires Sun, 07 Oct 2018 04:01:19 GMT
GET S	200	bs-chunk.js Show response www.paypalobjects.com/tagmgmt/	67 KB 19 KB	12ms 11ms	Script application/x-javascript	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/tagmgmt/bs-chunk.js Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 76ff37f657185e7349a8fab1614de90fd15924ccd2155b7267f46776d2b17aa9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:19 GMT x-pad avoid browser bug x-content-type-options nosniff last-modified Fri, 08 Jun 2018 16:41:33 GMT server Apache vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=7776000 strict-transport-security max-age=31536000 accept-ranges bytes content-encoding gzip content-length 19288 expires Sat, 05 Jan 2019 03:01:19 GMT
GET S	200	sprite_countries_flag4.png www.paypalobjects.com/webstatic/mktg/icons/	68 KB 69 KB	9ms 8ms	Image image/png	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 94ffc263295036858354cea9af2d7f0e45e1a030e781edd1655727c4b0eb226c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypalobjects.com/eboxapps/css/57/b6a170848d6e52520ff377847df91ba670da58.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Sun, 07 Oct 2018 03:01:20 GMT x-content-type-options nosniff last-modified Tue, 02 Dec 2014 22:01:37 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 69730 expires Sun, 07 Oct 2018 03:01:20 GMT
GET S	200	ppcom.svg www.paypalobjects.com/webstatic/i/logo/rebrand/	5 KB 2 KB	6ms 6ms	Image image/svg+xml	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom.svg Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypalobjects.com/eboxapps/css/57/b6a170848d6e52520ff377847df91ba670da58.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 07 Oct 2018 03:01:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 21 Apr 2014 21:29:42 GMT server Apache status 200 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * strict-transport-security max-age=31536000 accept-ranges bytes content-length 2352 expires Tue, 06 Nov 2018 03:01:20 GMT
GET S	200	PayPalSansSmall-Medium.woff2 www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/	38 KB 38 KB	93ms 8ms	Font application/font-woff2	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Medium.woff2 Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://www.paypalobjects.com/eboxapps/css/57/b6a170848d6e52520ff377847df91ba670da58.css Origin http://loomish.com Response headers date Sun, 07 Oct 2018 03:01:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Jun 2016 16:50:06 GMT server Apache status 200 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * strict-transport-security max-age=31536000 accept-ranges bytes expires Tue, 06 Nov 2018 03:01:20 GMT
GET S	200	PayPalSansBig-Light.woff2 www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/	37 KB 38 KB	104ms 18ms	Font application/font-woff2	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Light.woff2 Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 4619d70d7bd1b3d7572940e9ee7f31bc4c07f4c9cad6ae2d3e5b2eb555b6a2c0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://www.paypalobjects.com/eboxapps/css/57/b6a170848d6e52520ff377847df91ba670da58.css Origin http://loomish.com Response headers date Sun, 07 Oct 2018 03:01:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Jun 2016 16:50:06 GMT server Apache status 200 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * strict-transport-security max-age=31536000 accept-ranges bytes expires Tue, 06 Nov 2018 03:01:20 GMT
GET S	200	PayPalSansSmall-Regular.woff2 www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/	36 KB 37 KB	98ms 13ms	Font application/font-woff2	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Regular.woff2 Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software Apache / Resource Hash fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://www.paypalobjects.com/eboxapps/css/57/b6a170848d6e52520ff377847df91ba670da58.css Origin http://loomish.com Response headers date Sun, 07 Oct 2018 03:01:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Jun 2016 16:50:06 GMT server Apache status 200 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * strict-transport-security max-age=31536000 accept-ranges bytes expires Tue, 06 Nov 2018 03:01:20 GMT
GET S	404	c86c6a0519u2uxzD2vfQp3SHiTaF67gsVfzLy5nJFq.js www.paypalobjects.com/eboxapps/js/8b/	0 0	6ms 6ms	Script text/html	2.20.22.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/eboxapps/js/8b/c86c6a0519u2uxzD2vfQp3SHiTaF67gsVfzLy5nJFq.js Requested by Host: loomish.com URL: http://loomish.com/wp-includes/ID3/card.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.20.22.134 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-20-22-134.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer http://loomish.com/wp-includes/ID3/card.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache expires Sun, 07 Oct 2018 03:01:20 GMT cache-control max-age=0, no-cache, no-store content-type text/html; charset=iso-8859-1
GET H/1.1	200 OK	serverComponent.php Show response nexus.ensighten.com/paypal/paypal_chunk_poc/	0 761 B	363ms 172ms	XHR text/javascript	52.52.65.159 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://nexus.ensighten.com/paypal/paypal_chunk_poc/serverComponent.php?r=434.29714064080895&ensJson=true&ClientID=1620&PageID=http%3A%2F%2Floomish.com%2Fwp-includes%2FID3%2Fcard.htm%3Ftms_country%3DUS%26tms_enforce_policy%3D%26tms_targeting%3Dundefined%26ensJson%3Dtrue Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/tagmgmt/bs-chunk.js Protocol HTTP/1.1 Server 52.52.65.159 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-52-65-159.us-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://loomish.com/wp-includes/ID3/card.htm Origin http://loomish.com Response headers Expires Sun, 07 Oct 2018 03:01:19 GMT Cache-Control no-cache, no-store Content-Type text/javascript

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| antiClickjack object| modelData object| PAYPAL object| React object| ReactDOM object| griffinBundle undefined| appElement object| dataLayer object| fpti string| fptiserverurl object| ensBootstraps object| Bootstrapper string| k

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			loomish.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: f55d82e5ad83d2a929ca5d6530e82068

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://loomish.com/wp-includes/ID3/card.htm(Line 44) Message: %c WARNING!!!
console-api	log	URL: http://loomish.com/wp-includes/ID3/card.htm(Line 45) Message: %c This browser feature is for developers only. Please do not copy-paste any code or run any scripts here. It may cause your PayPal account to be compromised.
console-api	log	URL: http://loomish.com/wp-includes/ID3/card.htm(Line 46) Message: %c For more information, http://en.wikipedia.org/wiki/Self-XSS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

loomish.com
nexus.ensighten.com
www.paypalobjects.com
192.254.232.252
2.20.22.134
52.52.65.159
031e03a8d5b71587acfa61901e792304b985f91ffc6e594e179d59f292f5db3c
04ff6df7393311dca2858a4964c0b78c8c6d7e05ce7e2df78cde2a86f358c2da
17580e53b0df728ea5ad89feb3a46355405aa07f79f7150919a2c12049e90157
4619d70d7bd1b3d7572940e9ee7f31bc4c07f4c9cad6ae2d3e5b2eb555b6a2c0
76ff37f657185e7349a8fab1614de90fd15924ccd2155b7267f46776d2b17aa9
7d8d74f3e63a9f0a9ecd6939d9494fa44251fbbf3407f38486058019c64d6aa1
94ffc263295036858354cea9af2d7f0e45e1a030e781edd1655727c4b0eb226c
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df
a67e3180db776a94176d35d785374d2ad85a3d836c476eb003098afa8b5fc4d8
b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0
bb0137cafd9fd7cb0dd226887a73a0c265b53f41979d7a51c4563543b80aa2d9
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea451699c8483d038194c354c08ae0267d41f248c11f2a76b4146a9ba1e5c4f
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e