Report - ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t

Report Overview

Submitted URL
ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t
IP
208.75.122.11
ASN
#40444 ASN-CC
Submitted
2024-03-29 14:05:52
Access
public
Website Title
5d3647a87cec464d8aeb23e31a4037536606cab6c48c3
Final URL
luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Tags
microsoft phishing outlook
urlquery detections
Phishing - Microsoft
Phishing - Microsoft Outlook

Detections

urlquery
17
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-03-28	1.7 kB	70 kB	104.17.3.184
classify-client.services.mozilla.com	3824	1994-10-18	2019-01-09	2024-03-28	357 B	344 B	34.98.75.36
aadcdn.msauthimages.net	4795	2018-11-12	2019-08-14	2024-03-28	522 B	22 kB	152.199.21.175
unpkg.com	11693	2016-01-06	2016-01-08	2024-03-28	816 B	84 kB	104.16.123.175
ri8hc4gbb.cc.rs6.net	unknown	unknown	No data	No data	759 B	434 B	208.75.122.11
bedfoundation.net	unknown	2022-10-08	2023-01-12	2024-03-26	564 B	390 B	103.191.241.46
luxuway.com	unknown	2023-12-19	2023-12-19	2024-03-28	10 kB	643 kB	172.67.221.192

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (62)

	URL	Size	First Seen	Last Seen
	luxuway.com/jm/aed100793692446f8bcb437f19aa85fb6606cab6d480b	6.4 kB	2023-10-11	2024-04-27
Pretty URL luxuway.com/jm/aed100793692446f8bcb437f19aa85fb6606cab6d480b IP 172.67.221.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-11 19:03:08 Last Seen2024-04-27 04:04:31 Times Seen43800 Hash 82ff6e77e3b8f004b23294185e108264 03c685b50fd4587427495348cd1231882a8c48d0 0e230a53a5d5abd125c2a8e1cdd97b32ddd84a9f7fd07c23bff95413886b05fa Loading...

	luxuway.com/jq/aed100793692446f8bcb437f19aa85fb6606cab6d4806	86 kB	2023-03-07	2024-04-27
Pretty URL luxuway.com/jq/aed100793692446f8bcb437f19aa85fb6606cab6d4806 IP 172.67.221.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 08:24:15 Times Seen385014 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	unknown	37 B	2023-04-11	2024-04-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-04-27 08:22:10 Times Seen231879 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unpkg.com/axios/dist/axios.min.js	42 kB	2024-03-15	2024-04-27
Pretty URL unpkg.com/axios/dist/axios.min.js IP 104.16.123.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 17:36:33 Last Seen2024-04-27 04:04:33 Times Seen10010 Hash 3b5b3d36fde8ffe8ed76b1efbfc65410 d63107d0912fdb387530d5ce2d512c928d73d122 29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304 Loading...

	unknown	79 B	2023-04-11	2024-04-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-04-27 08:22:10 Times Seen124585 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	luxuway.com/boot/aed100793692446f8bcb437f19aa85fb6606cab6d4809	51 kB	2023-03-07	2024-04-27
Pretty URL luxuway.com/boot/aed100793692446f8bcb437f19aa85fb6606cab6d4809 IP 172.67.221.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-27 08:21:05 Times Seen244924 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6	0 B	2023-03-07	2024-04-27
Pretty URL luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 IP 172.67.221.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 09:03:59 Times Seen37115284 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 377c8d4cc277fcf7db83a75ab33c62ce	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 377c8d4cc277fcf7db83a75ab33c62ce 0da6e8e3cf87ba0dac9459e347d5a29cb68ef328 4dbe945778c889202c1dcd4e2c746668ef043d45f2e0eed3c246c64804a5c7f1 Loading...

	#2 Eval - 6343cade16a12c63389fef7e4b95914b	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 6343cade16a12c63389fef7e4b95914b 0902288d9d789a2ac870e5f3b22d06a827a69b56 18fc78c9bc35be992133fa97dc5e14081339ba1f305d1084f7664d8ffacf3791 Loading...

	#3 Eval - f52d021d605ca6950f90be2178fab982	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash f52d021d605ca6950f90be2178fab982 f8af10bb8fdfde6f6e4050a67484741ac7211b0e 9e1bc1616a8b30a14a3f59e9cc264ac10938cf5a6e3122bcd3f793c0e985dacd Loading...

	#4 Eval - 9d4b83ce88034a5ccb459903d6239630	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 9d4b83ce88034a5ccb459903d6239630 26b577605ede7f634a28e9a7640a54e3b3111980 7f1a0eefeada30b30b06601aa9b96084e52d18752d5e8c0bec4aaf753c5ccdd7 Loading...

	#5 Eval - 27820b95960d4b82dc16af928678a01b	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 27820b95960d4b82dc16af928678a01b 567dd098ba2e268529cae0db9cb581a6121c027e 5dcb5d93fce2cd0d9cb64e7c9584fd1142316fbce47e4d001b3f0604f1c30ed0 Loading...

	#6 Eval - d9616ceeee85276152660a118bf0fae9	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash d9616ceeee85276152660a118bf0fae9 290096e6f45729a6f88bc187899d5945d7a95532 9adeae9eb9aa1c6487f93a9a54d0c06e72fbbac3440023fbf29bf6a2d2328964 Loading...

	#7 Eval - 0dcdedd1a4ed88465912a5f90759a93b	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 0dcdedd1a4ed88465912a5f90759a93b 1d9cd28e4fe01ad6dcaa0ca5dc5586afa9052bb0 ef4fcca1943c5ef050351280d6235478ac2f82cd89dfd9e387492aa383039b94 Loading...

	#8 Eval - a6bc1bf4e264ad918d2bd0ef37817a2e	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash a6bc1bf4e264ad918d2bd0ef37817a2e 2dffb61874b26df693fdd85c71092f41f6a75cbf a73936be64af41ff993ba90631fdccc297f59839abc3ab3e1693c98b16d79300 Loading...

	#9 Eval - d655dfc32e3ca10734ab8ceed5500343	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash d655dfc32e3ca10734ab8ceed5500343 56e33a2d07a48f2a9e1f5720c29246eaad45fce4 8953fc0c990ffb79ad5a130637e237747d70e1ca9f60d988be18bd972803fc84 Loading...

	#10 Eval - 45ab19dae95b3d0162b7184ff5453716	1.1 kB	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 45ab19dae95b3d0162b7184ff5453716 146b417f5a1881378ee566bb1842343a64e631a5 b926fb0adc1006cc3e7232b04eefec070256b7ed4cb795bb20350bef0099dc7d Loading...

	#11 Eval - 33e0afd87d1a6d34e3a6afb9851948bf	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 33e0afd87d1a6d34e3a6afb9851948bf eb9f7e2243b2cf18a3ce6bb61004cb36387f69c1 34334455a9f6b6f9362274726d98d7ce72dd0670b4fddb631d3036ac97830f6e Loading...

	#12 Eval - 91d5601d629f1ddae0504e8d31e68488	533 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 91d5601d629f1ddae0504e8d31e68488 d1e706ae591595943ced1d860c9f76fef6058015 431662daa56994074a2f937488b03d399ef303da656288fa4cb10815e324e392 Loading...

	#13 Eval - c47bd4f391b5b34183812f20010c434a	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash c47bd4f391b5b34183812f20010c434a 38644e09fa0bb35105860039941075ca2cf2aa54 c95c05bc8af68521cfae20e2108334efdd1663640cd0bc52067c979473c652d1 Loading...

	#14 Eval - b73532056a9f60e5f7bac30cd9fa805d	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash b73532056a9f60e5f7bac30cd9fa805d 8f264d5fe96c355e324f1e6d6d67e353a2013988 51b275af3964d3ad639504c9cdda921c28090a5605d1f0c392a73666b3a349d0 Loading...

	#15 Eval - a2879793cee7967c020faebe0b166436	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash a2879793cee7967c020faebe0b166436 bf7ddee3a9b5d8c75d1c6b863ed02c78a9ebe932 b87b51d0bb4a4e63621206d8fb485d90b7d5611ba5e8a33f557e16c877931a4a Loading...

	#16 Eval - 3389a9ee255a0bd63c6663148892d9bb	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 3389a9ee255a0bd63c6663148892d9bb 3ca25578f5f96475d2aaa60c0f1a3ec9834d5747 1fb72ed567eff89bb17a9477d7b450ed73f21641685a94398e10e1394c6dd4eb Loading...

	#17 Eval - 7dab823b9748d2a8ce63e5ac6789199c	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 7dab823b9748d2a8ce63e5ac6789199c 2161d960af2ae546b53bf148d375e7ad6ee9f153 9c26fbbe0d4daf6078803303808c7a666558ff82151f46e2f566a81e2f8604d8 Loading...

	#18 Eval - 239de13c5d0090ffec2cf5095d11bef1	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash 239de13c5d0090ffec2cf5095d11bef1 509f8e1b58bf2416af146942ce6d2c36c60df431 c01fa65ea1e76e97063dab5512808164cd14637955765a46e7a3246902a7e858 Loading...

	#19 Eval - d1def58e1e64bec3cc5024cd327a1e63	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash d1def58e1e64bec3cc5024cd327a1e63 2fe7a70ba5188d3ad75950df360ed1f6c0266707 7278b0128e729588a195c42ef5be75ec438bf3c98dbe7e72104507ba738698b2 Loading...

	#20 Eval - f94e79e24def5ae2f420cbfc288b3379	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:58 Last Seen2024-03-29 15:05:58 Times Seen1 Hash f94e79e24def5ae2f420cbfc288b3379 d64dc6c1d338fd23c82a04ad4680860670c2e406 d4ec9839111361cccc4f9061bdd1707e78f436f15af6549007108c28a7b0a7d8 Loading...

	#21 Eval - 75627149eea58163a9c29e7167d02385	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 75627149eea58163a9c29e7167d02385 e180b727be2ea6f50c388abb4885a02332fd3185 8566e0c5c21fc1209ed63929e69dd6bd0b0301dd84a2db0bc934bf1eba34fa2a Loading...

	#22 Eval - 7feb30402a16788a598e5d88317fcc36	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 7feb30402a16788a598e5d88317fcc36 01a12bfa12f39f13fcbc9f229dbdb9d9f22ce9ba dd5e1c80c2b45ab3b1abb40920d3991b3fc17e899194809500abc904c6e15f47 Loading...

	#23 Eval - 23d5475cd187dcf29e638b116a38fbfc	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 23d5475cd187dcf29e638b116a38fbfc a18348af1831e726a11f1e0e0ea5645000b503a2 d3cd089dd1bb9b7404395de57a49422f79abdba7cdc0495551313d62a150e954 Loading...

	#24 Eval - 190ef4edaf4aba9ce6829ea860b2cb65	61 B	2024-03-22	2024-04-04
Pretty Observations First Seen2024-03-22 10:35:33 Last Seen2024-04-04 15:56:11 Times Seen1815 Hash 190ef4edaf4aba9ce6829ea860b2cb65 84010fdde06dc04427d11aafdf4ba6495e14eff8 0334ef3ce9e77db17376ce3e320fe96b901743f1baa1096cc4066922ac672f8c Loading...

	#25 Eval - e1fa6266cfc6dccc028585d9e1e25794	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash e1fa6266cfc6dccc028585d9e1e25794 0d5df9a1164eca4b93a97c904e65f764015810d6 066405fcb755a87b543843ec28267343c3121f790a7b88bd5fc8b1905c9f1f0b Loading...

	#26 Eval - e1790aeba72d8ac55657e0f274770fc2	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash e1790aeba72d8ac55657e0f274770fc2 68e5c3af8bd0171ebdf9bd380029575f65ee3ee3 0bbae42d13af20320899d4d279c2ebb4fd424e663afe868fcaff652fd52dc786 Loading...

	#27 Eval - 00eb19130b0e32380f4df7deecabe2a3	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 00eb19130b0e32380f4df7deecabe2a3 8892757ebc6c14e56c78bfc592b703239e3521be e0bc2a12c028b27deb075f32cd151e3d5f55e80f166b4d25116a0de4015db12e Loading...

	#28 Eval - 236fd86b7c9973428bcb9ad9cfa1017e	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 236fd86b7c9973428bcb9ad9cfa1017e 1af7216d4850be9295962d158fa7ea471b931ade 65e2dcbb75261288c8aed9035dd9b9fe6029bbd3c7e26f84f5daa726ff0184d3 Loading...

	#29 Eval - abdfdf42ccce114effd6dbf0c030d906	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash abdfdf42ccce114effd6dbf0c030d906 2d42ab6f05212c54e253b23e60cd3eaca085de02 560bad0f490a45bba23cea65839ac38732c34565ed79d8d63d5517ef0475830e Loading...

	#30 Eval - 538516d3eff0b9aad0d106fb87114a56	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 538516d3eff0b9aad0d106fb87114a56 fecc95a391595dcf79da99248c427d876d1b0e7b 1ec42e462c2fb5d4ed87e49ce4e73cbb25f9a7010ac59a22325c9a20308bac1c Loading...

	#31 Eval - 36977205ccd32f25682e4318899498f5	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 36977205ccd32f25682e4318899498f5 847e10e8282140276fb570d90e029cd4f85f5450 8943f1cca32fd18856ddd67c281d87b2349784887cff7fbe9281198b9c51c820 Loading...

	#32 Eval - 92107b02634e9f110dc6d4c9719b88fa	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 92107b02634e9f110dc6d4c9719b88fa 13122a2eda96271999b453a2486a627c221bff90 92c486f916949c2643254f82c9a9ea53fd0ab713fbbea45e7ec7b08d3c33da01 Loading...

	#33 Eval - 8477d7ceeab2bdc716e067c5ed70bc99	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 8477d7ceeab2bdc716e067c5ed70bc99 863d93a69fd5bb5ba82b942c9ce363629b225148 29fa72cafbf5f13aff3c336f0271809e48bf7b4fec525fce81bbfa490817e30c Loading...

	#34 Eval - 4af028a9a6d431188c470876bc2f5325	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 4af028a9a6d431188c470876bc2f5325 83c33eeccdd0d6de35290af5069d050316ad8dff 8d497e90e360a980d6d2bfb9842a43ff1d316e67261fa6bb8ce0d3eb285be450 Loading...

	#35 Eval - d8bffb4ecfb18c958c717ef268298df9	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash d8bffb4ecfb18c958c717ef268298df9 17939a287ffadf7da21dbd86b5e2abe741390e55 902f195429cf3ac72e5e165fb1a617cc8ff1efd6721caffb51dd091c4d245e02 Loading...

	#36 Eval - 5b17bd79f60b9f677cd85ec06e19a996	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 5b17bd79f60b9f677cd85ec06e19a996 ce41da9322f7ddc96b59d5bce32deb5d2603985f f8c0f48eca9251cfd6b5d059db357d6092c5b2209521f929b752b089af79dd49 Loading...

	#37 Eval - bd4eca486ae39907174c4db83ba8b854	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash bd4eca486ae39907174c4db83ba8b854 73fcb23e8fe5c01a4388b081bee2f09abccb711f e3b8602e3aac955276a9a4da4566f21524221bb4712527572f50fb46dad54db4 Loading...

	#38 Eval - 839a68d83b8d9c4de4f1b92a605ddb9c	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 839a68d83b8d9c4de4f1b92a605ddb9c 02282fb67ca94acd93b4d91d8c7636bd74851ec1 4413425df56964b75c83994c2f28cdc8b7294334a29a48c4bd239ef40227ca02 Loading...

	#39 Eval - 9cb4b5c22d3eb8b6b9ffd1be6663b2a7	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 9cb4b5c22d3eb8b6b9ffd1be6663b2a7 6476c2716af4519135f297b1525bd7ce6c700d65 fe0e529bacf33440f352f8a3ab6258530033f47c6a8f5ddf33615815384072b8 Loading...

	#40 Eval - 82eac979192f8b4e14b62ead2dcb60a4	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 82eac979192f8b4e14b62ead2dcb60a4 9ab1bccc3f9cbdc2511fe7fd780b6e2003e6ba1d 88e008c585dfc071851c51344b8c40b00b9a3c69ca393a3c79946993bbe15504 Loading...

	#41 Eval - 6fb5a8772ea57f2f7fc17babcd5183d7	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 6fb5a8772ea57f2f7fc17babcd5183d7 da1dee226b1fcff5141d4d0502cc81e9d1916724 efafdea30bc674169d586f93d4116fec28b62681fd9230c7014233c29ad488f3 Loading...

	#42 Eval - 66969f22369d22a76897235f038d7748	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 66969f22369d22a76897235f038d7748 07940e6c6f1dec834ee606b2755776e6bb13dc12 272d0ddb899738f2c1a3f5ab1bf073eeb7e44bc10be17837a2f905b346bdd5ad Loading...

	#43 Eval - 2749e215866f22985474fda6e76df7d2	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 2749e215866f22985474fda6e76df7d2 3b155291ad1ca2e5aacdf7b6ecdcbec43b01546d 13615dac1a68e56b0820087f1d02c882ac4339b2fd2cfc670e77770035461d5b Loading...

	#44 Eval - 802e0d9fa29763ce7d97f188725907b6	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 802e0d9fa29763ce7d97f188725907b6 4e4c6d1996112ea86e4c8d28090c29a9c71e33f7 630108b4fd0815bc05c8f13a7e1c132468f0ab10942d18226cfca2aaebf23c29 Loading...

	#45 Eval - 2bf3b97ab6dc6a051d425b28b100317b	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 2bf3b97ab6dc6a051d425b28b100317b ef1e1f30faba022e442431964e44aee26b52ec72 87f23597d35918971c192221481c2cc4233ef5e1f41c9446259832926370687c Loading...

	#46 Eval - da0014698c8f3b325374dc618518d568	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash da0014698c8f3b325374dc618518d568 7d2d3679fdaf1bfa2f895fb5a48f3bb64cc0a649 96dbffcdd305407d921a3dbf85bcb65696285bc1ad4d9d3f1d71f5e77c24aa63 Loading...

	#47 Eval - 48d7489277afff1c8759b7f68981f69f	1.1 kB	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:06:03 Times Seen2 Hash 48d7489277afff1c8759b7f68981f69f 5cddae04892399c17cd281726bfbd5be85e19cd2 53b742323685926532432f56e422e0b9abd7d666d099186006b23df0a992c593 Loading...

	#48 Eval - 52624b532f5445823274ac40efcd33b0	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 52624b532f5445823274ac40efcd33b0 37d49802bd01da28168186366f3a4b0181d37a52 11ed23ece73ff0c0beb6d6f70d5ccd8e578c61008baf949e7156d9465331b7f6 Loading...

	#49 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-27 07:23:07 Times Seen350203 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#50 Eval - 45ea00a98e76265b5f8207017b0d064f	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 45ea00a98e76265b5f8207017b0d064f 58d66e131b0c968d349efdefdd7c0a2d393ca087 8f6c0bd982c692ea59756e057c5caad7288bd5fa6c6edc4596f1e94485ded93c Loading...

	#51 Eval - 3b4bb8304fed8ee721c1bce48dcd605a	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 3b4bb8304fed8ee721c1bce48dcd605a bf7060db4821def67c5783fa346636e6a2a8b5e9 312c23d9d1d60b42c13ddd3edf42fc1d58977aa7caba37496e164a50d410d5de Loading...

	#52 Eval - 1476bb59933cdf47e3099534a3778ab6	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 1476bb59933cdf47e3099534a3778ab6 7232ca2566d0312b5ca7acb44f2472757eabc7af 8f2c1dfeda1cdaaf41089d0e3fe7897e931c356e5c0e572db37c7935ae8c5ac2 Loading...

	#53 Eval - 057098f46359ab7c1b72abf6ac0c4f1c	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 057098f46359ab7c1b72abf6ac0c4f1c aaeadc65fd14f78ff1c6d0248f529cf28aa23fd9 48df4e65c60369cfcd73cb375a5d69feff4d1bd47d2315bf93671a5e96cd0059 Loading...

	#54 Eval - 045ad5110c41ff31a63e5627ab1185fc	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:05:59 Last Seen2024-03-29 15:05:59 Times Seen1 Hash 045ad5110c41ff31a63e5627ab1185fc 46b3a471dc107c1a8e5dc9767733ea08e35c91a2 cff9cb521249fada0dddefdb62f8ff312d964b028940c977a9e43c757627403e Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-27 06:41:41 Times Seen44595 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (23)

URL IP Response Size

ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t

208.75.122.11

0 B

URL
ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t
IP
208.75.122.11:0
ASN
#40444 ASN-CC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t HTTP/1.1
Host: ri8hc4gbb.cc.rs6.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Fri, 29 Mar 2024 14:05:25 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: https://bedfoundation.net/newwayforu/k4843//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1

bedfoundation.net/newwayforu/k4843//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t

103.191.241.46

0 B

URL
bedfoundation.net/newwayforu/k4843//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t
IP
103.191.241.46:0
ASN
#150142 Wolast Technologies

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /newwayforu/k4843//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t HTTP/1.1
Host: bedfoundation.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
refresh: 0;url=https://luxuway.com/Mdave.mihalchik@wmftg.com
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 29 Mar 2024 14:05:26 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

luxuway.com/Mdave.mihalchik@wmftg.com

172.67.221.192

302 Found

14 kB

URL User Request POST HTTP/3
luxuway.com/Mdave.mihalchik@wmftg.com
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, ASCII text, with very long lines (16590), with no line terminators
Size
14 kB (13619 bytes)
Hash
eb17996209611411372d3cbf69d87bc0
c7ba765b49ad9d58a3a9ffdd92885b3d5a83ae86
4b3ea28fd65f119de9d852ce7a694617754fa6e94eba1a7c3629720ec6ae99d1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /Mdave.mihalchik@wmftg.com HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 29 Mar 2024 14:05:26 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: hM/NzBBL58JRKbK0lpp4/WqyntRWj9YxGExQGDVzokRg3fzTRWjs6kyhb2bobSS3vcozs/NpJk2vzW8TX3u2DRp++WhH+Q2rWAwcD2B5cgRZSKOubG/5E5U7PM8limp796RcR9PwOuySzC/xoX0d5g==$4EqOSbPQ/PiAdgopWgEnsg==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ia9HaqZP%2B37RLTwHElvGNjkFo0X5crIpVfDpa0sIUSlVbSKCay%2BSPGOY7YBjDNnrtOguwLAAr2f8uvWd7bUZ6YY28wS8WGFGv1SXNtZ1suB1TEfUEeV6n9NqdUnWTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c06a32fdbab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/684dk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

104.17.3.184

34 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/684dk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (41919)
Size
34 kB (33848 bytes)
Hash
cfcf2d96b88bff81d6fcd90e8302bc1e
42a3ae1db0c0d36dd879a84c2280fe93b25b90f4
056a75c0454ff84224d9419669fd441c6fc57c4028593f273252909830befc59

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/684dk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:27 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 86c06a35f9f4b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=QkWxI7&render=explicit

104.17.3.184

33 kB

URL
challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=QkWxI7&render=explicit
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (39928)
Size
33 kB (32819 bytes)
Hash
7f3fe50b0f2ad92528ff217c1b608b27
54fc4814c739c7142ef4a5b562140ee764bcbdfc
d2e584d67a5b1a868363ed5e83a72ea6bc2cad8a052f64583d0fe95e7fa36e97

HTTP Headers

GET /turnstile/v0/g/dc6b543c1346/api.js?onload=QkWxI7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luxuway.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 14:05:27 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c06a34987c56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/86c06a6bcf54b512/1711721136384/7e09e69572c4320cbb98e9e57e96219042266ddf117fe8eebd1bec3172e8e1c2/UXsvfEcKDJFbUsV

104.17.3.184

504 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/86c06a6bcf54b512/1711721136384/7e09e69572c4320cbb98e9e57e96219042266ddf117fe8eebd1bec3172e8e1c2/UXsvfEcKDJFbUsV
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
504 B (504 bytes)
Hash
5cf761c743d46b316d2bf68a42f98bf4
98b727dde9f22bb2fa9a67d35ef66ae87101819c
208ac91cdc510ded6195b72f42532de2dc2b3369148f0c96671691d383602bf7

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/86c06a6bcf54b512/1711721136384/7e09e69572c4320cbb98e9e57e96219042266ddf117fe8eebd1bec3172e8e1c2/UXsvfEcKDJFbUsV HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lnbvp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 29 Mar 2024 14:05:37 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gfgnmlXLEMgy7mOnlfpYhkEImbd8Rf-juvRvsMXLo4cIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA2bToxM3RxHKUmBrs-VbcF2uHBHcBix_OktMXRV4t9boDyaudU_G8wKuOXk-LpuhnN3iCwqC5fcJMnkCK42-jAF5m3OFhlJJKIoH4xA0B5elBjxOKFG6ncr3DMaPMYkbFhr1qhAlNwOILQur8lVafosE1XBV09k7tzlpCt9W-BVah0-kozycN0mnJ4tPd1_RNUFCWFtqMMG2jGEDR11VCaCrNbBeiPAdvVSzxc2msr2CmSJp8arJQ4scrXc2KV1KY9boTh0rZXeO9KlTH60Q_7-PGEsuARho_by6IO0NDD7lWRPwUACVEEfmUvfS6XYcvEdBM_HtU0csF5MM6FUMChQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIH4J5pVyxDIMu5jp5X6WIZBCJm3fEX_o7r0b7DFy6OHCABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAnvwKKzhhiJjOCuPblFCzFrScOkAetWT8wXJwhvhLzrhs8WFuGIZ1sIpZAn8LzGENgfSrkMKcighkUa594hx7MKzaTos03IfprvikEk9yHp6sURRBwxDKoWlGI53q84nlOkxRrfPANVDZGvv9jO__--G8qxHQKBZzows0uXBxHhHSQkyQN0maj67VnA5zHUqDHgqCQVUT8XjHD8WDIuJSUz6q5Uc2xFtgd0qCAy2ULqFNw_OSYDLXAl3kod_tBqp16ehQSQ9KXJS5_SdU6PjcleN8XW_sm7WlDYgtPGIVKPhqpKbUn1l_zu18JbW4NoFpc8gfv3WcQTz-l1E3aBz41QIDAQAB", max-age=20
server: cloudflare
cf-ray: 86c06a7669e2b512-OSL
alt-svc: h3=":443"; ma=86400

classify-client.services.mozilla.com/api/v1/classify_client/

34.98.75.36

64 B

URL
classify-client.services.mozilla.com/api/v1/classify_client/
IP
34.98.75.36:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON text data
Size
64 B (64 bytes)
Hash
70596065f22cf3c007bb5232d209cb72
879a19557dc173e2c1f4fd0b910caac5404a40e8
d178907d61085b1b6e3e5596d8125bacc5ee1360cb9b733fd628fc22335786c8

HTTP Headers

GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 14:05:38 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

aadcdn.msauthimages.net/c1c6b6c8-jjrj-abze4onla1nfmgio0fide-gwo1zzj-v-hko1tw/logintenantbranding/0/bannerlogo?ts=638457681633990850

152.199.21.175

200 OK

22 kB

URL GET HTTP/2
aadcdn.msauthimages.net/c1c6b6c8-jjrj-abze4onla1nfmgio0fide-gwo1zzj-v-hko1tw/logintenantbranding/0/bannerlogo?ts=638457681633990850
IP
152.199.21.175:443
ASN
#15133 EDGECAST

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5
ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT

File type
PNG image data, 983 x 367, 8-bit/color RGBA, non-interlaced
Size
22 kB (21511 bytes)
Hash
be232b20ba989c86f5273cabe7b4a50e
0eea8307f037033d9d69970962652898b84abd8d
d2e94644297dea3a1c6031932b9d9c100287122b2ae209c54b840188375e6ba4

HTTP Headers

GET /c1c6b6c8-jjrj-abze4onla1nfmgio0fide-gwo1zzj-v-hko1tw/logintenantbranding/0/bannerlogo?ts=638457681633990850 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 1478
cache-control: public, max-age=86400
content-md5: viMrILqYnIb1Jzyr57SlDg==
content-type: image/*
date: Fri, 29 Mar 2024 14:05:43 GMT
etag: 0x8DC41E0F61AEDF0
last-modified: Mon, 11 Mar 2024 15:36:03 GMT
server: ECAcc (ska/F757)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 2ce98798-401e-0047-71de-81f359000000
x-ms-version: 2009-09-19
content-length: 21511
X-Firefox-Spdy: h2

unpkg.com/axios@1.6.8/dist/axios.min.js

104.16.123.175

200 OK

42 kB

URL GET HTTP/2
unpkg.com/axios@1.6.8/dist/axios.min.js
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (41442)
Size
42 kB (41481 bytes)
Hash
3b5b3d36fde8ffe8ed76b1efbfc65410
d63107d0912fdb387530d5ce2d512c928d73d122
29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304

HTTP Headers

GET /axios@1.6.8/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"a209-1jEH0JEv2zh1MNXOLVEsko1z0SI"
via: 1.1 fly.io
fly-request-id: 01HS1FGRYZKY14C0JK748EAY1W-arn
cf-cache-status: HIT
age: 1200585
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c06a985d4456ab-OSL
content-encoding: br
X-Firefox-Spdy: h2

luxuway.com/api-as1f?email=dave.mihalchik@wmftg.com&data=background

172.67.221.192

200 OK

86 B

URL GET HTTP/3
luxuway.com/api-as1f?email=dave.mihalchik@wmftg.com&data=background
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
86 B (86 bytes)
Hash
470ae06b2abc9db1773d2fc22b740519
a35f8698ef535b311003b901903b8f5196e04ecb
40b53227f258951c7c55a6114381cc8e36f2dff6ee00def85f3fdd851ebb3d51

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /api-as1f?email=dave.mihalchik@wmftg.com&data=background HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:44 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iV5c44DbUPagYYvWw%2FmzwgXOMdhtAPAHOogORLxoytO%2FXJ4p12%2B1JAt%2FzLVqRaIffRsHyg0Zxlu1bsLcr4yXXVdG%2B3UlwM2kwrSXKIix23K9zVNiVIoVUOPvXCRQPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9acd3556a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/ASSETS/img/BIMG-6606cab7f3844.css

172.67.221.192

200 OK

306 kB

URL GET HTTP/3
luxuway.com/ASSETS/img/BIMG-6606cab7f3844.css
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced
Size
306 kB (306493 bytes)
Hash
7d07c247e8dfd5bfaf9a7169b5c402bd
392cc7836ca5418f3e65cc67f5680b2a359399dc
345f500582fb5cfc20df5426c6b54bb0bcaa62eb0249a4a661dc9716a9edc006

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /ASSETS/img/BIMG-6606cab7f3844.css HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:45 GMT
content-type: image/png
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRngDA157ivUB%2FbQTmNrHssnmV3%2FRy2niAH2lVuViEwfhAtYI1EQ4JWGaTyoRa2PWcX0jaK%2BrdPJ9ETuK174LOy15FN%2FuWYlo9my%2F%2F701P%2Bt%2BWCINrbr2QQjVtwWkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9e38c856a9-OSL
alt-svc: h3=":443"; ma=86400

luxuway.com/o/aed100793692446f8bcb437f19aa85fb6606cab75d97c

172.67.221.192

200 OK

3.7 kB

URL GET HTTP/3
luxuway.com/o/aed100793692446f8bcb437f19aa85fb6606cab75d97c
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
SVG Scalable Vector Graphics image
Size
3.7 kB (3651 bytes)
Hash
d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /o/aed100793692446f8bcb437f19aa85fb6606cab75d97c HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDy638CZqlnzcnlVMA9JDi76hc326pkWlN2JE3iD9bHkPw3PwghU75KRukzQ0DpYUM7b6tCVCF8NF1pDfSQBk3LLZiNCmPDsdJgJgC%2FSbl5bZHWjfMMT5jYemuwBjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9abd2456a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6

172.67.221.192

200 OK

5.5 kB

URL User Request GET HTTP/3
luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, ASCII text, with very long lines (5541), with no line terminators
Size
5.5 kB (5502 bytes)
Hash
43c1c4dc744c150d1c93e5f8afea7427
674a36ba5d7c0e84112911a32d994775213cd813
a5d6d094f0cf5c4befbb18d8d624244798da60126b087f2dfccc51957c60eae5

HTTP Headers

GET /beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Mdave.mihalchik@wmftg.com?__cf_chl_tk=3ASHQmDbyhqUM9Q44ZE7CK3zlT3G9XA8AyOg421KUc4-1711721135-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:42 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=paOqqTJaV9TRsTJo12g%2FQ7lUhwP6O2WXZwBIGRmyQ6nY5jmEUpUjXcSCxl2rRSxT4rUkNTVqAarOhGsQmdSmyNs%2F6JZ%2FTpF9qDf4mMQhBLtSRgYHS7ycmdYCgDipcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a96b96c56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/boot/aed100793692446f8bcb437f19aa85fb6606cab6d4809

172.67.221.192

200 OK

51 kB

URL GET HTTP/3
luxuway.com/boot/aed100793692446f8bcb437f19aa85fb6606cab6d4809
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /boot/aed100793692446f8bcb437f19aa85fb6606cab6d4809 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zYzcbP4QC9amMWW5s%2FSE%2FT%2FVF63IBAh55tTgQFjo2YFUgHmJVhdKicDZAKF2eM%2FagphTQ5yxop4AA%2B7z%2FCr5vDrY1pF56jeeFbLIhN291Y%2BojjwLggLu7mYPp31iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a982aaa56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/APP-SJVIP9/aed100793692446f8bcb437f19aa85fb6606cab75d7e9

172.67.221.192

200 OK

105 kB

URL GET HTTP/3
luxuway.com/APP-SJVIP9/aed100793692446f8bcb437f19aa85fb6606cab75d7e9
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
105 kB (105369 bytes)
Hash
8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /APP-SJVIP9/aed100793692446f8bcb437f19aa85fb6606cab75d7e9 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tNnmnnT2vMCXdGeN1jyztd4MjmAiH5nV1bFj0ryWMrO8ea217snVhQcG7XDQUi%2FO83o2islgBfyl96QOqQaF5ho9%2FrOs2seYvFhP5J24VQEebe1A1I5MHkh1g2bGew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9acd3856a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/jq/aed100793692446f8bcb437f19aa85fb6606cab6d4806

172.67.221.192

200 OK

86 kB

URL GET HTTP/3
luxuway.com/jq/aed100793692446f8bcb437f19aa85fb6606cab6d4806
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /jq/aed100793692446f8bcb437f19aa85fb6606cab6d4806 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbpA6aUG50Vu1NtvgzTDcziorzFXsVsz%2BibY5vz6QOfGLyfTP891IYDDBLD6IhvPtWORNNAwxn9gXPnxiLbOwYtSzmsnmBd3OnpXSxOZPqmp1KBTfnme9l%2BZ5Vitow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a982aa856a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/jm/aed100793692446f8bcb437f19aa85fb6606cab6d480b

172.67.221.192

200 OK

6.4 kB

URL GET HTTP/3
luxuway.com/jm/aed100793692446f8bcb437f19aa85fb6606cab6d480b
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
JavaScript source, ASCII text, with very long lines (6376), with no line terminators
Size
6.4 kB (6357 bytes)
Hash
1e07a363eef4b40ab4a38d5e4371da5c
7351be2a378540a016aec380141927221a45f19b
01ba4de80540981fd34be681b5c1fce8b205e341ac6fa73a61817068ff566510

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /jm/aed100793692446f8bcb437f19aa85fb6606cab6d480b HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2B7MCqTXZOR5kx2Z%2FaPYO3Icmh4Cz3xC4whzufgV8wLKKHEaSdjbV82o5OKBPLuOm1Q1xzf2O%2F9uilZ3QPwJp7XKhF2SWipZu13%2BNOwX3lrliqRkuwuAgXIl2CcctQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a982aab56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/axios/dist/axios.min.js

104.16.123.175

302 Found

42 kB

URL GET HTTP/2
unpkg.com/axios/dist/axios.min.js
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
42 kB (41481 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.6.8/dist/axios.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HT57YG3Y1XPJDENP2Y3S22BN-arn
cf-cache-status: HIT
age: 564
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c06a984d2856ab-OSL
X-Firefox-Spdy: h2

luxuway.com/e/aed100793692446f8bcb437f19aa85fb6606cab75d986

172.67.221.192

200 OK

513 B

URL GET HTTP/3
luxuway.com/e/aed100793692446f8bcb437f19aa85fb6606cab75d986
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
SVG Scalable Vector Graphics image
Size
513 B (513 bytes)
Hash
adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /e/aed100793692446f8bcb437f19aa85fb6606cab75d986 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5yxh%2Fm5fVtTaIiHHC0EMizB7xeiAFbkmHegZellp%2BkTzNMbuGBt%2F64aoGzbld33IcIycPhi0LVvmFMtfBuNRic0jhrt%2Be1SbToc%2BOzEXWO7n3XIzCrJD0%2F94er2gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9abd2656a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/2

172.67.221.192

200 OK

37 kB

URL GET HTTP/3
luxuway.com/2
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type

Size
37 kB (37087 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvEJ0yf1ZH3Au8WIxfpWiAgwoyR7XlNUYVsIcalCDmlAx6hdWvYHJYeNQX6FTJj2fDEFMYf2Om0qZxIaew7kxP2NN7IWSUbfZPUK9MdHe5YlsspT2i2dHf42%2F78Jjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a99fc1856a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/favicon.ico

172.67.221.192

404 Not Found

315 B

URL GET HTTP/3
luxuway.com/favicon.ico
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zf07VcyvGB%2FwL7xTPIOn391zg2OIMnjbjqH4xn1ZMD9K0n6bB6hz7mNjLYwqDLnggx9GIoaW6lgbmm2GLuly%2By27CDtbrkNVNSWdICP1DH%2BQ2Tcx3uN5STy8hExhsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c06a9aad0956a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/api-as1f?email=dave.mihalchik@wmftg.com&data=logo

172.67.221.192

200 OK

168 B

URL GET HTTP/3
luxuway.com/api-as1f?email=dave.mihalchik@wmftg.com&data=logo
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
168 B (168 bytes)
Hash
114b3d18e78ba2bd82dd5a51d5e1b832
3b3c49fdfb345f407f786f675a275b6cb5b95039
c866db5d2efde6c640f797158524fbc372288b021dca5626911669633d3f1a17

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /api-as1f?email=dave.mihalchik@wmftg.com&data=logo HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKf5x57xLlACSKTKbdYfmjaBdut2NIohE5roqrPEGiFy6XyGEIc3%2FRgBw0Kfz%2Fr%2BQZHk5XdEj%2F1vHh6kXbNJVzZpt19KK1zCfhD5P5gS0cWn%2BUWf6PRYCF51jR499Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9acd3456a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/ic/aed100793692446f8bcb437f19aa85fb6606cab75d7e3

172.67.221.192

200 OK

17 kB

URL GET HTTP/3
luxuway.com/ic/aed100793692446f8bcb437f19aa85fb6606cab75d7e3
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /ic/aed100793692446f8bcb437f19aa85fb6606cab75d7e3 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:44 GMT
content-type: image/x-icon
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BzH3j3Hkf1vReKwuyYtOxjLZUwUKRmYBDaBFoc7XpglAU%2FxxMZK2Tp8xWtuBeBkxFVLVUesij%2FHhCq0sFmTCu23TVa0f0LnsRSXV7%2BNd8uVUbGJLl0kuQ%2FRIBLHu0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9e28be56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (62)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations