| ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t | 208.75.122.11 | | 0 B |
URL ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t IP208.75.122.11:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t HTTP/1.1
Host: ri8hc4gbb.cc.rs6.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 29 Mar 2024 14:05:25 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: https://bedfoundation.net/newwayforu/k4843//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1
|
|
| bedfoundation.net/newwayforu/k4843//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t | 103.191.241.46 | | 0 B |
URL bedfoundation.net/newwayforu/k4843//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t IP103.191.241.46:0 ASN#150142 Wolast Technologies
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /newwayforu/k4843//5clpXaWmHI2I4sMv5uRb/5clpXaWmHI2I4sMv5uRb/ZGF2ZS5taWhhbGNoaWtAd21mdGcuY29t HTTP/1.1
Host: bedfoundation.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://luxuway.com/Mdave.mihalchik@wmftg.com
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 29 Mar 2024 14:05:26 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| luxuway.com/Mdave.mihalchik@wmftg.com | 172.67.221.192 | 302 Found | 14 kB |
URL User Request POST HTTP/3luxuway.com/Mdave.mihalchik@wmftg.com IP172.67.221.192:443
CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeHTML document, ASCII text, with very long lines (16590), with no line terminators Hasheb17996209611411372d3cbf69d87bc0 c7ba765b49ad9d58a3a9ffdd92885b3d5a83ae86 4b3ea28fd65f119de9d852ce7a694617754fa6e94eba1a7c3629720ec6ae99d1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /Mdave.mihalchik@wmftg.com HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 29 Mar 2024 14:05:26 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: hM/NzBBL58JRKbK0lpp4/WqyntRWj9YxGExQGDVzokRg3fzTRWjs6kyhb2bobSS3vcozs/NpJk2vzW8TX3u2DRp++WhH+Q2rWAwcD2B5cgRZSKOubG/5E5U7PM8limp796RcR9PwOuySzC/xoX0d5g==$4EqOSbPQ/PiAdgopWgEnsg==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ia9HaqZP%2B37RLTwHElvGNjkFo0X5crIpVfDpa0sIUSlVbSKCay%2BSPGOY7YBjDNnrtOguwLAAr2f8uvWd7bUZ6YY28wS8WGFGv1SXNtZ1suB1TEfUEeV6n9NqdUnWTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c06a32fdbab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/684dk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal | 104.17.3.184 | | 34 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/684dk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal IP104.17.3.184:0
File typeHTML document, ASCII text, with very long lines (41919) Hashcfcf2d96b88bff81d6fcd90e8302bc1e 42a3ae1db0c0d36dd879a84c2280fe93b25b90f4 056a75c0454ff84224d9419669fd441c6fc57c4028593f273252909830befc59
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/684dk/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:27 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 86c06a35f9f4b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=QkWxI7&render=explicit | 104.17.3.184 | | 33 kB |
URL challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=QkWxI7&render=explicit IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (39928) Hash7f3fe50b0f2ad92528ff217c1b608b27 54fc4814c739c7142ef4a5b562140ee764bcbdfc d2e584d67a5b1a868363ed5e83a72ea6bc2cad8a052f64583d0fe95e7fa36e97
GET /turnstile/v0/g/dc6b543c1346/api.js?onload=QkWxI7&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luxuway.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 14:05:27 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c06a34987c56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/86c06a6bcf54b512/1711721136384/7e09e69572c4320cbb98e9e57e96219042266ddf117fe8eebd1bec3172e8e1c2/UXsvfEcKDJFbUsV | 104.17.3.184 | | 504 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/86c06a6bcf54b512/1711721136384/7e09e69572c4320cbb98e9e57e96219042266ddf117fe8eebd1bec3172e8e1c2/UXsvfEcKDJFbUsV IP104.17.3.184:0
Hash5cf761c743d46b316d2bf68a42f98bf4 98b727dde9f22bb2fa9a67d35ef66ae87101819c 208ac91cdc510ded6195b72f42532de2dc2b3369148f0c96671691d383602bf7
GET /cdn-cgi/challenge-platform/h/g/pat/86c06a6bcf54b512/1711721136384/7e09e69572c4320cbb98e9e57e96219042266ddf117fe8eebd1bec3172e8e1c2/UXsvfEcKDJFbUsV HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lnbvp/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Fri, 29 Mar 2024 14:05:37 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gfgnmlXLEMgy7mOnlfpYhkEImbd8Rf-juvRvsMXLo4cIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA2bToxM3RxHKUmBrs-VbcF2uHBHcBix_OktMXRV4t9boDyaudU_G8wKuOXk-LpuhnN3iCwqC5fcJMnkCK42-jAF5m3OFhlJJKIoH4xA0B5elBjxOKFG6ncr3DMaPMYkbFhr1qhAlNwOILQur8lVafosE1XBV09k7tzlpCt9W-BVah0-kozycN0mnJ4tPd1_RNUFCWFtqMMG2jGEDR11VCaCrNbBeiPAdvVSzxc2msr2CmSJp8arJQ4scrXc2KV1KY9boTh0rZXeO9KlTH60Q_7-PGEsuARho_by6IO0NDD7lWRPwUACVEEfmUvfS6XYcvEdBM_HtU0csF5MM6FUMChQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIH4J5pVyxDIMu5jp5X6WIZBCJm3fEX_o7r0b7DFy6OHCABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAnvwKKzhhiJjOCuPblFCzFrScOkAetWT8wXJwhvhLzrhs8WFuGIZ1sIpZAn8LzGENgfSrkMKcighkUa594hx7MKzaTos03IfprvikEk9yHp6sURRBwxDKoWlGI53q84nlOkxRrfPANVDZGvv9jO__--G8qxHQKBZzows0uXBxHhHSQkyQN0maj67VnA5zHUqDHgqCQVUT8XjHD8WDIuJSUz6q5Uc2xFtgd0qCAy2ULqFNw_OSYDLXAl3kod_tBqp16ehQSQ9KXJS5_SdU6PjcleN8XW_sm7WlDYgtPGIVKPhqpKbUn1l_zu18JbW4NoFpc8gfv3WcQTz-l1E3aBz41QIDAQAB", max-age=20
server: cloudflare
cf-ray: 86c06a7669e2b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| classify-client.services.mozilla.com/api/v1/classify_client/ | 34.98.75.36 | | 64 B |
URL classify-client.services.mozilla.com/api/v1/classify_client/ IP34.98.75.36:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash70596065f22cf3c007bb5232d209cb72 879a19557dc173e2c1f4fd0b910caac5404a40e8 d178907d61085b1b6e3e5596d8125bacc5ee1360cb9b733fd628fc22335786c8
GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 14:05:38 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| aadcdn.msauthimages.net/c1c6b6c8-jjrj-abze4onla1nfmgio0fide-gwo1zzj-v-hko1tw/logintenantbranding/0/bannerlogo?ts=638457681633990850 | 152.199.21.175 | 200 OK | 22 kB |
URL GET HTTP/2aadcdn.msauthimages.net/c1c6b6c8-jjrj-abze4onla1nfmgio0fide-gwo1zzj-v-hko1tw/logintenantbranding/0/bannerlogo?ts=638457681633990850 IP152.199.21.175:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerMicrosoft Corporation Subjectaadcdn.msauthimages.net Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5 ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT
File typePNG image data, 983 x 367, 8-bit/color RGBA, non-interlaced Hashbe232b20ba989c86f5273cabe7b4a50e 0eea8307f037033d9d69970962652898b84abd8d d2e94644297dea3a1c6031932b9d9c100287122b2ae209c54b840188375e6ba4
GET /c1c6b6c8-jjrj-abze4onla1nfmgio0fide-gwo1zzj-v-hko1tw/logintenantbranding/0/bannerlogo?ts=638457681633990850 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 1478
cache-control: public, max-age=86400
content-md5: viMrILqYnIb1Jzyr57SlDg==
content-type: image/*
date: Fri, 29 Mar 2024 14:05:43 GMT
etag: 0x8DC41E0F61AEDF0
last-modified: Mon, 11 Mar 2024 15:36:03 GMT
server: ECAcc (ska/F757)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 2ce98798-401e-0047-71de-81f359000000
x-ms-version: 2009-09-19
content-length: 21511
X-Firefox-Spdy: h2
|
|
| unpkg.com/axios@1.6.8/dist/axios.min.js | 104.16.123.175 | 200 OK | 42 kB |
URL GET HTTP/2unpkg.com/axios@1.6.8/dist/axios.min.js IP104.16.123.175:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (41442) Hash3b5b3d36fde8ffe8ed76b1efbfc65410 d63107d0912fdb387530d5ce2d512c928d73d122 29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304
GET /axios@1.6.8/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"a209-1jEH0JEv2zh1MNXOLVEsko1z0SI"
via: 1.1 fly.io
fly-request-id: 01HS1FGRYZKY14C0JK748EAY1W-arn
cf-cache-status: HIT
age: 1200585
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c06a985d4456ab-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| luxuway.com/api-as1f?email=dave.mihalchik@wmftg.com&data=background | 172.67.221.192 | 200 OK | 86 B |
URL GET HTTP/3luxuway.com/api-as1f?email=dave.mihalchik@wmftg.com&data=background IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash470ae06b2abc9db1773d2fc22b740519 a35f8698ef535b311003b901903b8f5196e04ecb 40b53227f258951c7c55a6114381cc8e36f2dff6ee00def85f3fdd851ebb3d51
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /api-as1f?email=dave.mihalchik@wmftg.com&data=background HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:44 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iV5c44DbUPagYYvWw%2FmzwgXOMdhtAPAHOogORLxoytO%2FXJ4p12%2B1JAt%2FzLVqRaIffRsHyg0Zxlu1bsLcr4yXXVdG%2B3UlwM2kwrSXKIix23K9zVNiVIoVUOPvXCRQPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9acd3556a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/ASSETS/img/BIMG-6606cab7f3844.css | 172.67.221.192 | 200 OK | 306 kB |
URL GET HTTP/3luxuway.com/ASSETS/img/BIMG-6606cab7f3844.css IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typePNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced Size306 kB (306493 bytes) Hash7d07c247e8dfd5bfaf9a7169b5c402bd 392cc7836ca5418f3e65cc67f5680b2a359399dc 345f500582fb5cfc20df5426c6b54bb0bcaa62eb0249a4a661dc9716a9edc006
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | urlquery | phishing | Phishing - Microsoft Outlook |
GET /ASSETS/img/BIMG-6606cab7f3844.css HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:45 GMT
content-type: image/png
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRngDA157ivUB%2FbQTmNrHssnmV3%2FRy2niAH2lVuViEwfhAtYI1EQ4JWGaTyoRa2PWcX0jaK%2BrdPJ9ETuK174LOy15FN%2FuWYlo9my%2F%2F701P%2Bt%2BWCINrbr2QQjVtwWkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9e38c856a9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/o/aed100793692446f8bcb437f19aa85fb6606cab75d97c | 172.67.221.192 | 200 OK | 3.7 kB |
URL GET HTTP/3luxuway.com/o/aed100793692446f8bcb437f19aa85fb6606cab75d97c IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeSVG Scalable Vector Graphics image Hashd633a913e6f3b1f45774b9874dfc85e0 5ba1344048578062c93cfddfdf8458477eaca476 c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /o/aed100793692446f8bcb437f19aa85fb6606cab75d97c HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDy638CZqlnzcnlVMA9JDi76hc326pkWlN2JE3iD9bHkPw3PwghU75KRukzQ0DpYUM7b6tCVCF8NF1pDfSQBk3LLZiNCmPDsdJgJgC%2FSbl5bZHWjfMMT5jYemuwBjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9abd2456a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 | 172.67.221.192 | 200 OK | 5.5 kB |
URL User Request GET HTTP/3luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 IP172.67.221.192:443
CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeHTML document, ASCII text, with very long lines (5541), with no line terminators Hash43c1c4dc744c150d1c93e5f8afea7427 674a36ba5d7c0e84112911a32d994775213cd813 a5d6d094f0cf5c4befbb18d8d624244798da60126b087f2dfccc51957c60eae5
GET /beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Mdave.mihalchik@wmftg.com?__cf_chl_tk=3ASHQmDbyhqUM9Q44ZE7CK3zlT3G9XA8AyOg421KUc4-1711721135-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:42 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=paOqqTJaV9TRsTJo12g%2FQ7lUhwP6O2WXZwBIGRmyQ6nY5jmEUpUjXcSCxl2rRSxT4rUkNTVqAarOhGsQmdSmyNs%2F6JZ%2FTpF9qDf4mMQhBLtSRgYHS7ycmdYCgDipcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a96b96c56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/boot/aed100793692446f8bcb437f19aa85fb6606cab6d4809 | 172.67.221.192 | 200 OK | 51 kB |
URL GET HTTP/3luxuway.com/boot/aed100793692446f8bcb437f19aa85fb6606cab6d4809 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeJavaScript source, ASCII text, with very long lines (50758) Hash67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /boot/aed100793692446f8bcb437f19aa85fb6606cab6d4809 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zYzcbP4QC9amMWW5s%2FSE%2FT%2FVF63IBAh55tTgQFjo2YFUgHmJVhdKicDZAKF2eM%2FagphTQ5yxop4AA%2B7z%2FCr5vDrY1pF56jeeFbLIhN291Y%2BojjwLggLu7mYPp31iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a982aaa56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/APP-SJVIP9/aed100793692446f8bcb437f19aa85fb6606cab75d7e9 | 172.67.221.192 | 200 OK | 105 kB |
URL GET HTTP/3luxuway.com/APP-SJVIP9/aed100793692446f8bcb437f19aa85fb6606cab75d7e9 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size105 kB (105369 bytes) Hash8e6b0f88563f9c33f78bce65cf287df7 ef7765cd2a7d64ed27dd7344702597aff6f8c397 a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /APP-SJVIP9/aed100793692446f8bcb437f19aa85fb6606cab75d7e9 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tNnmnnT2vMCXdGeN1jyztd4MjmAiH5nV1bFj0ryWMrO8ea217snVhQcG7XDQUi%2FO83o2islgBfyl96QOqQaF5ho9%2FrOs2seYvFhP5J24VQEebe1A1I5MHkh1g2bGew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9acd3856a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/jq/aed100793692446f8bcb437f19aa85fb6606cab6d4806 | 172.67.221.192 | 200 OK | 86 kB |
URL GET HTTP/3luxuway.com/jq/aed100793692446f8bcb437f19aa85fb6606cab6d4806 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /jq/aed100793692446f8bcb437f19aa85fb6606cab6d4806 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbpA6aUG50Vu1NtvgzTDcziorzFXsVsz%2BibY5vz6QOfGLyfTP891IYDDBLD6IhvPtWORNNAwxn9gXPnxiLbOwYtSzmsnmBd3OnpXSxOZPqmp1KBTfnme9l%2BZ5Vitow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a982aa856a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/jm/aed100793692446f8bcb437f19aa85fb6606cab6d480b | 172.67.221.192 | 200 OK | 6.4 kB |
URL GET HTTP/3luxuway.com/jm/aed100793692446f8bcb437f19aa85fb6606cab6d480b IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeJavaScript source, ASCII text, with very long lines (6376), with no line terminators Hash1e07a363eef4b40ab4a38d5e4371da5c 7351be2a378540a016aec380141927221a45f19b 01ba4de80540981fd34be681b5c1fce8b205e341ac6fa73a61817068ff566510
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /jm/aed100793692446f8bcb437f19aa85fb6606cab6d480b HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2B7MCqTXZOR5kx2Z%2FaPYO3Icmh4Cz3xC4whzufgV8wLKKHEaSdjbV82o5OKBPLuOm1Q1xzf2O%2F9uilZ3QPwJp7XKhF2SWipZu13%2BNOwX3lrliqRkuwuAgXIl2CcctQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a982aab56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unpkg.com/axios/dist/axios.min.js | 104.16.123.175 | 302 Found | 42 kB |
URL GET HTTP/2unpkg.com/axios/dist/axios.min.js IP104.16.123.175:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.6.8/dist/axios.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HT57YG3Y1XPJDENP2Y3S22BN-arn
cf-cache-status: HIT
age: 564
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c06a984d2856ab-OSL
X-Firefox-Spdy: h2
|
|
| luxuway.com/e/aed100793692446f8bcb437f19aa85fb6606cab75d986 | 172.67.221.192 | 200 OK | 513 B |
URL GET HTTP/3luxuway.com/e/aed100793692446f8bcb437f19aa85fb6606cab75d986 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeSVG Scalable Vector Graphics image Hashadc405f5fd089662209870ca5d2106f7 3a8b776df84bf251afc6ddd802cc5bbeddfb0e36 e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /e/aed100793692446f8bcb437f19aa85fb6606cab75d986 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5yxh%2Fm5fVtTaIiHHC0EMizB7xeiAFbkmHegZellp%2BkTzNMbuGBt%2F64aoGzbld33IcIycPhi0LVvmFMtfBuNRic0jhrt%2Be1SbToc%2BOzEXWO7n3XIzCrJD0%2F94er2gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9abd2656a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/2 | 172.67.221.192 | 200 OK | 37 kB |
IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvEJ0yf1ZH3Au8WIxfpWiAgwoyR7XlNUYVsIcalCDmlAx6hdWvYHJYeNQX6FTJj2fDEFMYf2Om0qZxIaew7kxP2NN7IWSUbfZPUK9MdHe5YlsspT2i2dHf42%2F78Jjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a99fc1856a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/favicon.ico | 172.67.221.192 | 404 Not Found | 315 B |
IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /favicon.ico HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zf07VcyvGB%2FwL7xTPIOn391zg2OIMnjbjqH4xn1ZMD9K0n6bB6hz7mNjLYwqDLnggx9GIoaW6lgbmm2GLuly%2By27CDtbrkNVNSWdICP1DH%2BQ2Tcx3uN5STy8hExhsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c06a9aad0956a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/api-as1f?email=dave.mihalchik@wmftg.com&data=logo | 172.67.221.192 | 200 OK | 168 B |
URL GET HTTP/3luxuway.com/api-as1f?email=dave.mihalchik@wmftg.com&data=logo IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash114b3d18e78ba2bd82dd5a51d5e1b832 3b3c49fdfb345f407f786f675a275b6cb5b95039 c866db5d2efde6c640f797158524fbc372288b021dca5626911669633d3f1a17
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /api-as1f?email=dave.mihalchik@wmftg.com&data=logo HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:43 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKf5x57xLlACSKTKbdYfmjaBdut2NIohE5roqrPEGiFy6XyGEIc3%2FRgBw0Kfz%2Fr%2BQZHk5XdEj%2F1vHh6kXbNJVzZpt19KK1zCfhD5P5gS0cWn%2BUWf6PRYCF51jR499Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9acd3456a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/ic/aed100793692446f8bcb437f19aa85fb6606cab75d7e3 | 172.67.221.192 | 200 OK | 17 kB |
URL GET HTTP/3luxuway.com/ic/aed100793692446f8bcb437f19aa85fb6606cab75d7e3 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6 CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /ic/aed100793692446f8bcb437f19aa85fb6606cab75d7e3 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606cab6c4af4PASbeebb091955c06fa68b3eb8afc0bae516606cab6c4af6
Cookie: cf_clearance=V9pQcToptSKEEu3VILDE9HbkvjeTN3B_wTpGe58SEwg-1711721135-1.0.1.1-nVqxDcXPVXf3IJDlqicLayScIK79Y4z6pG93izhrJQukfA3hP_hNOmMPV4Lp1.W4z82rLPFn2YRsL.TE4KMujA; PHPSESSID=16472e6f046cad01732d029ce59e2365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:05:44 GMT
content-type: image/x-icon
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BzH3j3Hkf1vReKwuyYtOxjLZUwUKRmYBDaBFoc7XpglAU%2FxxMZK2Tp8xWtuBeBkxFVLVUesij%2FHhCq0sFmTCu23TVa0f0LnsRSXV7%2BNd8uVUbGJLl0kuQ%2FRIBLHu0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06a9e28be56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|