| ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//nbARbH025iNyIQwduzw7/nbARbH025iNyIQwduzw7/cGllcm8ucmFuZXJpQGh5cGVyaW9ubXQuY29t |  208.75.122.11 | 302 Found | 0 B |
URL User Request GET HTTP/1.1ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//nbARbH025iNyIQwduzw7/nbARbH025iNyIQwduzw7/cGllcm8ucmFuZXJpQGh5cGVyaW9ubXQuY29t IP208.75.122.11:443
CertificateIssuerGlobalSign nv-sa Subjectrs6.net Fingerprint8E:9A:B3:CF:52:99:93:DA:8B:D9:17:47:3B:F6:C4:57:8A:37:CE:91 ValidityThu, 15 Feb 2024 02:12:01 GMT - Mon, 17 Jun 2024 21:06:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//nbARbH025iNyIQwduzw7/nbARbH025iNyIQwduzw7/cGllcm8ucmFuZXJpQGh5cGVyaW9ubXQuY29t HTTP/1.1
Host: ri8hc4gbb.cc.rs6.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 29 Mar 2024 13:30:13 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: https://bedfoundation.net/newwayforu/k4843//nbARbH025iNyIQwduzw7/nbARbH025iNyIQwduzw7/cGllcm8ucmFuZXJpQGh5cGVyaW9ubXQuY29t
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1
|
|
| bedfoundation.net/newwayforu/k4843//nbARbH025iNyIQwduzw7/nbARbH025iNyIQwduzw7/cGllcm8ucmFuZXJpQGh5cGVyaW9ubXQuY29t |  103.191.241.46 | 200 OK | 0 B |
URL User Request GET HTTP/2bedfoundation.net/newwayforu/k4843//nbARbH025iNyIQwduzw7/nbARbH025iNyIQwduzw7/cGllcm8ucmFuZXJpQGh5cGVyaW9ubXQuY29t IP103.191.241.46:443 ASN#150142 Wolast Technologies
CertificateIssuerLet's Encrypt Subjectbedfoundation.net Fingerprint26:23:DC:62:CD:33:5A:65:56:BE:2D:66:E7:23:D8:E9:92:0A:A2:0B ValidityTue, 13 Feb 2024 05:08:24 GMT - Mon, 13 May 2024 05:08:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /newwayforu/k4843//nbARbH025iNyIQwduzw7/nbARbH025iNyIQwduzw7/cGllcm8ucmFuZXJpQGh5cGVyaW9ubXQuY29t HTTP/1.1
Host: bedfoundation.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://luxuway.com/Mpiero.raneri@hyperionmt.com
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 29 Mar 2024 13:30:14 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| luxuway.com/favicon.ico | 172.67.221.192 | 404 Not Found | 18 kB |
IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeHTML document, ASCII text, with very long lines (15507), with no line terminators Hash089d85cddd2e8932d31c69d4364e6cb6 02ddcb23519683a27fa25e78a2aad5452adc98d9 6e454cefa476b65b658062d603190904776c9b1baf12a78189a864cda7c6c4c2
GET /favicon.ico HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Mpiero.raneri@hyperionmt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Fri, 29 Mar 2024 13:30:14 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 9BMyf62sIbMBtS+TMOiejBvo4YvVXkFMBPcYNHurFLqu3Cw9yV/Lm2WtrSTqBwgeMx/sgcEeUxOj8MFHMlptJLDZnsq/FUA7WSt3+dTV6ZSm7LiRGs7pg/aLhegG0IaIybMnMeJw4wevzml0+7ieYw==$RFglyDQYF0ppA+E0+MW2EQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0qoKD%2BkQNuVFXqO1sEW%2Ffc12N5zbOrAwoOsBCe7NPXeNPDJp0vXgd1byvxw556aE4jI4ESyilMUsM3GcynDaO7ftS5KQFrtEI3EyyyXcdS6TzNbiNRzBTU9J93Xtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c036a18fe55697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aadcdn.msauthimages.net/c1c6b6c8-3acgzr7pck9hriyeqexuxu66jq3geugkqrw263lvkcw/logintenantbranding/0/bannerlogo?ts=637902918867898534 |  152.199.21.175 | 200 OK | 7.1 kB |
URL GET HTTP/2aadcdn.msauthimages.net/c1c6b6c8-3acgzr7pck9hriyeqexuxu66jq3geugkqrw263lvkcw/logintenantbranding/0/bannerlogo?ts=637902918867898534 IP152.199.21.175:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerMicrosoft Corporation Subjectaadcdn.msauthimages.net Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5 ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT
File typePNG image data, 252 x 60, 8-bit/color RGBA, non-interlaced Hash5409bd61dcfb6df2dc138d24ea609f3e 6e5bdae4681ec3c9e6c7e102e79eb8b471a5e190 5f8b93b3f99ee59cb55cb7a2c22da84c5423a80af5394680521884b6554b814c
GET /c1c6b6c8-3acgzr7pck9hriyeqexuxu66jq3geugkqrw263lvkcw/logintenantbranding/0/bannerlogo?ts=637902918867898534 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 90
cache-control: public, max-age=86400
content-md5: VAm9Ydz7bfLcE40k6mCfPg==
content-type: image/*
date: Fri, 29 Mar 2024 13:30:22 GMT
etag: 0x8DA495330559808
last-modified: Wed, 08 Jun 2022 13:31:26 GMT
server: ECAcc (ska/F77C)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 23e1d4dc-f01e-0077-66dd-81a973000000
x-ms-version: 2009-09-19
content-length: 7069
X-Firefox-Spdy: h2
|
|
| luxuway.com/ic/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b712 | 172.67.221.192 | 200 OK | 296 kB |
URL GET HTTP/3luxuway.com/ic/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b712 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Size296 kB (296420 bytes) Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ic/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b712 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:22 GMT
content-type: image/x-icon
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2F9LcyBhJnSNAW8WkQvBIKwSWJ%2BBeBwYnnTee8PI0Cc%2B6%2BT%2BKuhPteZ%2F2yOq4o8lrCZ4euTeQrITW%2BIV8rKAcOy0fGgJVtJ0n5pVO735SryhF99Nrod93k15BSHc8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036d4bd005697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/jm/9b5b5d030717e2fbf05b81f94fef83b06606c26d8a6a2 | 172.67.221.192 | 200 OK | 12 kB |
URL GET HTTP/3luxuway.com/jm/9b5b5d030717e2fbf05b81f94fef83b06606c26d8a6a2 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeJavaScript source, ASCII text, with very long lines (6357), with no line terminators Hash82ff6e77e3b8f004b23294185e108264 03c685b50fd4587427495348cd1231882a8c48d0 0e230a53a5d5abd125c2a8e1cdd97b32ddd84a9f7fd07c23bff95413886b05fa
GET /jm/9b5b5d030717e2fbf05b81f94fef83b06606c26d8a6a2 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:21 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPYizlnpY7Jw8TAppb%2FRuPcce5lnUTm1qTV4WmIirhgPhlgZJJUimUd0R%2B22MUziImMmw5I6FtFnxulaCedVPXkA7BKnqZygFGY%2BTgAcsw9BCdjGEuGzYks2G1mwNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036cdfe6a5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f | 172.67.221.192 | 200 OK | 5.5 kB |
URL User Request GET HTTP/3luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f IP172.67.221.192:443
CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeHTML document, ASCII text, with very long lines (5541), with no line terminators Hashfc3e18abdcecb2efaf12f4f1d99bdcca cd730bf979700fe62b5be55807dcd37615da44f7 80443fca4219f26e57b26dbe432744a4506f33e3bf1d5f8dff8d09a24c61457b
GET /beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Mpiero.raneri@hyperionmt.com?__cf_chl_tk=PvAq2srwVLSgxtSKXkBL7of89n3_TYByk.Wz4Ghy_CI-1711719014-0.0.1.1-1621
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:21 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrwfWBuHiebEWPu6Ckj6SA%2FmeGEzAdWcZfg9PD7aN%2B2JSLJ4%2FLQOLSq73AEBmlY0P4oKLIlJts2TSINa76Ay00zoNzEunpZ8gBK60p3nlWadLDLHUO2pT81kXiv%2F6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036cc9d135697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unpkg.com/axios@1.6.8/dist/axios.min.js |  104.16.122.175 | 200 OK | 42 kB |
URL GET HTTP/2unpkg.com/axios@1.6.8/dist/axios.min.js IP104.16.122.175:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (41442) Hash3b5b3d36fde8ffe8ed76b1efbfc65410 d63107d0912fdb387530d5ce2d512c928d73d122 29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304
GET /axios@1.6.8/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 13:30:21 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"a209-1jEH0JEv2zh1MNXOLVEsko1z0SI"
via: 1.1 fly.io
fly-request-id: 01HS1FGRYZKY14C0JK748EAY1W-arn
cf-cache-status: HIT
age: 1198463
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c036ce4cef5687-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| luxuway.com/api-as1f?email=piero.raneri@hyperionmt.com&data=logo | 172.67.221.192 | 200 OK | 168 B |
URL GET HTTP/3luxuway.com/api-as1f?email=piero.raneri@hyperionmt.com&data=logo IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash3931dc5fae8992a39f167e670932e5a2 07077dd98d6fe1de6231b18dbdeffdf94ff91525 4e22790a0436fdee40d2c89a0288e50e177619948813b66b73859f0376865362
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /api-as1f?email=piero.raneri@hyperionmt.com&data=logo HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3AnlKGngi%2FxsV2YtT4Pht6mvpzGnxZLd%2FiR0YS0wmO32RKOUup7jRb%2FZSSTgKz5F8ZcYhLX7CoIOYPrkRStt%2FH%2B75QliNdy5UXHSJCE2a4UT%2BN2wG8IXyOi5Qf4Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036d088d95697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/Mpiero.raneri@hyperionmt.com | 172.67.221.192 | 302 Found | 5.5 kB |
URL User Request POST HTTP/3luxuway.com/Mpiero.raneri@hyperionmt.com IP172.67.221.192:443
CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
POST /Mpiero.raneri@hyperionmt.com HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Mpiero.raneri@hyperionmt.com?__cf_chl_tk=PvAq2srwVLSgxtSKXkBL7of89n3_TYByk.Wz4Ghy_CI-1711719014-0.0.1.1-1621
Content-Type: application/x-www-form-urlencoded
Content-Length: 4561
Origin: https://luxuway.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 29 Mar 2024 13:30:21 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; path=/; expires=Sat, 29-Mar-25 13:30:21 GMT; domain=.luxuway.com; HttpOnly; Secure; SameSite=None
PHPSESSID=aefd787b579df5dceb4d5fd8d660595a; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoZFGs%2Fnwc6WIhueihmLEM9mf0jrmOHqLBbr9do3nrFxfc09J%2B7vmBVFeghLYLvuYCIvbHmzdMF%2B1A8ecp6vEHjXJurRhe6Ed0SXRLwaf4IJBGVk7%2Fwi%2B%2BiniTY%2Fgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036c9ca385697-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/2 | 172.67.221.192 | 200 OK | 38 kB |
IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:22 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNMmuAcuLHLPQVFKbj0YHdIOENHdr5XSfc9jYubR%2B7orvMUWYBUPZVmr9hr8Ylki14fZWBm7C71nTH6Z8r9vuuYC3kr0JwOTWWoniWpdpWE2bhu0Ru29RlyLfvjhWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036cf9fe05697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/e/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b8d6 | 172.67.221.192 | 200 OK | 513 B |
URL GET HTTP/3luxuway.com/e/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b8d6 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeSVG Scalable Vector Graphics image Hashadc405f5fd089662209870ca5d2106f7 3a8b776df84bf251afc6ddd802cc5bbeddfb0e36 e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
GET /e/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b8d6 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:22 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5T3g9H1JwEKPumWcMAt6G1DohpgsxrDzT0bddgTgZhdpsiXR9gbSMkyqb34mYUX67Y%2FDx9vee8n8nb286Z2eqS%2BpLv5owfH%2BN6HZJamCb4a1fPm1Si%2Bf6OUdfFgkjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036d088c45697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unpkg.com/axios/dist/axios.min.js | 104.16.122.175 | 302 Found | 42 kB |
URL GET HTTP/2unpkg.com/axios/dist/axios.min.js IP104.16.122.175:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 29 Mar 2024 13:30:21 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.6.8/dist/axios.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HT567CHEP0RJ6M5NTWNYQ6BR-arn
cf-cache-status: HIT
age: 248
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c036ce2cdf5687-OSL
X-Firefox-Spdy: h2
|
|
| aadcdn.msauthimages.net/c1c6b6c8-3acgzr7pck9hriyeqexuxu66jq3geugkqrw263lvkcw/logintenantbranding/0/illustration?ts=637883663937998101 | 152.199.21.175 | 200 OK | 296 kB |
URL GET HTTP/2aadcdn.msauthimages.net/c1c6b6c8-3acgzr7pck9hriyeqexuxu66jq3geugkqrw263lvkcw/logintenantbranding/0/illustration?ts=637883663937998101 IP152.199.21.175:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerMicrosoft Corporation Subjectaadcdn.msauthimages.net Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5 ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 1920x1080, components 3 Size296 kB (295971 bytes) Hash62d4bf522a9bbc418a2a52560f72f551 efaeda2eb80d31952e266047dc8a3e57f2401314 dd2ea62d00666d42115fca405020833947a9d5f8c7ce4fe1e3b752940e7a9dfa
GET /c1c6b6c8-3acgzr7pck9hriyeqexuxu66jq3geugkqrw263lvkcw/logintenantbranding/0/illustration?ts=637883663937998101 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 91
cache-control: public, max-age=86400
content-md5: YtS/UiqbvEGKKlJWD3L1UQ==
content-type: image/*
date: Fri, 29 Mar 2024 13:30:23 GMT
etag: 0x8DA37D00D1827EF
last-modified: Tue, 17 May 2022 06:39:53 GMT
server: ECAcc (ska/F6CD)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 99ae29d2-001e-0026-42dd-81b786000000
x-ms-version: 2009-09-19
content-length: 295971
X-Firefox-Spdy: h2
|
|
| luxuway.com/Mpiero.raneri@hyperionmt.com | 172.67.221.192 | 403 Forbidden | 16 kB |
URL User Request GET HTTP/2luxuway.com/Mpiero.raneri@hyperionmt.com IP172.67.221.192:443
CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeHTML document, ASCII text, with very long lines (16176), with no line terminators Hashf822ad4ce7d0d5c696417293fafef92b 627463c4b695e4051fcfb770fa2e69d2cb6be18a 47ad03b843fc3a290ff99bda1031ef91a3294f25d067c8fe8f28f49a74ebbc7b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /Mpiero.raneri@hyperionmt.com HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 29 Mar 2024 13:30:14 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: T8zWujx3jFZITQ1vWq+frwx8F/QttmTFLWwth0DiyyHMwRCJX9oChXSifXyfDJNwLZjfr++XG+j+X4Hjf7Wv4kL/+IwtcDhHdatMdvsUp+NBQUmgcOC+uj8+NPPWHuVRKKMc1kWZ+HEDWGYzIQ1MVw==$/UPK2eACqbEbcIletrqzUQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxrzCYEFdkDyEI4fTWUneb5luqARSBEaclUR7YIzzcSz3aENSMvLS%2Fzs61ZK0quzcGKhyuWQdKeic%2FrFCW6hjvjJRz4%2F%2FxoTXJVO5NAfZjE91QGFA1MyMuWvsFnWPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0369fedb256a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| luxuway.com/boot/9b5b5d030717e2fbf05b81f94fef83b06606c26d8a6a1 | 172.67.221.192 | 200 OK | 51 kB |
URL GET HTTP/3luxuway.com/boot/9b5b5d030717e2fbf05b81f94fef83b06606c26d8a6a1 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeJavaScript source, ASCII text, with very long lines (50758) Hash67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /boot/9b5b5d030717e2fbf05b81f94fef83b06606c26d8a6a1 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:21 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wEqTfMP5PMMWSzEpyBIlXi5BigvMX52pqfyXd2SpAA%2FoA1dxdKcA%2FsEV%2BcodNOsO%2BXs85o2qq5ib%2FtjE%2FraW8ZPy3j6L%2FexOq2e0Ue3xaEQ1Ns56iLnGlqeer6mO1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036cdfe695697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/o/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b8cd | 172.67.221.192 | 200 OK | 3.7 kB |
URL GET HTTP/3luxuway.com/o/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b8cd IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeSVG Scalable Vector Graphics image Hashd633a913e6f3b1f45774b9874dfc85e0 5ba1344048578062c93cfddfdf8458477eaca476 c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
GET /o/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b8cd HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:22 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQErvwNzMXjonlSeA6LiVYuEJGNQc5onX6WbMtVIMVwIOqv9Ii%2F4quQOgjmBAGhp729TaSHDLVgqab0KVSmDfBvdEueatwVChrDrEtjF1Z0J2XyfRjd8ynQnhEk1Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036d088bf5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/api-as1f?email=piero.raneri@hyperionmt.com&data=background | 172.67.221.192 | 200 OK | 176 B |
URL GET HTTP/3luxuway.com/api-as1f?email=piero.raneri@hyperionmt.com&data=background IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe34f345df4c9cae538839610ba90be23 38c99cd6f061ccb9eb38d9656d8944bb7e591e54 aae224563b715dfebfc4b2fa7f90fd1ba52e55c533940bee7e19226ef33c6366
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /api-as1f?email=piero.raneri@hyperionmt.com&data=background HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:23 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ERU4pvWoUDrBLwPsNJCLNI8D0KmSV9kGBQSE3%2B07hSvnVpcjIdtxxiNStGz1TA3O2oQ8WW6K9uQJQ4oy%2Bzvg0dgb3vG4P%2BAwZXo%2B5SsCt5liF3LtGmiRsdWixWg6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036d098dd5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/APP-B7P5PM/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b717 | 172.67.221.192 | 200 OK | 105 kB |
URL GET HTTP/3luxuway.com/APP-B7P5PM/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b717 IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size105 kB (105369 bytes) Hash8e6b0f88563f9c33f78bce65cf287df7 ef7765cd2a7d64ed27dd7344702597aff6f8c397 a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
GET /APP-B7P5PM/9b5b5d030717e2fbf05b81f94fef83b06606c26e0b717 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:22 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9kkVR1P1RIXABC8tgjlnWTYhbsknCyHVh3IdHK8l85SK9lg9JqWBLx2xPtm3G9VvyS%2FbU%2BzTAd5gAgAtGUXdiHry7iDmTQg7ApjZyYkLqPO%2FjwAA%2FKOzpPJSjP6R3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036d098e05697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luxuway.com/jq/9b5b5d030717e2fbf05b81f94fef83b06606c26d8a69c | 172.67.221.192 | 200 OK | 86 kB |
URL GET HTTP/3luxuway.com/jq/9b5b5d030717e2fbf05b81f94fef83b06606c26d8a69c IP172.67.221.192:443
Requested byhttps://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f CertificateIssuerGoogle Trust Services LLC Subjectluxuway.com FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/9b5b5d030717e2fbf05b81f94fef83b06606c26d8a69c HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c26d7893cPASbeebb091955c06fa68b3eb8afc0bae516606c26d7893f
Cookie: cf_clearance=e1rBfI3N5qsgT.HC5RZcXNIfHCcBmooa9CX_QYCp.nI-1711719014-1.0.1.1-Cr8SJVrkYXgQVrSMxkACTqO71Lfj8ivdToPYMkGi1tGrVyX.zFGBntFT2ooF7ObtlA2Z2G_VQLZIlzI9kBPnng; PHPSESSID=aefd787b579df5dceb4d5fd8d660595a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 13:30:21 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MDNEaHhflzhuOaokXLrc%2Fab5JqBMiy5yUulzgW8KW%2BRjnhSKub9oURlWxCYJXXBtAd5tF%2FBl%2FVHBcibTyQjYjCqwM8K8QMnOE7LbzUM%2FfRupozj2%2BFQWKlqML9Jgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c036cdfe685697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|