Report - ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//DX3R5ygbLFI8onMs23vT/DX3R5ygbLFI8onMs23vT/YW50b2luZS5iZXRiZXplQG5hdmFsLWdyb3VwLmNvbQ==

Report Overview

Submitted URL
ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//DX3R5ygbLFI8onMs23vT/DX3R5ygbLFI8onMs23vT/YW50b2luZS5iZXRiZXplQG5hdmFsLWdyb3VwLmNvbQ==
IP
208.75.122.11
ASN
#40444 ASN-CC
Submitted
2024-03-29 15:05:07
Access
public
Website Title
8ae8cd2744d81a401391e1339e6810606606d89042022
Final URL
luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
6
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ri8hc4gbb.cc.rs6.net	unknown	unknown	No data	No data	771 B	446 B	208.75.122.11
bedfoundation.net	unknown	2022-10-08	2023-01-12	2024-03-26	576 B	397 B	103.191.241.46
luxuway.com	unknown	2023-12-19	2023-12-19	2024-03-28	11 kB	339 kB	104.21.86.163
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-03-28	627 B	202 kB	104.17.2.184
unpkg.com	11693	2016-01-06	2016-01-08	2024-03-28	816 B	84 kB	104.16.125.175
aadcdn.msauthimages.net	4795	2018-11-12	2019-08-14	2024-03-28	526 B	202 kB	152.199.21.175

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	unknown	37 B	2023-04-11	2024-04-28
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-04-28 08:08:59 Times Seen232029 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unknown	79 B	2023-04-11	2024-04-28
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-04-28 08:08:59 Times Seen124643 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	unpkg.com/axios/dist/axios.min.js	42 kB	2024-03-15	2024-04-28
Pretty URL unpkg.com/axios/dist/axios.min.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 17:36:33 Last Seen2024-04-28 07:48:01 Times Seen10052 Hash 3b5b3d36fde8ffe8ed76b1efbfc65410 d63107d0912fdb387530d5ce2d512c928d73d122 29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304 Loading...

	luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e	0 B	2023-03-07	2024-04-28
Pretty URL luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e IP 104.21.86.163 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-28 08:15:04 Times Seen37136791 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	luxuway.com/boot/ea1d261b22f1efaf9a566b1b301044116606d890541b9	51 kB	2023-03-07	2024-04-28
Pretty URL luxuway.com/boot/ea1d261b22f1efaf9a566b1b301044116606d890541b9 IP 104.21.86.163 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-28 08:12:54 Times Seen245037 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	luxuway.com/jq/ea1d261b22f1efaf9a566b1b301044116606d890541b4	86 kB	2023-03-07	2024-04-28
Pretty URL luxuway.com/jq/ea1d261b22f1efaf9a566b1b301044116606d890541b4 IP 104.21.86.163 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-28 08:12:54 Times Seen385283 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	luxuway.com/jm/ea1d261b22f1efaf9a566b1b301044116606d890541ba	6.4 kB	2023-10-11	2024-04-28
Pretty URL luxuway.com/jm/ea1d261b22f1efaf9a566b1b301044116606d890541ba IP 104.21.86.163 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-11 19:03:08 Last Seen2024-04-28 07:47:58 Times Seen43821 Hash 82ff6e77e3b8f004b23294185e108264 03c685b50fd4587427495348cd1231882a8c48d0 0e230a53a5d5abd125c2a8e1cdd97b32ddd84a9f7fd07c23bff95413886b05fa Loading...

		Size	First Seen	Last Seen
	#1 Eval - c0ac61ee54d34ac25d3cf7a07790fbea	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash c0ac61ee54d34ac25d3cf7a07790fbea dc60768b27908a35fac7cc07c11a4f937d9b2850 2053383ed7d36f11343f3da47d2a22eb4bd5e4b7c7160a456eaac20fb0459dee Loading...

	#2 Eval - b5e5b0c455f1c451cc18028ec4baff37	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash b5e5b0c455f1c451cc18028ec4baff37 f157289a1b0abbb40d63b56ffffdfb88b6f6cc37 3c14f10021c076f31eca1b3a13e65aef563789f04d3f900b7225cd57a14bb93b Loading...

	#3 Eval - a021dd41e1d423a9fecc8a751ddf13c9	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash a021dd41e1d423a9fecc8a751ddf13c9 5607ee972336cbc7cd55bc3e9b57242adbfeb5fa 0800e6cbb785754565409d28ce651259a5ca597ed1144c491e9b102c2dad03ca Loading...

	#4 Eval - 0925bddd05ed8e6a22672fffac5267be	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash 0925bddd05ed8e6a22672fffac5267be 0ce12c1f850f8b1b981b323e6ddc0fc481c327a5 3c411bfd06ed5e24103b8f693dafa1d68161464d48c22721fb7499f93e075417 Loading...

	#5 Eval - 6f5eac804f388d908e80f421f0381f0e	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash 6f5eac804f388d908e80f421f0381f0e 1e460647c275d176320dc941a98471b4694b952d c46a4d5b682ce591a6c71d136faf46f15661b920bc23e6e55d3927156fa45484 Loading...

	#6 Eval - e50c0ad71c7d30f7c962b0a37b82c7f7	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash e50c0ad71c7d30f7c962b0a37b82c7f7 4e3e2df61e264b10df9ddcef9561457e60a15d1a afdf3a565fb10b69a3e6501e7a42e0f9857c4a63769edfb65609c44cac83812c Loading...

	#7 Eval - 3672f29678ac79f210e0de7089ed6f01	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash 3672f29678ac79f210e0de7089ed6f01 aac6ddcdd97e45a64ed7ddd27f83d265b17b59ea db06a4551703a7fcfc7fe0230efed5bf1e0fed73c5340855747e5eb468007443 Loading...

	#8 Eval - 1439fe895ff95c9678efadf453326f8b	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash 1439fe895ff95c9678efadf453326f8b 473d7c87a62e0f5b380512e5488a691b6fdcbf22 4ec9cce7357f8849f370f20961834b86adefac791ad7957da2625ef202dd56eb Loading...

	#9 Eval - 933a75e11c2820c05409600b7a409dd5	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash 933a75e11c2820c05409600b7a409dd5 5604ab230cffbdcd766e55d1db82caab0a120912 851e7958f7c46252e6c58ed8256c826ee26836b728269d4dc4ad99ace58df7bc Loading...

	#10 Eval - 6548651a3a609685155f321140165671	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash 6548651a3a609685155f321140165671 d305ba4b688296183bdd27f0d38c2d7b3d7d7c7f 0c1afa8f29f34b474655aff075742b89a749ecb1c9cc2a1bcf7e11df518365cf Loading...

	#11 Eval - 6d5e2cc328303005cfe62d1715e3f88d	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash 6d5e2cc328303005cfe62d1715e3f88d ad3466c7aca06d171ff1e459fab27eb1bed1d5e8 212b6bf94021ed08eb5bc5dc6f4c13889f9dbb1d2009077602934f81e95c642f Loading...

	#12 Eval - 977dd0b52f75021ab4f4b14032c5e079	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash 977dd0b52f75021ab4f4b14032c5e079 a9f9a6c260256713c9be6b45a02341bfd4364f33 1dbec88dba9a4e9ba35ec41b502ecfd7b3ff9a61ce38b0996d72d8bdc317b38e Loading...

	#13 Eval - de04bd21bbbe0ad5b4f3f9c30e4719b2	579 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash de04bd21bbbe0ad5b4f3f9c30e4719b2 abe7588c793c5cfba9d4ebd6869bdc95d2fe40b7 5608f9a12c422c0d33913b0d9151479375e62a10a26e1dd03feea301635a6543 Loading...

	#14 Eval - 09f20af2f6f12fecbe4eea29715a7c9d	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:13 Times Seen1 Hash 09f20af2f6f12fecbe4eea29715a7c9d 053a3d822a41e29c8827c0243c9cad6a7b8cfc5e 799ed2d247f35f8f0459f3c24c1244874df351c32026e3b046e19f96323820f2 Loading...

	#15 Eval - 0d38ee90ede9b3220eacfc23a81680c5	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:13 Last Seen2024-03-29 16:05:14 Times Seen1 Hash 0d38ee90ede9b3220eacfc23a81680c5 b7eda580599ba83e3f56fa2b9eb52cb383079c85 750229c64a4d4abbe069aa484ef175395578714707881e915a8980eff25a6da1 Loading...

	#16 Eval - 30c3caaf4a13cf10d22ffa58ba1deb23	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash 30c3caaf4a13cf10d22ffa58ba1deb23 f0bec55efed39cdc94ce29f826c8e614007cc087 753c75fc9686ebe8fac0a9ef76a40d0b4c1af3288805c6a04c96fad8781428b2 Loading...

	#17 Eval - 145fcf816f06e8360e656363bb16e8d7	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash 145fcf816f06e8360e656363bb16e8d7 8453b184a0dc1061197189f72c7c9a97757ab739 218635cc24034c01387e98909dd98757782b82afec19b9fc06abcfcf565d7676 Loading...

	#18 Eval - 4f730ce28bf7ca2cfee25cba2e3a8c0c	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash 4f730ce28bf7ca2cfee25cba2e3a8c0c 667692ec8a0a3176301f978f9032484b2becf719 b59681bfea8c890925e92b41c97f706a183124724b382b6b5e383c6d00dfb1a7 Loading...

	#19 Eval - dd14db7ebc24baab511c18809966db12	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash dd14db7ebc24baab511c18809966db12 e5e6bf43e06f41111d6b3d6bbeb613ba19dad9b2 1bf748dfd96b1f70be9c471ddda0bfddaee957332bb2bf1df6e5a521b15fde4a Loading...

	#20 Eval - f7de472f4ab3fda333426969cd32aa08	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash f7de472f4ab3fda333426969cd32aa08 8903ea774b524d42e91a6d824bc9fcdb0054fa9c 6dd9633a3b4627efac43576ac6f868581c5029e3544e4a99f8332be9c6953df8 Loading...

	#21 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-28
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-28 08:02:06 Times Seen350248 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#22 Eval - 190ef4edaf4aba9ce6829ea860b2cb65	61 B	2024-03-22	2024-04-04
Pretty Observations First Seen2024-03-22 10:35:33 Last Seen2024-04-04 15:56:11 Times Seen1815 Hash 190ef4edaf4aba9ce6829ea860b2cb65 84010fdde06dc04427d11aafdf4ba6495e14eff8 0334ef3ce9e77db17376ce3e320fe96b901743f1baa1096cc4066922ac672f8c Loading...

	#23 Eval - 78981a662abad713af5f10eac561d3b3	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash 78981a662abad713af5f10eac561d3b3 2b4642838eecf0c26ee93e009c161c358610bea3 656493f9cf677fb8bfac8c9e9de66d8ecd89d38cd511073519371e011cf7f456 Loading...

	#24 Eval - cd45f9bdd12c8f231e8a44838306088f	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash cd45f9bdd12c8f231e8a44838306088f 9d10da25704beeff35fe48570d121ab11e3b5f46 d8f16112e35e7e9d6d05c3d48db3a75ee58afb556f761e66bdbdd556e0c74337 Loading...

	#25 Eval - 8af8e0ffa1012af471fab8c5989df99c	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash 8af8e0ffa1012af471fab8c5989df99c 198653224ea51f5a0144fcaae174435dee52daa8 acb2ce34bed6dd7aea8c1b7220c90ec7a3d42ffbaecd41a911f6c3cb304d4863 Loading...

	#26 Eval - 038fe5c931d40b106b0095d554066fd4	1.1 kB	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash 038fe5c931d40b106b0095d554066fd4 9ad2c399bc7cb8c5410c93fa2cb75be27d84338d f2a4423cc5d2a4ce06a726134729e31ee4d33001fcd0bf358ac52b95d7e3d916 Loading...

	#27 Eval - 8ba1d70c2837cec2708700b1f25f985d	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 16:05:14 Last Seen2024-03-29 16:05:14 Times Seen1 Hash 8ba1d70c2837cec2708700b1f25f985d ab7b7b16d39c46cb2bf2906bb759a1d0397295b4 ec84ba7f148e50138065525f3cf3f8c2938b85b3a96f65ff6b8b7c16f45284f3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07	2024-04-28
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-28 05:30:38 Times Seen44601 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (21)

URL IP Response Size

ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//DX3R5ygbLFI8onMs23vT/DX3R5ygbLFI8onMs23vT/YW50b2luZS5iZXRiZXplQG5hdmFsLWdyb3VwLmNvbQ==

208.75.122.11

302 Found

0 B

URL User Request GET HTTP/1.1
ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//DX3R5ygbLFI8onMs23vT/DX3R5ygbLFI8onMs23vT/YW50b2luZS5iZXRiZXplQG5hdmFsLWdyb3VwLmNvbQ==
IP
208.75.122.11:443
ASN
#40444 ASN-CC

Certificate
IssuerGlobalSign nv-sa
Subjectrs6.net
Fingerprint8E:9A:B3:CF:52:99:93:DA:8B:D9:17:47:3B:F6:C4:57:8A:37:CE:91
ValidityThu, 15 Feb 2024 02:12:01 GMT - Mon, 17 Jun 2024 21:06:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//DX3R5ygbLFI8onMs23vT/DX3R5ygbLFI8onMs23vT/YW50b2luZS5iZXRiZXplQG5hdmFsLWdyb3VwLmNvbQ== HTTP/1.1
Host: ri8hc4gbb.cc.rs6.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Fri, 29 Mar 2024 15:04:40 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: https://bedfoundation.net/newwayforu/k4843//DX3R5ygbLFI8onMs23vT/DX3R5ygbLFI8onMs23vT/YW50b2luZS5iZXRiZXplQG5hdmFsLWdyb3VwLmNvbQ==
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1

bedfoundation.net/newwayforu/k4843//DX3R5ygbLFI8onMs23vT/DX3R5ygbLFI8onMs23vT/YW50b2luZS5iZXRiZXplQG5hdmFsLWdyb3VwLmNvbQ==

103.191.241.46

200 OK

0 B

URL User Request GET HTTP/2
bedfoundation.net/newwayforu/k4843//DX3R5ygbLFI8onMs23vT/DX3R5ygbLFI8onMs23vT/YW50b2luZS5iZXRiZXplQG5hdmFsLWdyb3VwLmNvbQ==
IP
103.191.241.46:443
ASN
#150142 Wolast Technologies

Certificate
IssuerLet's Encrypt
Subjectbedfoundation.net
Fingerprint26:23:DC:62:CD:33:5A:65:56:BE:2D:66:E7:23:D8:E9:92:0A:A2:0B
ValidityTue, 13 Feb 2024 05:08:24 GMT - Mon, 13 May 2024 05:08:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /newwayforu/k4843//DX3R5ygbLFI8onMs23vT/DX3R5ygbLFI8onMs23vT/YW50b2luZS5iZXRiZXplQG5hdmFsLWdyb3VwLmNvbQ== HTTP/1.1
Host: bedfoundation.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
refresh: 0;url=https://luxuway.com/Mantoine.betbeze@naval-group.com
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 29 Mar 2024 15:04:40 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

luxuway.com/Mantoine.betbeze@naval-group.com

104.21.86.163

302 Found

16 kB

URL User Request POST HTTP/3
luxuway.com/Mantoine.betbeze@naval-group.com
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, ASCII text, with very long lines (16196), with no line terminators
Size
16 kB (15625 bytes)
Hash
f29847857f31f57f05f35cb29e67f02c
9cf2281658cb4d258f1046284a57c3193fcde012
219ad8ae3595edb01f0bf4bb03128547d218ed537de3681616eeb46bbbddda31

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /Mantoine.betbeze@naval-group.com HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 29 Mar 2024 15:04:41 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 0HguY+hcXATdwi9t7n3wPou4BPkChVZ1mzkgEBo+UtkRYale+NAHn0Cgi9bJDLa4jAKm8Q+8uv5teQPKS8K7L32GaELlKrR6sNseiBqOQuCdGD4VV1PHkG3SxW6Hwv8ONs9Cj/UxKreB9emB/r2AmQ==$lZOOB1amS8wzQ5GU7L521Q==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7amrsQl%2BZre5IZPBatV6eZ02S%2BAVdzFJgsH%2FGGYhsGUpkFuDcLcvF0DTAUORQHOET%2FmD4leklNSUZgRUh0xVcV4yYozhV2pwKqmc3BlaXsuiM61Um6UCu15xZNU1CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0c0f95b7b56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

luxuway.com/2

104.21.86.163

200 OK

12 kB

URL GET HTTP/3
luxuway.com/2
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (9588)
Size
12 kB (12233 bytes)
Hash
741cf20fff876dd4bf02577d97a4c469
72787f6c42135a4eaa88a219bc751333937389d0
1e18e27a89d0970552ce6fd84d216977e14634ec114d30992fc9d35426dd6b21

HTTP Headers

GET /2 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2i2nrrPV5vQFlXXOGycz5MFJ7KBGUPOpxWEN2L1T3wNoASt28%2Ba0CYEgUS6wWmghcvh9QW8zCF1KKi8L2gZEII1euEXZIoE4KHANik7cxX41VMMmU8imih3g%2FVITw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c128bf3f56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/86c0c0fc2e940b3d/1711724681967/ELSoi2xxfIzfl3y

104.17.2.184

202 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/86c0c0fc2e940b3d/1711724681967/ELSoi2xxfIzfl3y
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 80 x 35, 8-bit/color RGB, non-interlaced
Size
202 kB (201892 bytes)
Hash
766d2212f43490dbf87ac4bc08764530
0e40dfbb8798327d5932de06846eb40617a9a02d
c37d09aa213b127dc292c36ca18d483c38c8b171a657515ce02cd985d446e3a1

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/86c0c0fc2e940b3d/1711724681967/ELSoi2xxfIzfl3y HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/7zzom/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:42 GMT
content-type: image/png
server: cloudflare
cf-ray: 86c0c104bbef0b3d-OSL
alt-svc: h3=":443"; ma=86400

luxuway.com/ASSETS/img/LIMG-6606d8911c2bd.css

104.21.86.163

200 OK

8.9 kB

URL GET HTTP/3
luxuway.com/ASSETS/img/LIMG-6606d8911c2bd.css
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
PNG image data, 108 x 24, 8-bit colormap, non-interlaced
Size
8.9 kB (8870 bytes)
Hash
d85f982252feb085cc8f85a16f3dbc71
555883859630b990e7c919c67d6d5e7d31ae0a1c
52f2bc7fdb8be61891073e845ed4e8da66fd3e118c108224a1945201d1482259

HTTP Headers

GET /ASSETS/img/LIMG-6606d8911c2bd.css HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:49 GMT
content-type: image/png
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvhpfyDZOudQ5NXtFWQfZzrt3tQ0LvR%2Bz4f7C5N4YiEpD2EjKiZaOc0kq3%2Fet%2FgDpC7hPQ3dpBtyRBPQDY1ocT4%2B4p9t54MQHNS2H6hUDvjMf9Tw54gRgv0Y%2FsnEaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c12b398956ba-OSL
alt-svc: h3=":443"; ma=86400

luxuway.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1187116206:1711721380:104Gjf76EbPB98EnlHbvvp_DEtUv9Vs1lklTxjDcq5U/86c0c0f95b7b56ba/755654534492bee

104.21.86.163

16 kB

URL
luxuway.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1187116206:1711721380:104Gjf76EbPB98EnlHbvvp_DEtUv9Vs1lklTxjDcq5U/86c0c0f95b7b56ba/755654534492bee
IP
104.21.86.163:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
ASCII text, with very long lines (3560), with no line terminators
Size
16 kB (15922 bytes)
Hash
3d2a40aa64dbafa18b8916f9c060c733
d1611f2918bc45f4df28b4d7909cfacfd2153eaa
ed3bb700f1e7bb0fa27785ecdad3252a06668cafa2014db9348fbf7cb59b6998

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1187116206:1711721380:104Gjf76EbPB98EnlHbvvp_DEtUv9Vs1lklTxjDcq5U/86c0c0f95b7b56ba/755654534492bee HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Mantoine.betbeze@naval-group.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 755654534492bee
Content-Length: 3371
Origin: https://luxuway.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:47 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_m=;Expires=Thu, 28 Mar 2024 15:04:47 GMT;SameSite=Strict
cf-chl-out: DrGR7IEqSs94rOgAJyU5KYMwBlnSrCDVPlgD0feYGRJJat/wcR0gps23DoUWolKFQI8uPcCMXcpSMDcK9mTPsg==$Z9K9onqVA0plaCLhKnwtLQ==
cf-chl-out-s: LOoQzGw7g9Gr4ycAl7hwdi5H50dxWZnX6sRDVj0XtGqThvUvgL/3rjZ7WYSCwGndpNq8iwNIRSgVDv7zZ4+ed6nO4T8SlrViM6C5LtH8xapoNBItzzel/haflkmyI0Okoc4U58BzUt5tMZ6wMhA4oVm25kvltkPz+BR+p1JJuA2vVI4w0/MSj5wjppfdswhYk0z0eiXOWPXtNZWubo3nIa1fmXZmbiKCfHGR25FvjV4h4pXWXAz5v9lLk3PYgrr6jwQrS/NqpH9RPh98Cm/gLa2G531j6dy3uQze6YgEDrSNoUhIFr4EqahGcQWq0Bwg3C0XN0rNlT9MdocTrIoGdRCi9IL8i3tJX9hwqHYOOmXMEu2UAI3gm0ecqf47seTkj4XXc6EGceCnemXucsYmAaHQCIy58UV8f9i3D2ZG29HRClOcNtRj2lLs0I/wM4S2g5r2AM/zF4DYJidwN9MZJA==$oNEcRoF+InBbjTN1rD+sSA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BcylkfLYiQxGGqwggMN9NwqmFr2puVURKz1L6WGze2PVXdbLcPKtfjAP8waHhVjjlo7876tFV%2FtfK0pcsxPMHS0hqeXrJfcKOuO%2FSyTyYPWP394LSHZlVQstxj%2Fcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c121e9b256ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/APP-JU5Z3F/ea1d261b22f1efaf9a566b1b301044116606d890bfc1d

104.21.86.163

200 OK

105 kB

URL GET HTTP/3
luxuway.com/APP-JU5Z3F/ea1d261b22f1efaf9a566b1b301044116606d890bfc1d
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
105 kB (105369 bytes)
Hash
8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a

HTTP Headers

GET /APP-JU5Z3F/ea1d261b22f1efaf9a566b1b301044116606d890bfc1d HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:49 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIUkV4Nj00wuIWeMxQ10pUdSZMxCDeNY%2BpL%2BzCfH2t9TOqg16COdN1bmneL%2BXIMhxTQPLdgu%2F6pfGc66uoZUNglDoZT6HNCO2fy%2BrlCm6cjp9zOZz%2BdvDAtivCab6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c1298ffe56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e

104.21.86.163

200 OK

5.5 kB

URL User Request GET HTTP/3
luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, ASCII text, with very long lines (5541), with no line terminators
Size
5.5 kB (5502 bytes)
Hash
da93a9046781df04710966d5f57484a6
2f42e71e7cd146afecf5ac1d21f7cdb1456c986b
6097a1d205afc4a9807e76993f5904c53903de2cdbbcb40ff4316a4998e79335

HTTP Headers

GET /beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Mantoine.betbeze@naval-group.com?__cf_chl_tk=YhHcfoMUjROHEU0Q5tpCOd1FtSxyfU9GiX3yCdsPvuI-1711724681-0.0.1.1-1642
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRn4Xz13gVtBCWqAYGIdFLuYrS3mx%2BG%2BbQkmzAVyM1wTR%2FafAJnjn3%2Fp83wtGeSBxtI7t0aM1yHNotBqIsMWHQtgENbrqMZSl6quPv7wf0vbjDlSHdsgTPhLkSkFig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c125fd1156ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/axios/dist/axios.min.js

104.16.125.175

302 Found

42 kB

URL GET HTTP/2
unpkg.com/axios/dist/axios.min.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
42 kB (41481 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.6.8/dist/axios.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HT5BCM788818MCAZJQKX2V52-arn
cf-cache-status: HIT
age: 501
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c0c127280956a2-OSL
X-Firefox-Spdy: h2

luxuway.com/e/ea1d261b22f1efaf9a566b1b301044116606d890bfe3f

104.21.86.163

200 OK

513 B

URL GET HTTP/3
luxuway.com/e/ea1d261b22f1efaf9a566b1b301044116606d890bfe3f
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
SVG Scalable Vector Graphics image
Size
513 B (513 bytes)
Hash
adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49

HTTP Headers

GET /e/ea1d261b22f1efaf9a566b1b301044116606d890bfe3f HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfn9hVn4HxckGqi1V3LlsyAfQm65REe%2Bm%2Bzm6gg2CxvVDpavN4FmsK3g5KTcTsqZvCGej9YHMqHa8DDSizWSwpGn%2BSQuPoOKgm7zEWUofQFHZXbEQtSkX%2BdL61s0mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c1297ff456ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/api-as1f?email=antoine.betbeze@naval-group.com&data=background

104.21.86.163

200 OK

176 B

URL GET HTTP/3
luxuway.com/api-as1f?email=antoine.betbeze@naval-group.com&data=background
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
176 B (176 bytes)
Hash
58646d91ee40b4fa01017937975ebd40
e13050964265055f926a56bb2c8ebd011a922750
6ca3486ba042ab80672c4b75040f56bd73ec30157abda82fdd6b297113160f00

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /api-as1f?email=antoine.betbeze@naval-group.com&data=background HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:49 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKzEMueOUOXVAm8U5CHNN0OoVyGDUKQgm6UP0SFH28S2i4XOXC1LLtjRplI%2FFxOl2uiVFK6kVmEkowdY%2FqgxGmjFV1cTcqE%2F9Vo04QeaIdv3xzdp%2FP8lnP%2Bg14QfLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c1298ffb56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/jq/ea1d261b22f1efaf9a566b1b301044116606d890541b4

104.21.86.163

200 OK

86 kB

URL GET HTTP/3
luxuway.com/jq/ea1d261b22f1efaf9a566b1b301044116606d890541b4
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /jq/ea1d261b22f1efaf9a566b1b301044116606d890541b4 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RptLUpZdZy2SoHolD2rnNtJV%2FPOw4eJq1LqBt7DfDoN0lSU7ARugEb5%2BWR8jPwY0p9BECeCZMmneKK2Koem0qzaHHlSdjS3VW5lGan0vKmKW4lu%2FMjR7bbFMp2FxBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c126fdbc56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/jm/ea1d261b22f1efaf9a566b1b301044116606d890541ba

104.21.86.163

200 OK

6.4 kB

URL GET HTTP/3
luxuway.com/jm/ea1d261b22f1efaf9a566b1b301044116606d890541ba
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
JavaScript source, ASCII text, with very long lines (6376), with no line terminators
Size
6.4 kB (6357 bytes)
Hash
1e07a363eef4b40ab4a38d5e4371da5c
7351be2a378540a016aec380141927221a45f19b
01ba4de80540981fd34be681b5c1fce8b205e341ac6fa73a61817068ff566510

HTTP Headers

GET /jm/ea1d261b22f1efaf9a566b1b301044116606d890541ba HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BczwkOtBerYnJzEeke9ktz%2BaBujNjBf83sjOB9cYU9NKBQ%2FGJpduY3oQoThvmcFFUDrWUZa5lRc6S2u9lHzWGc3Slt05u5N12%2BoWQ9JQthRn5tEdqpwjtWxeDOfOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c1270dbf56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/axios@1.6.8/dist/axios.min.js

104.16.125.175

200 OK

42 kB

URL GET HTTP/2
unpkg.com/axios@1.6.8/dist/axios.min.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (41442)
Size
42 kB (41481 bytes)
Hash
3b5b3d36fde8ffe8ed76b1efbfc65410
d63107d0912fdb387530d5ce2d512c928d73d122
29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304

HTTP Headers

GET /axios@1.6.8/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"a209-1jEH0JEv2zh1MNXOLVEsko1z0SI"
via: 1.1 fly.io
fly-request-id: 01HS1FGRYZKY14C0JK748EAY1W-arn
cf-cache-status: HIT
age: 1204130
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c0c127481e56a2-OSL
content-encoding: br
X-Firefox-Spdy: h2

luxuway.com/o/ea1d261b22f1efaf9a566b1b301044116606d890bfe31

104.21.86.163

200 OK

3.7 kB

URL GET HTTP/3
luxuway.com/o/ea1d261b22f1efaf9a566b1b301044116606d890bfe31
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
SVG Scalable Vector Graphics image
Size
3.7 kB (3651 bytes)
Hash
d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714

HTTP Headers

GET /o/ea1d261b22f1efaf9a566b1b301044116606d890bfe31 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2B4awwq%2F8q24GI5dHd314GCh6Kur32pLM8S0JUJBUn9J2R4osDMOh%2Fy2fJhui3fTvKyADzSAPRhZ3%2FrDypOUnodR0hBlF6V%2Bbj1iAirUzNaF85A58tikIahrjVoU8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c1297ff356ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/api-as1f?email=antoine.betbeze@naval-group.com&data=logo

104.21.86.163

200 OK

80 B

URL GET HTTP/3
luxuway.com/api-as1f?email=antoine.betbeze@naval-group.com&data=logo
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
80 B (80 bytes)
Hash
ac0a58a046b0209464255ce0a132e92c
f10860c93068a5b5a96a2b2acedc8d49d61fccdd
802561d6d9afdc39f1bb6df5c4c221db0f6ced4f43a427c535ee2f4aff3844b9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /api-as1f?email=antoine.betbeze@naval-group.com&data=logo HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:49 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xN0KcgPkaHWuGJHcgiV0cNLZgCEI0U%2FKc7zqRca4TqBeGxDBzUQAVnGWHD9PjluhPQBVYBR%2FAdE2WFWJXcfl%2FDbK0NOq%2FMzCEy6iZslyKfupRgDnCP%2BAs0wDd%2BFlzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c1298ff956ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/ic/ea1d261b22f1efaf9a566b1b301044116606d890bfc16

104.21.86.163

200 OK

17 kB

URL GET HTTP/3
luxuway.com/ic/ea1d261b22f1efaf9a566b1b301044116606d890bfc16
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

GET /ic/ea1d261b22f1efaf9a566b1b301044116606d890bfc16 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:49 GMT
content-type: image/x-icon
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2BHz1KhfzRAYZ%2BqxYQ%2Btoi6UVgQwZhOIdnc1srmDYnlv8pm1I%2B0PwYnHyoImPAh1soH%2Biahqax2eMSn744RlKTQfYNYlR1ygmqttQ8S9SLuDssE6PlNRX099rCI9%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c12c8a8f56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/favicon.ico

104.21.86.163

404 Not Found

315 B

URL GET HTTP/3
luxuway.com/favicon.ico
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1mbiPLP1FxI3xAzhG3qNHpMUJ9%2BfOHgnoJeZPdy36bxNcgrGmSg8b23ZDHr9GNoTcVjmkRt2uxTzrv2T4br7Ci4w9WYxQWG%2FtGWvW0Iv%2FNh1D7mwKvhobp42kDiYPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0c1296fd856ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/boot/ea1d261b22f1efaf9a566b1b301044116606d890541b9

104.21.86.163

200 OK

51 kB

URL GET HTTP/3
luxuway.com/boot/ea1d261b22f1efaf9a566b1b301044116606d890541b9
IP
104.21.86.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /boot/ea1d261b22f1efaf9a566b1b301044116606d890541b9 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Cookie: cf_clearance=JGHm2SxAqm712ZJz.f_SkAStNy78taF8ojKs46rh9CU-1711724681-1.0.1.1-HmDsl6bf8RY8.fpMLbaqm0TOH_iEzmVSewsNWnTQ_Co6ljI7X0tAbmbIiUg06J7IZ8D3wEy8HjEmAtPSOOxQ5w; PHPSESSID=300d7bcac79278d2bea870a798bc59de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:04:48 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BvlabSkjGmTP70WqntPlH6%2BhG0Bq7A2IZaBnzwqFURk34WcRPh%2F0K5Ho0FS70ujnUc7FtPfQG07eaCT6hMoOEa92G%2F7ZTHi%2BClZFotuttOH7NTcyBPZPxRQlxZ%2BAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0c126fdbd56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aadcdn.msauthimages.net/c1c6b6c8-ezcn0fcpgu7hiydkz0ln6exv4ulh7h-anjrdgtfiehu/logintenantbranding/0/illustration?ts=637890781298233202

152.199.21.175

200 OK

202 kB

URL GET HTTP/2
aadcdn.msauthimages.net/c1c6b6c8-ezcn0fcpgu7hiydkz0ln6exv4ulh7h-anjrdgtfiehu/logintenantbranding/0/illustration?ts=637890781298233202
IP
152.199.21.175:443
ASN
#15133 EDGECAST

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606d8904224cPASbeebb091955c06fa68b3eb8afc0bae516606d8904224e
Certificate
IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5
ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2017:06:15 10:34:39], baseline, precision 8, 1920x1080, components 3
Size
202 kB (201615 bytes)
Hash
7741cc9cb94744d013aed54b38cb5150
d97779078fd1142ef2454089b3cf7c8d7bd74801
750c4584e7bc74ea9fd97d2cb2c073aa989dc0cd5172bbdd1f2edab68ef8c2ab

HTTP Headers

GET /c1c6b6c8-ezcn0fcpgu7hiydkz0ln6exv4ulh7h-anjrdgtfiehu/logintenantbranding/0/illustration?ts=637890781298233202 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
content-md5: d0HMnLlHRNATrtVLOMtRUA==
content-type: image/*
date: Fri, 29 Mar 2024 15:04:49 GMT
etag: 0x8DA3E4930D5DF68
last-modified: Wed, 25 May 2022 12:22:09 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a5e7cd26-701e-0000-4cea-812c32000000
x-ms-version: 2009-09-19
content-length: 201615
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (35)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations