Report - ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//TEDKgve8SjCq0NyA4ZmS/TEDKgve8SjCq0NyA4ZmS/c25lbHNvbkBydGktaW5jLmNvbQ==

Report Overview

Submitted URL
ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//TEDKgve8SjCq0NyA4ZmS/TEDKgve8SjCq0NyA4ZmS/c25lbHNvbkBydGktaW5jLmNvbQ==
IP
208.75.122.11
ASN
#40444 ASN-CC
Submitted
2024-03-29 14:02:21
Access
public
Website Title
c4a91d878e25ce6fd846c5ab689bd2326606c9dba5d33
Final URL
luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aadcdn.msauthimages.net	4795	2018-11-12	2019-08-14	2024-03-28	524 B	60 kB	152.199.21.175
ri8hc4gbb.cc.rs6.net	unknown	unknown	No data	No data	755 B	430 B	208.75.122.11
bedfoundation.net	unknown	2022-10-08	2023-01-12	2024-03-26	560 B	385 B	103.191.241.46
luxuway.com	unknown	2023-12-19	2023-12-19	2024-03-28	12 kB	326 kB	172.67.221.192
unpkg.com	11693	2016-01-06	2016-01-08	2024-03-28	814 B	65 kB	104.16.125.175

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (34)

	URL	Size	First Seen	Last Seen
	unknown	37 B	2023-04-11	2024-04-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-04-27 07:37:23 Times Seen231869 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unknown	79 B	2023-04-11	2024-04-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-04-27 07:05:27 Times Seen124582 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	luxuway.com/boot/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876d	51 kB	2023-03-07	2024-04-27
Pretty URL luxuway.com/boot/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876d IP 172.67.221.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-27 07:23:07 Times Seen244908 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	luxuway.com/jq/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb8768	86 kB	2023-03-07	2024-04-27
Pretty URL luxuway.com/jq/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb8768 IP 172.67.221.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 07:35:31 Times Seen384989 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	luxuway.com/jm/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876e	6.4 kB	2023-10-11	2024-04-27
Pretty URL luxuway.com/jm/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876e IP 172.67.221.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-11 19:03:08 Last Seen2024-04-27 04:04:31 Times Seen43800 Hash 82ff6e77e3b8f004b23294185e108264 03c685b50fd4587427495348cd1231882a8c48d0 0e230a53a5d5abd125c2a8e1cdd97b32ddd84a9f7fd07c23bff95413886b05fa Loading...

	luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0	0 B	2023-03-07	2024-04-27
Pretty URL luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0 IP 172.67.221.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 07:37:23 Times Seen37114245 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unpkg.com/axios/dist/axios.min.js	42 kB	2024-03-15	2024-04-27
Pretty URL unpkg.com/axios/dist/axios.min.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 17:36:33 Last Seen2024-04-27 04:04:33 Times Seen10010 Hash 3b5b3d36fde8ffe8ed76b1efbfc65410 d63107d0912fdb387530d5ce2d512c928d73d122 29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ab3460a8d0fad99c2eb7e8ee0be45ab2	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash ab3460a8d0fad99c2eb7e8ee0be45ab2 a4aa9ad27bb77239bd1828de26414bdf7e1b1d58 689857ab57c7a152932c7994d3c7b5fef764b8d3061cfe7682c4253b902b874f Loading...

	#2 Eval - ed737f552213d0aa1fba1c1b662c8b9e	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash ed737f552213d0aa1fba1c1b662c8b9e 9b37e19317316929e05f2a0e9e5c8d1d5e77e649 0ea365132bf7f0111f378fffac0fe3a46b2abfcf1ff617c44324762d14110a2a Loading...

	#3 Eval - 92d430db9467a9c42e6d1149ce1b8c05	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 92d430db9467a9c42e6d1149ce1b8c05 de6f78b3ebbbdd5c69a642eb12c4a3e1bedb0db2 c929d87bf20b10366ca8b9266fd93fe9f8fb987f3f25b98b4dd704e7fa510131 Loading...

	#4 Eval - 6df3a491b2e9f8521f2150a9f580e4ec	1.1 kB	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:10:32 Times Seen3 Hash 6df3a491b2e9f8521f2150a9f580e4ec 1ed0b2f85cc3a5a9a240f28b1727566a14db878e ebdaaf0f883f6fe5ee3bd2b53b3363befe7c967fe5619dc6dc703667f40166fe Loading...

	#5 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-27 07:23:07 Times Seen350203 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#6 Eval - a937a19dfed97a8f1758e4653803bda7	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash a937a19dfed97a8f1758e4653803bda7 ef81cb54a7ae1d43a2925aab969abd10202e1852 f7c1d10a7f593505680e98b0ad05fae55ab91b972c302c57579bc8a4993d5a79 Loading...

	#7 Eval - 190ef4edaf4aba9ce6829ea860b2cb65	61 B	2024-03-22	2024-04-04
Pretty Observations First Seen2024-03-22 10:35:33 Last Seen2024-04-04 15:56:11 Times Seen1815 Hash 190ef4edaf4aba9ce6829ea860b2cb65 84010fdde06dc04427d11aafdf4ba6495e14eff8 0334ef3ce9e77db17376ce3e320fe96b901743f1baa1096cc4066922ac672f8c Loading...

	#8 Eval - 449a99df2e8f9185d958486aa28731a1	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 449a99df2e8f9185d958486aa28731a1 f60ed2d330bb8698d8add16354af1acb79376e99 fa02a6962970bc38e687cf4acd66eb9f99f431c1902dde72eb2a1beb193c2a62 Loading...

	#9 Eval - 76f959fd64dcd197790aaf19c050231f	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 76f959fd64dcd197790aaf19c050231f 7c3ccf5a754a9f6e54f5b355ad9f504f071cc433 e72979b483dabfff66f8beb8d84fbb5a87a7cd1392404033fadaff28889f6b38 Loading...

	#10 Eval - 4139f3c237561b58cc05abfb95cb4c52	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 4139f3c237561b58cc05abfb95cb4c52 a8afb068489924677d5b72ce7f3bc6a66db2a9ef de73261051cb29b41b9267769df69316c0a3de81f32627ddaca92dee453f18e0 Loading...

	#11 Eval - 70369e69e88ec9d1de886f65d6b0bf7c	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 70369e69e88ec9d1de886f65d6b0bf7c 2adce926839f388e0a1eb4421e1f335d0f287c78 81d98a90f8ec68a9df1b5572866492f942b07297c5dbac9c2134b9abd1895ec5 Loading...

	#12 Eval - ebbdfb43eb766ebff29db56ea8486b08	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash ebbdfb43eb766ebff29db56ea8486b08 06d2ba7f47287686e90e2a4e16d58a352a8041ba 1ad75c359ce745dab20d95a9bf445d6cc570720bb1272673898b54f04e5fff00 Loading...

	#13 Eval - 8e395fca5356538bded519d61df2aa6e	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 8e395fca5356538bded519d61df2aa6e 2f0280d9b1fcdb4f0ce69ecbdae88e75a263b0c3 a39373e552e8b91e4efcd56b830f1da62e93cf78ec81e4864ef405050778e809 Loading...

	#14 Eval - eb72369bfd7be7f10b74a05cfadf70ea	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash eb72369bfd7be7f10b74a05cfadf70ea de157b608dfb2f0cde79fc64c02904bc7c6777f5 192f253ec6ee840585b2d559efa1752dffb0bc4e4d7b14f1a7395b05ec5e5679 Loading...

	#15 Eval - f17c38192befb40c8077d07af3b35d3c	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash f17c38192befb40c8077d07af3b35d3c 54bdec16949d2b75931ac1c8c23426e822c515fc cbdb58c023a6725028f26219763d734cc2f3e5cbc578d0c5c2efb0608ff88d90 Loading...

	#16 Eval - 3b13ac20112c6d9246588cb64f5da914	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 3b13ac20112c6d9246588cb64f5da914 96909fc136b23e83d577695d54be7f0b212aa9b8 ad0e19f1e3cb45d01f7b0c1a37518ac3bfde8e5957d9129cc8a2c942443268fc Loading...

	#17 Eval - 13e5a4552955d9bc79c02f8c358f1229	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 13e5a4552955d9bc79c02f8c358f1229 79d8b0df535308629b27f01acf5f496cf1478aad 9da87c7dd9d1f62dc286ffff66bbba9b6d8ef11982696b2af427d73a6fe8c748 Loading...

	#18 Eval - 1d6fa4bcb0dc416434e0d23d55c400a3	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 1d6fa4bcb0dc416434e0d23d55c400a3 84618b9d2f8ea0bfc88bd39c142c6c3f3d572087 bb2554fd92216abf44a84f771b44b33cc19c4bb90d4dddadd02c3abb3583cf53 Loading...

	#19 Eval - 73bd55328e1bbc55b42034ff469ccd9d	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:27 Times Seen1 Hash 73bd55328e1bbc55b42034ff469ccd9d 9e16a72ef08c1d8605a373bf2b65f2d8678d93a4 e07bee2aa280f0c51e200c9dd3dd34f121801122e1c3da9634c3cd13460667f5 Loading...

	#20 Eval - b2d0d42939ad26610117c137d1baa8c0	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:27 Last Seen2024-03-29 15:02:28 Times Seen1 Hash b2d0d42939ad26610117c137d1baa8c0 96956371b3ec7d5bac067b4b160e7a594ec7a7bd 1c29d2ea223e3febee4662e7402c9b0edacf9fc4cdc6be7665e35744bb0d511b Loading...

	#21 Eval - aaa55d9a7231c6494901338525bd99b7	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:28 Last Seen2024-03-29 15:02:28 Times Seen1 Hash aaa55d9a7231c6494901338525bd99b7 eb2737afc244a8a1992b142617fb54b55d149f20 5697cbe03e7e54e4ab48ee8aa2ad728f464eb9fa98c3b4627e95405da1dbf668 Loading...

	#22 Eval - b1f25c82bfb8a58a60b9b6663b651ca8	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:28 Last Seen2024-03-29 15:02:28 Times Seen1 Hash b1f25c82bfb8a58a60b9b6663b651ca8 63cacc9d4b842c2cb74724126d8cee4eed83e65d 5dde6cfc02dea7a84bcd20f0ad23f1a5d2eb0b9b5bb2e935a436fcc0019b0835 Loading...

	#23 Eval - 2d5e4f150fdc1206eaaa7f72b3089d28	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:28 Last Seen2024-03-29 15:02:28 Times Seen1 Hash 2d5e4f150fdc1206eaaa7f72b3089d28 8d04801b020f98a03bb1981ee302cc585ac98102 9217922ff744902670109a237ce4f176dad944aaa4fba8bf33d0c44b915b6578 Loading...

	#24 Eval - 27a723890a575c800e546dd087643b39	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:28 Last Seen2024-03-29 15:02:28 Times Seen1 Hash 27a723890a575c800e546dd087643b39 db2a7206e14304ba8a7f20b267784b9ad7e42804 8c822fde0dd46c4f294d5704e2af91396a0e706ebe3d95b45fd69ea8bcbc4c4d Loading...

	#25 Eval - c55ee6e3125b8c51429b2fc527e3b241	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:28 Last Seen2024-03-29 15:02:28 Times Seen1 Hash c55ee6e3125b8c51429b2fc527e3b241 5cdd47816ea479cc41add0d8969836aa52c5e047 9a8126804d48399dff1275834936cd34296a927e9059c5c0f5b3030cb9b30816 Loading...

	#26 Eval - a131c4c3564c6681ec53ccb66714da87	28 B	2024-03-29	2024-03-29
Pretty Observations First Seen2024-03-29 15:02:28 Last Seen2024-03-29 15:02:28 Times Seen1 Hash a131c4c3564c6681ec53ccb66714da87 2f91336600c3d5bbf3f7da6276e3916f63e3a643 7406aede7516c943f9f4c914ea54976c4c99db78d5299eddbd8d4b68bba99ed8 Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-27 06:41:41 Times Seen44595 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (21)

URL IP Response Size

ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//TEDKgve8SjCq0NyA4ZmS/TEDKgve8SjCq0NyA4ZmS/c25lbHNvbkBydGktaW5jLmNvbQ==

208.75.122.11

302 Found

0 B

URL User Request GET HTTP/1.1
ri8hc4gbb.cc.rs6.net/tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//TEDKgve8SjCq0NyA4ZmS/TEDKgve8SjCq0NyA4ZmS/c25lbHNvbkBydGktaW5jLmNvbQ==
IP
208.75.122.11:443
ASN
#40444 ASN-CC

Certificate
IssuerGlobalSign nv-sa
Subjectrs6.net
Fingerprint8E:9A:B3:CF:52:99:93:DA:8B:D9:17:47:3B:F6:C4:57:8A:37:CE:91
ValidityThu, 15 Feb 2024 02:12:01 GMT - Mon, 17 Jun 2024 21:06:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tn.jsp?f=001594Msdcsdf_78mmJ_r7MvCfZ7eJyiivGT0Jq4oxzc4fcl_GGavSUUq7p2PCi-wkgwQT7nbLxZwCxVz4LdXXKmresIkJw6FS_aUJiFOWeBRLok7D_PfXcCfXMWJdzXBfTdWmyJ_UYkW5-ElqXs57MpbFk0VgoZRgDZ1t4lKP2allvh8kBqDI3Gw==&c=&ch==&__=//TEDKgve8SjCq0NyA4ZmS/TEDKgve8SjCq0NyA4ZmS/c25lbHNvbkBydGktaW5jLmNvbQ== HTTP/1.1
Host: ri8hc4gbb.cc.rs6.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Fri, 29 Mar 2024 14:01:55 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: https://bedfoundation.net/newwayforu/k4843//TEDKgve8SjCq0NyA4ZmS/TEDKgve8SjCq0NyA4ZmS/c25lbHNvbkBydGktaW5jLmNvbQ==
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1

bedfoundation.net/newwayforu/k4843//TEDKgve8SjCq0NyA4ZmS/TEDKgve8SjCq0NyA4ZmS/c25lbHNvbkBydGktaW5jLmNvbQ==

103.191.241.46

200 OK

0 B

URL User Request GET HTTP/2
bedfoundation.net/newwayforu/k4843//TEDKgve8SjCq0NyA4ZmS/TEDKgve8SjCq0NyA4ZmS/c25lbHNvbkBydGktaW5jLmNvbQ==
IP
103.191.241.46:443
ASN
#150142 Wolast Technologies

Certificate
IssuerLet's Encrypt
Subjectbedfoundation.net
Fingerprint26:23:DC:62:CD:33:5A:65:56:BE:2D:66:E7:23:D8:E9:92:0A:A2:0B
ValidityTue, 13 Feb 2024 05:08:24 GMT - Mon, 13 May 2024 05:08:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /newwayforu/k4843//TEDKgve8SjCq0NyA4ZmS/TEDKgve8SjCq0NyA4ZmS/c25lbHNvbkBydGktaW5jLmNvbQ== HTTP/1.1
Host: bedfoundation.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
refresh: 0;url=https://luxuway.com/Msnelson@rti-inc.com
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 29 Mar 2024 14:01:56 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

luxuway.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1125336107:1711717944:-re_nhWr_UbWKOPI-TAAQGxzdb9KAJoNeslOfihBBkY/86c065107d94568d/287f4a4e83e4eb8

172.67.221.192

10 kB

URL
luxuway.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1125336107:1711717944:-re_nhWr_UbWKOPI-TAAQGxzdb9KAJoNeslOfihBBkY/86c065107d94568d/287f4a4e83e4eb8
IP
172.67.221.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3560), with no line terminators
Size
10 kB (10311 bytes)
Hash
f5c452a99c5f9bec4888a3108785cce9
d8784ee2882d4ca4314b286e5a97daca14a967cf
84adefc7a832d41a143c9cd510e6f71c900f2185ec0e5ca6b2ae1b997bdabe09

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1125336107:1711717944:-re_nhWr_UbWKOPI-TAAQGxzdb9KAJoNeslOfihBBkY/86c065107d94568d/287f4a4e83e4eb8 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Msnelson@rti-inc.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 287f4a4e83e4eb8
Content-Length: 3291
Origin: https://luxuway.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_m=;Expires=Thu, 28 Mar 2024 14:02:03 GMT;SameSite=Strict
cf-chl-out: D2bEiiBLZGLqn7fEVG6rytnzU/w15/iZAicigTpwqwGYymrv3r1v9rXpH1GhW3IpdvV9yZipDvx2Nk5AXCeJuQ==$h8M9gDeamaVCaWvD2uCHVA==
cf-chl-out-s: 2N7i6OMzE+f6Vx0lchNdXA2ffyCuGdguzdBx78qX0DSORZ9JrBKge6ZB6c7QfFRm8TVnE6HK3gO0BRU+WjRgTFucYKe4kVEhFsYhIhpmupsyNhjud6IeYjAmnCqAqXfrBGi+ElR0u9ZGJV2onXYdTOdSglP/9TCQs/ykedyfpzAmk83XCEkJruiG8ZWkvQX+Mo/Nq3k2I7+sTp9EaFynTHcE41SskcPBYqw+WSQcho83Lad2iuaTqdL+/gSDUI2/rn4dlGPKs3p3FU84tGnJwZviqaJ+Vf4pDVJuyAhU6ljuKIVH7GOTDg6TpKurTsP72ztCguoVEnss2BoF5saWoh0Z6OJnwbRAj8y1a8UvFdCDnVcpcyfImDsymqmOI13Kon/OjFj2fx+w3RaWn64jXEu4rnX/cXL87rdAg1hyEZ/THIeP+NpOdKx9T/SnWyS7FxwCYkQueXhCAR7sCokoSw==$UHBqaaT++QoPejV1hvlfcA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pf53YQMPrloIjfMgOBax40%2FlG1Qzh622ol7tM3xo3rZmdTd%2BeL3AA093P%2BgLAqOdS6NoVaeS7UqKI%2FOcKzoKc1eGCdk6PzZ3EIs%2BxSZhAcYH5iXMxITQwHVHKJ3WbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06539a8dfb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/axios/dist/axios.min.js

104.16.125.175

302 Found

22 kB

URL GET HTTP/2
unpkg.com/axios/dist/axios.min.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
22 kB (22221 bytes)
Hash
a24d7c80a1a0e65a5789d8ed055e68b0
e3646941215d3a4e589a91ea2cc194854c46d21b
3e75686868171c7497560cf03b959c165b1924cf438388ec9c0b9655396d2bb6

HTTP Headers

GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 29 Mar 2024 14:02:03 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.6.8/dist/axios.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HT57YG3Y1XPJDENP2Y3S22BN-arn
cf-cache-status: HIT
age: 344
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c0653edfbc56c4-OSL
X-Firefox-Spdy: h2

luxuway.com/ASSETS/img/LIMG-6606c9dc9697d.css

172.67.221.192

200 OK

13 kB

URL GET HTTP/3
luxuway.com/ASSETS/img/LIMG-6606c9dc9697d.css
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
PNG image data, 108 x 24, 8-bit colormap, non-interlaced
Size
13 kB (13377 bytes)
Hash
2aa909ebe80289569902ad1180aefd33
7c7ab4a22e8878a6d210a1b7e9e98f2bfa43cb3a
4d797171e5a006bf0515ce375eaa02611b43903f83d7a909f333815fe911110c

HTTP Headers

GET /ASSETS/img/LIMG-6606c9dc9697d.css HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: image/png
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xF5zHURkAmRDu1ITuTiALuw5tOtizbeMyAPTyX5M9spqOWFjixotb6ajQGB0bu3whndcjKn2YFv5bKDHObb%2FoNNT4xYTky4IAh1%2BT1nla9%2BxjR%2FYWuQDKM0lCJMznQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0654349d1b511-OSL
alt-svc: h3=":443"; ma=86400

aadcdn.msauthimages.net/dbd5a2dd-sgzn2gx4yx0xhgbnrqwwmjqrqqdas3faqufhbolbjd4/logintenantbranding/0/illustration?ts=637661162798646554

152.199.21.175

200 OK

59 kB

URL GET HTTP/2
aadcdn.msauthimages.net/dbd5a2dd-sgzn2gx4yx0xhgbnrqwwmjqrqqdas3faqufhbolbjd4/logintenantbranding/0/illustration?ts=637661162798646554
IP
152.199.21.175:443
ASN
#15133 EDGECAST

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerMicrosoft Corporation
Subjectaadcdn.msauthimages.net
Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5
ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x1280, components 3
Size
59 kB (59412 bytes)
Hash
e580e13b1177dfdbf3115400cf8be684
9454ba462b35601fde3063697aed272abd0203d4
867a0ec7527ac14a7f29976199cbe5ba41cd2f9289df92269b9f376e39e086b7

HTTP Headers

GET /dbd5a2dd-sgzn2gx4yx0xhgbnrqwwmjqrqqdas3faqufhbolbjd4/logintenantbranding/0/illustration?ts=637661162798646554 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
content-md5: 5YDhOxF339vzEVQAz4vmhA==
content-type: image/*
date: Fri, 29 Mar 2024 14:02:05 GMT
etag: 0x8D96D72F7ECE6FF
last-modified: Wed, 01 Sep 2021 18:04:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 77d2fd70-801e-0002-40e1-81fd5a000000
x-ms-version: 2009-09-19
content-length: 59412
X-Firefox-Spdy: h2

luxuway.com/jq/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb8768

172.67.221.192

200 OK

42 kB

URL GET HTTP/3
luxuway.com/jq/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb8768
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
42 kB (41587 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /jq/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb8768 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZP%2FYCAgYfFKsHr6R65KzsiaqwTbcnV2CNvA8i052MqybZ6yNbtUv6PUME02J2fg%2FgWUDjyEGhwy%2FPXOxxnvNIf%2Fl3lOvfusyQFCtcK8UxOGIHruLt15GtwX9PbecA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0653ead9ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/Msnelson@rti-inc.com

172.67.221.192

302 Found

5.5 kB

URL User Request POST HTTP/3
luxuway.com/Msnelson@rti-inc.com
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type

Size
5.5 kB (5502 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /Msnelson@rti-inc.com HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Msnelson@rti-inc.com?__cf_chl_tk=nihlElc8S1cd2uxrcRS3LbRX9amNMvUesjeDG5DBKWI-1711720916-0.0.1.1-1599
Content-Type: application/x-www-form-urlencoded
Content-Length: 4966
Origin: https://luxuway.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Fri, 29 Mar 2024 14:02:03 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; path=/; expires=Sat, 29-Mar-25 14:02:03 GMT; domain=.luxuway.com; HttpOnly; Secure; SameSite=None
PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FzFs4iIsUteHwdr29XGvf6QUG5fdpQ%2Fd75s%2FEcDOCMCTrhQ%2FkqLWAB%2BPHa8zzoITIJck03MyhddBiaSpA%2BF5QvjWCrH3k%2FU0pJkzSsVRTpzxT5532bsSPdq%2FyvQRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0653a99b8b511-OSL
alt-svc: h3=":443"; ma=86400

unpkg.com/axios@1.6.8/dist/axios.min.js

104.16.125.175

200 OK

42 kB

URL GET HTTP/2
unpkg.com/axios@1.6.8/dist/axios.min.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (41442)
Size
42 kB (41481 bytes)
Hash
3b5b3d36fde8ffe8ed76b1efbfc65410
d63107d0912fdb387530d5ce2d512c928d73d122
29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304

HTTP Headers

GET /axios@1.6.8/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"a209-1jEH0JEv2zh1MNXOLVEsko1z0SI"
via: 1.1 fly.io
fly-request-id: 01HS1FGRYZKY14C0JK748EAY1W-arn
cf-cache-status: HIT
age: 1200365
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c0653eefd656c4-OSL
content-encoding: br
X-Firefox-Spdy: h2

luxuway.com/o/3ec488e34ee62bee4f94cb4556a30bda6606c9dc4036a

172.67.221.192

200 OK

3.7 kB

URL GET HTTP/3
luxuway.com/o/3ec488e34ee62bee4f94cb4556a30bda6606c9dc4036a
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
SVG Scalable Vector Graphics image
Size
3.7 kB (3651 bytes)
Hash
d633a913e6f3b1f45774b9874dfc85e0
5ba1344048578062c93cfddfdf8458477eaca476
c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714

HTTP Headers

GET /o/3ec488e34ee62bee4f94cb4556a30bda6606c9dc4036a HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7Bp5Z9Gr3XDYigyPdPLQfcsPvFbzk17E52ViAxJoDHvdG%2BYCMlq%2FrBhvbNCv9SUa6dEzSPUNok2QSvbO0qjfEl4bEXu2yvrkMsjOBY%2FHNXV%2F0tK3O5F75fodc5U5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c065413ff1b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/e/3ec488e34ee62bee4f94cb4556a30bda6606c9dc4039f

172.67.221.192

200 OK

513 B

URL GET HTTP/3
luxuway.com/e/3ec488e34ee62bee4f94cb4556a30bda6606c9dc4039f
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
SVG Scalable Vector Graphics image
Size
513 B (513 bytes)
Hash
adc405f5fd089662209870ca5d2106f7
3a8b776df84bf251afc6ddd802cc5bbeddfb0e36
e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49

HTTP Headers

GET /e/3ec488e34ee62bee4f94cb4556a30bda6606c9dc4039f HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FAp5kqDbDTOP%2B9tuTjnM81xNMFRxtaugIYNCyv9oXWaa1fNYHIELadtbmg4QrV8%2F5UXYGNEd1tgDUUckzrx2UPvu3%2FCoHYi8MDnfdmH74ZCk4H3qt27JR93OYVye8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c065413ff2b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/favicon.ico

172.67.221.192

404 Not Found

315 B

URL GET HTTP/3
luxuway.com/favicon.ico
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s562ZzAd8qz0zuXRPU4VFtoo2wc4szelEOX0X684BwR7lDTGvlt6xzDdHTM0j7iPPS9%2B714IyB2nXfPRW1Yqw1%2BnctTCn3TedPP0z6nPH416rq4BHTlOJhCC4dSNtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c065411fe4b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0

172.67.221.192

200 OK

5.5 kB

URL User Request GET HTTP/3
luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, ASCII text, with very long lines (5541), with no line terminators
Size
5.5 kB (5502 bytes)
Hash
aee293544ef0cf4f60d166864c730cc4
463117259f235300628c7154fee4aafe97cc1296
ddeddedbe49c35c785acafc64f3e34064a7a9ffb082923588207f307e5f79b6f

HTTP Headers

GET /beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luxuway.com/Msnelson@rti-inc.com?__cf_chl_tk=nihlElc8S1cd2uxrcRS3LbRX9amNMvUesjeDG5DBKWI-1711720916-0.0.1.1-1599
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:03 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enDkfMjCPwLOnGeM%2BEI9aoIx3I9nI%2BFxH%2BtHHAWdfRmbNl4mADrUMpNvfevTdYmNQzL4v%2FNcO1DNPmXyFVVIrXkkyfF3EgaPlMxZVvTPLux9aKg25%2BjF%2B1imiOvArg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0653d4c7bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/api-as1f?email=snelson@rti-inc.com&data=background

172.67.221.192

200 OK

176 B

URL GET HTTP/3
luxuway.com/api-as1f?email=snelson@rti-inc.com&data=background
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
176 B (176 bytes)
Hash
8628932a35925b46b2f312d4d56ca3ce
456d4ccaba44d61c6beeda724f2ba7bc48e0b92c
93a85508b323e99de784cd204cf2fda98d79f9b29cab7476cabf9b9c6c5e36f0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /api-as1f?email=snelson@rti-inc.com&data=background HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:05 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BWx6nR5n8YYZCyGh2i5n5%2BgYcOP4n0aYsdWBSch6PVHFF0Vf%2BF7aamUPtqlUx6%2FaPh%2B1NLVl6yqvQjxf3CjzRFbKE10POvwnki8jDkz9aytkMxnufLKLCit1yER0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c065414ffeb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/ic/3ec488e34ee62bee4f94cb4556a30bda6606c9dc40199

172.67.221.192

200 OK

17 kB

URL GET HTTP/3
luxuway.com/ic/3ec488e34ee62bee4f94cb4556a30bda6606c9dc40199
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

GET /ic/3ec488e34ee62bee4f94cb4556a30bda6606c9dc40199 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: image/x-icon
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ii0qrg6BDxXp3euTaXVzRWMxglE2v69YbMLKENLO3yPdBriY7P6JLyV59QawF%2BVvg%2Fq3wk9uJ6l4finZ%2F09LtSO7AkiMU%2Br7fhzi9b1SCrUa27HcD3kYyQoX5KKJPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c06544aae6b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/Msnelson@rti-inc.com

172.67.221.192

403 Forbidden

16 kB

URL User Request GET HTTP/2
luxuway.com/Msnelson@rti-inc.com
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
HTML document, ASCII text, with very long lines (16549), with no line terminators
Size
16 kB (16549 bytes)
Hash
d8fd7def5b1c26f713b77ef95c5c9355
a98e6b8106fec26244012b815e0a1a6c7e86586d
a421aacf0195f69f8a79b12bec517a46fbfe9fc06701bfcb13c9c53185b0e833

HTTP Headers

GET /Msnelson@rti-inc.com HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 29 Mar 2024 14:01:56 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 01n4+k3S4nH6+LuOjo9lkQd0WBo/hiDFan21aojNxVHyRM0+XkY65fnARg2ZC+Nlqkpra6SElbB8c83Pv74jtiiUTutRSSpJb+S3LxEBkUk0dKdlupl4/XvLf7CNm0k+yK+Ho+5AZlIhHj//5yiMmA==$GNrh7d9AQ4FBE4/4HYSRjQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tssSXz%2BaLOiDJ%2FkB9rtO0A18U%2FbOFxL9%2FxJ%2FA8yrgLSe6u6dbBUv7XctxZRir0z6ImvRqXUy14mTX6pIzFtXN%2FY83I19g0MsJM0CDaGuy1SA3vbnrpADL4e2Co6Hhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c065107d94568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

luxuway.com/boot/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876d

172.67.221.192

200 OK

51 kB

URL GET HTTP/3
luxuway.com/boot/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876d
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
51 kB (51039 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /boot/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876d HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMsqkzTCL9mkalWxQk%2FFxay7Es%2B9K%2BCjfPfn3ATO1ezgFF8hmRDfcJBHpGsS1MY37VdD381Np8THJGWrUjhAudztrFIJhySO%2Bld8HtvBXOTq%2F5THUtYJoD8bhCLXnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0653ead9db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/2

172.67.221.192

200 OK

37 kB

URL GET HTTP/3
luxuway.com/2
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type

Size
37 kB (36614 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2 HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJ6I8n4rth024LTr3iAD23wiF%2F2TJXnnajE%2FzK4tiiYZle4TQ%2BuAJ%2BUIPsAhKa%2FTWyJw1w%2FQSkBwn7LXF6VR82gMVbGngIN9SZWjajRjjjwLjmAmzLq5qHGP6chglA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c065406f39b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/jm/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876e

172.67.221.192

200 OK

6.4 kB

URL GET HTTP/3
luxuway.com/jm/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876e
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
JavaScript source, ASCII text, with very long lines (6376), with no line terminators
Size
6.4 kB (6357 bytes)
Hash
1e07a363eef4b40ab4a38d5e4371da5c
7351be2a378540a016aec380141927221a45f19b
01ba4de80540981fd34be681b5c1fce8b205e341ac6fa73a61817068ff566510

HTTP Headers

GET /jm/3ec488e34ee62bee4f94cb4556a30bda6606c9dbb876e HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: text/javascript
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vMGcbPitv3%2FTLm7iylCUL2E%2F0itPPDTRSx0X8%2FoVkbyF92tpOV2%2FiIZo%2F4s6LltAwis6jhYOwnSPv7FVxfZGOjkwdy6s5ARFY1imFmZZ16YmL7EzeYAMFNxca9d%2F2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0653eada1b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/api-as1f?email=snelson@rti-inc.com&data=logo

172.67.221.192

200 OK

80 B

URL GET HTTP/3
luxuway.com/api-as1f?email=snelson@rti-inc.com&data=logo
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
80 B (80 bytes)
Hash
68e0c64eabc197118ef74a0fa7982e61
d9dbcd4be16f434bfc43cfbc2ae167196a2f9c9a
decb10b33bb3972eea484d93146f4011397c35c31db34d660597f92215be9ca5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /api-as1f?email=snelson@rti-inc.com&data=logo HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqWpq0WArk%2Fga2dgLmVtq6xQ9GXruw2%2B6ou6N5g9aBX76X3Bp0z1rwaqDxLefq0uIzxQwWwtB2l2VwprsJuh7DWMmBFbmTyMYdKCmfJBPzMO8CVe01Rbiz%2BJYNYcJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c065414ffbb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

luxuway.com/APP-OEKZIC/3ec488e34ee62bee4f94cb4556a30bda6606c9dc4019f

172.67.221.192

200 OK

105 kB

URL GET HTTP/3
luxuway.com/APP-OEKZIC/3ec488e34ee62bee4f94cb4556a30bda6606c9dc4019f
IP
172.67.221.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Certificate
IssuerGoogle Trust Services LLC
Subjectluxuway.com
FingerprintE7:AF:EF:DB:A3:3A:76:34:38:63:D2:53:50:A0:9B:70:EC:0A:07:9E
ValidityTue, 19 Mar 2024 20:01:57 GMT - Mon, 17 Jun 2024 20:01:56 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
105 kB (105369 bytes)
Hash
8e6b0f88563f9c33f78bce65cf287df7
ef7765cd2a7d64ed27dd7344702597aff6f8c397
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a

HTTP Headers

GET /APP-OEKZIC/3ec488e34ee62bee4f94cb4556a30bda6606c9dc4019f HTTP/1.1
Host: luxuway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luxuway.com/beebb091955c06fa68b3eb8afc0bae516606c9dba5eeePASbeebb091955c06fa68b3eb8afc0bae516606c9dba5ef0
Cookie: cf_clearance=o.eW537xY3TRwtAlvYoU5Fdaa4mfdvTIhF6nN0yRbgc-1711720916-1.0.1.1-kEGfRIeBT_fDrS76d_PxR0LeYCk1_OwrlpmZwwZYkGGIZIppkuUNJXwP8GigmjpBClLQa7vD_h.NmBuiPP5izA; PHPSESSID=ac60243d096d73ba4fb9a5e34aa6d854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 14:02:04 GMT
content-type: text/css
last-modified: Thu, 28 Mar 2024 13:53:30 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FQ5Aae0m8fOdrRFerBgY2SZ423VL5Zt9n3qw6OY6lATrJQxPOn5U67%2Fe%2F5Sz2DqByKBXwH%2FawwBMjTE7NKDPFTI4E9uXozzLkNB8ILPqK%2FUv5mdJiPgjzP3eQn%2FRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c065414800b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (34)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations