lunar.luninging.top Open in urlscan Pro
82.180.152.239 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lunar.luninging.top/
Effective URL:
https://lunar.luninging.top/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On March 05 via api (March 5th 2024, 3:07:19 pm UTC) from DE — Scanned from SG

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 82.180.152.239, located in Singapore, Singapore and belongs to AS-HOSTINGER, CY. The main domain is lunar.luninging.top.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 5th 2024. Valid for: 3 months.

This is the only time lunar.luninging.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 10	82.180.152.239 82.180.152.239	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	172.67.69.226 172.67.69.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.186.192 34.117.186.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	4

10 82.180.152.239 (Singapore, Singapore) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

lunar.luninging.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.69.226 (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.186.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	luninging.top 1 redirects lunar.luninging.top	152 KB
2	ipapi.co ipapi.co — Cisco Umbrella Rank: 16149	350 B
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 7772	652 B
0	nanisalys.top Failed napasti.nanisalys.top Failed
13	4

	Domain	Requested by
10	lunar.luninging.top	1 redirects lunar.luninging.top
2	ipapi.co	lunar.luninging.top
1	ipinfo.io	lunar.luninging.top
0	napasti.nanisalys.top Failed	lunar.luninging.top
13	4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
lunar.luninging.top ZeroSSL RSA Domain Secure Site CA	`2024-03-05` - `2024-06-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
ipinfo.io R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lunar.luninging.top/
Frame ID: DF001C583137CBD3338B0DD3BA06850A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meta

Page URL History Show full URLs

http://lunar.luninging.top/ HTTP 301
https://lunar.luninging.top/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

153 kB
Transfer

443 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/privacy/explanation/
Title: Meta Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lunar.luninging.top/ HTTP 301
https://lunar.luninging.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lunar.luninging.top/
Redirect Chain

http://lunar.luninging.top/
https://lunar.luninging.top/

61 KB
12 KB

563ms
92ms

Document
text/html

82.180.152.239
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://lunar.luninging.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

82.180.152.239 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.2.15

Resource Hash

49f22ddff2def2c5e90fdc5edb7f6158192ef0f223f1df9d2507bedf5bcd39df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 12200
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 15:07:13 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.2.15

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 795
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Tue, 05 Mar 2024 15:07:13 GMT
location: https://lunar.luninging.top/
platform: hostinger
server: LiteSpeed

GET
H2 200 bootstrap.min.css
lunar.luninging.top/Meta_files/ 152 KB
20 KB 143ms
142ms Stylesheet
text/css 82.180.152.239
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://lunar.luninging.top/Meta_files/bootstrap.min.css

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

82.180.152.239 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://lunar.luninging.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:07:13 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 05 Mar 2024 15:04:47 GMT
server: LiteSpeed
etag: "2606e-65e7348f-602559c96165c500;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 20422
expires: Tue, 12 Mar 2024 15:07:13 GMT

GET
H2 200 jquery-3.6.0.min.js.download Show response
lunar.luninging.top/Meta_files/ 87 KB
29 KB 124ms
124ms Script
text/plain 82.180.152.239
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://lunar.luninging.top/Meta_files/jquery-3.6.0.min.js.download

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

82.180.152.239 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://lunar.luninging.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:07:13 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 05 Mar 2024 15:04:47 GMT
server: LiteSpeed
etag: "15d9d-65e7348f-1655d40543122f86;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 30021

GET
H2 200 app.css
lunar.luninging.top/Meta_files/ 10 KB
2 KB 71ms
71ms Stylesheet
text/css 82.180.152.239
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://lunar.luninging.top/Meta_files/app.css

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

82.180.152.239 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b5f049cd8c198126f1bbbf9152357d27c5cac5f498665fcac784540ff42edab1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://lunar.luninging.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:07:13 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 05 Mar 2024 15:04:47 GMT
server: LiteSpeed
etag: "2957-65e7348f-6fa25ba9846d5ba9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2287
expires: Tue, 12 Mar 2024 15:07:13 GMT

GET
H2 200 ZUXA21k.png
lunar.luninging.top/Meta_files/ 5 KB
5 KB 112ms
110ms Image
image/png 82.180.152.239
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lunar.luninging.top/Meta_files/ZUXA21k.png

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

82.180.152.239 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://lunar.luninging.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:07:14 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 05 Mar 2024 15:04:47 GMT
server: LiteSpeed
etag: "1407-65e7348f-5f041e754d18db70;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5127
expires: Tue, 12 Mar 2024 15:07:14 GMT

GET
H2 200 email-icon-circle-28.jpg
lunar.luninging.top/Meta_files/ 63 KB
63 KB 112ms
110ms Image
image/jpeg 82.180.152.239
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lunar.luninging.top/Meta_files/email-icon-circle-28.jpg

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

82.180.152.239 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

726be1e116ab2ab6670d94751d0568c157a75f4e625989793fa8e9b77800caa0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://lunar.luninging.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:07:14 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 05 Mar 2024 15:04:47 GMT
server: LiteSpeed
etag: "fa05-65e7348f-a13fcbb52e81fde4;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 64005
expires: Tue, 12 Mar 2024 15:07:14 GMT

GET
H2 200 newlogo1.png
lunar.luninging.top/Meta_files/ 5 KB
5 KB 112ms
111ms Image
image/png 82.180.152.239
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lunar.luninging.top/Meta_files/newlogo1.png

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

82.180.152.239 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

096988abc603ffc3519d70d6dcb0475bb60b72f2e490c804f03fbf111074deab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://lunar.luninging.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:07:14 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 05 Mar 2024 15:04:47 GMT
server: LiteSpeed
etag: "1225-65e7348f-83f7dbe1a64d48cc;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4645
expires: Tue, 12 Mar 2024 15:07:14 GMT

GET
H2 200 jquery.cookie.js.download Show response
lunar.luninging.top/Meta_files/ 3 KB
1 KB 109ms
109ms Script
text/plain 82.180.152.239
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://lunar.luninging.top/Meta_files/jquery.cookie.js.download

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

82.180.152.239 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://lunar.luninging.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:07:14 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 05 Mar 2024 15:04:47 GMT
server: LiteSpeed
etag: "c31-65e7348f-619be0edd4db7a3f;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 1213

GET
H2 200 bootstrap.min.js.download Show response
lunar.luninging.top/Meta_files/ 57 KB
14 KB 188ms
187ms Script
text/plain 82.180.152.239
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://lunar.luninging.top/Meta_files/bootstrap.min.js.download

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

82.180.152.239 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://lunar.luninging.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:07:14 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 05 Mar 2024 15:04:47 GMT
server: LiteSpeed
etag: "e2d8-65e7348f-f41dd86b7794758e;br"
vary: Accept-Encoding
content-type: text/plain
accept-ranges: bytes
platform: hostinger
content-length: 14557

OPTIONS
H2 200 ip
ipapi.co/ 0
0 793ms
329ms Preflight
text/html 172.67.69.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/ip

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://lunar.luninging.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://lunar.luninging.top
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 85fb03b9eacf4727-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 15:07:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSNL5GPRM1V87NJXIhLr8AprXre59rys%2BMnZSCiPU9ZMXBtyJB9%2Ba6a%2BMoDYEsDHt8LF50jGXb9OPqYysys0VXf9VB6SnTvGjFBVIhhtOlU11jnh7RZNOflg"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: origin
x-content-type-options: nosniff

GET
H2 200 ip Show response
ipapi.co/ 14 B
350 B 337ms
337ms XHR
text/plain 172.67.69.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/ip

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/Meta_files/jquery-3.6.0.min.js.download

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87814feccd21131c075579850d2fc12943095f68ed42dc239f26734b040e7c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://lunar.luninging.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 15:07:15 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, origin
allow: GET, OPTIONS, HEAD, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://lunar.luninging.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3vrPLER05WgeCNzsMKl4tc6KoBVEs1cJbwACyUgi%2Fu673keKJzywqlyXU36C9MXCEmVuQq0D9K22LRnphLmLqffYf3uHq6W9OtcT%2BhmGBUp0zsy%2BaCc0nmC"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 85fb03bbfdeb4727-SIN
content-length: 14

POST modun_post.php
napasti.nanisalys.top/ 0
0

GET
H2 200 json Show response
ipinfo.io// 349 B
652 B 465ms
286ms XHR
application/json 34.117.186.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io//json?

Requested by

Host: lunar.luninging.top
URL: https://lunar.luninging.top/Meta_files/jquery-3.6.0.min.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.186.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.186.117.34.bc.googleusercontent.com

Software

nginx/1.24.0 /

Resource Hash

63871e63bb4f38a06c4006dcc14a3afc2b972c29d50f02201eb0525e21d7b84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://lunar.luninging.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:07:14 GMT
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
strict-transport-security: max-age=2592000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: napasti.nanisalys.top
URL: https://napasti.nanisalys.top/modun_post.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://lunar.luninging.top/ Message: Access to XMLHttpRequest at 'https://napasti.nanisalys.top/modun_post.php' from origin 'https://lunar.luninging.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://napasti.nanisalys.top/modun_post.php Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ipapi.co
ipinfo.io
lunar.luninging.top
napasti.nanisalys.top
napasti.nanisalys.top
172.67.69.226
34.117.186.192
82.180.152.239
096988abc603ffc3519d70d6dcb0475bb60b72f2e490c804f03fbf111074deab
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
49f22ddff2def2c5e90fdc5edb7f6158192ef0f223f1df9d2507bedf5bcd39df
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
63871e63bb4f38a06c4006dcc14a3afc2b972c29d50f02201eb0525e21d7b84b
726be1e116ab2ab6670d94751d0568c157a75f4e625989793fa8e9b77800caa0
87814feccd21131c075579850d2fc12943095f68ed42dc239f26734b040e7c47
b5f049cd8c198126f1bbbf9152357d27c5cac5f498665fcac784540ff42edab1
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

lunar.luninging.top Open in urlscan Pro 82.180.152.239 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

153 kBTransfer

443 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

lunar.luninging.top Open in urlscan Pro
82.180.152.239 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

153 kB
Transfer

443 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!