www.lunarmadness.fr Open in urlscan Pro
141.95.147.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mail.lunarmadness.fr/
Effective URL:
https://www.lunarmadness.fr/
Submission Tags: phishingrod
Submission: On May 29 via api (May 29th 2023, 10:47:30 pm UTC) from DE — Scanned from FR

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 141.95.147.190, located in France and belongs to OVH, FR. The main domain is www.lunarmadness.fr.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 14th 2023. Valid for: 3 months.

This is the only time www.lunarmadness.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	141.95.147.190 141.95.147.190	16276 (OVH) (OVH)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
7	3

5 141.95.147.190 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: serveur.fra13.ex2.cloud

mail.lunarmadness.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lunarmadness.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	lunarmadness.fr 1 redirects mail.lunarmadness.fr www.lunarmadness.fr	70 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2626	8 KB
7	2

	Domain	Requested by
4	www.lunarmadness.fr	www.lunarmadness.fr
2	stats.wp.com	www.lunarmadness.fr
1	mail.lunarmadness.fr	1 redirects
7	3

This site contains no links.

Subject Issuer	Validity	Valid
lunarmadness.fr cPanel, Inc. Certification Authority	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh

This page contains 1 frames:

Frame: https://www.lunarmadness.fr/
Frame ID: 8FBED623B70AE5E829A52577CE103370
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mail.lunarmadness.fr/ HTTP 301
https://www.lunarmadness.fr/ Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

85 kB
Transfer

234 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.lunarmadness.fr/ HTTP 301
https://www.lunarmadness.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.lunarmadness.fr/ Redirect Chain https://mail.lunarmadness.fr/ https://www.lunarmadness.fr/	109 KB 24 KB	49ms 34ms	Document text/html	141.95.147.190 OVH
General Check archive.org Show headers Download Go to Full URL https://www.lunarmadness.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.147.190 , France, ASN16276 (OVH, FR), Reverse DNS serveur.fra13.ex2.cloud Software LiteSpeed / Resource Hash `5847c20e6ed6279b228be827ea75fd54f2376e99ad2bdddf3ff86648ab152231` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Mon, 29 May 2023 22:47:17 GMT etag "43-1685215446;br" link <https://www.lunarmadness.fr/wp-json/>; rel="https://api.w.org/" <https://www.lunarmadness.fr/wp-json/wp/v2/pages/231>; rel="alternate"; type="application/json" <https://wp.me/P8ga62-3J>; rel=shortlink p3p CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM" server LiteSpeed vary Accept-Encoding,User-Agent x-dns-prefetch-control on x-litespeed-cache hit Redirect headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding gzip content-length 20 content-type text/html; charset=UTF-8 date Mon, 29 May 2023 22:47:17 GMT location https://www.lunarmadness.fr/ p3p CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM" server LiteSpeed vary Accept-Encoding,User-Agent x-dns-prefetch-control on x-litespeed-cache miss x-redirect-by WordPress
GET H2	200	35a21f3986680707f74c09773ab403ba.css www.lunarmadness.fr/wp-content/litespeed/ucss/	82 KB 32 KB	20ms 19ms	Stylesheet text/css	141.95.147.190 OVH
General Check archive.org Show headers Download Go to Full URL https://www.lunarmadness.fr/wp-content/litespeed/ucss/35a21f3986680707f74c09773ab403ba.css?ver=8982f Requested by Host: www.lunarmadness.fr URL: https://www.lunarmadness.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.147.190 , France, ASN16276 (OVH, FR), Reverse DNS serveur.fra13.ex2.cloud Software LiteSpeed / Resource Hash `23106f201af45d19b48a0159c74f2f5a861d5e6a7a4484cee20b41c22fa5b562` Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.lunarmadness.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 22:47:17 GMT content-encoding br last-modified Sun, 05 Sep 2021 14:52:12 GMT server LiteSpeed vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 33012 expires Mon, 05 Jun 2023 22:47:17 GMT
GET H2	200	s-202321.js Show response stats.wp.com/	9 KB 4 KB	66ms 19ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/s-202321.js Requested by Host: www.lunarmadness.fr URL: https://www.lunarmadness.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash `7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1` Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.lunarmadness.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-nc HIT cdg date Mon, 29 May 2023 22:47:17 GMT content-encoding br last-modified Fri, 19 May 2023 01:47:28 GMT server nginx etag W/"6466d530-2494" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Mon, 20 May 2024 22:17:55 GMT
GET H2	200	e-202321.js Show response stats.wp.com/	13 KB 4 KB	26ms 19ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202321.js Requested by Host: www.lunarmadness.fr URL: https://www.lunarmadness.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash `ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543` Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.lunarmadness.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-nc HIT cdg date Mon, 29 May 2023 22:47:17 GMT content-encoding br last-modified Fri, 19 May 2023 01:47:28 GMT server nginx etag W/"6466d530-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Sun, 19 May 2024 22:07:19 GMT
GET DATA	200 OK	truncated /	167 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4047fc5f089a1439aa1ad8a9e72ae593c4e3745037c5265cf1abf0f06f8c622f` Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	167 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `627e06c8c31eb004407fb7548a4c53dbd0c2ecddfdc14d671926ddc6d187bb12` Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	165 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c964bd5912b4202830c312fb841eb7a26bd14476e172c43042329921e037b6f3` Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	165 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `96f5d4b63628fb196bd9b8b9941cf7007b20172b6469fa896fd22a63a22272ce` Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	165 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `89af738f2bb2ecba04ddd7a5ce76bba79b3a5f0a7ff0f9164e756949b34f8f5d` Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	167 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `71f65893b677d05e154914cc80b00092780e4db9f8a78f459126d33f945dfd5e` Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	guest.vary.php Show response www.lunarmadness.fr/wp-content/plugins/litespeed-cache/	16 B 192 B	53ms 53ms	Fetch text/html	141.95.147.190 OVH
General Check archive.org Show headers Download Go to Full URL https://www.lunarmadness.fr/wp-content/plugins/litespeed-cache/guest.vary.php Requested by Host: www.lunarmadness.fr URL: https://www.lunarmadness.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.147.190 , France, ASN16276 (OVH, FR), Reverse DNS serveur.fra13.ex2.cloud Software LiteSpeed / Resource Hash `76fb65f605df2b2d124684c3c4ec3e0c75fdf013b2727af6cdb68b73b5c8a9bb` Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.lunarmadness.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-litespeed-cache-control no-cache content-encoding gzip date Mon, 29 May 2023 22:47:17 GMT server LiteSpeed vary Accept-Encoding,User-Agent content-type text/html; charset=UTF-8
GET DATA	200 OK	truncated /	7 KB 7 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c` Request headers Referer Origin https://www.lunarmadness.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	cropped-LunarMadness_logo_white.png www.lunarmadness.fr/wp-content/uploads/2021/09/	13 KB 13 KB	21ms 21ms	Image image/png	141.95.147.190 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.lunarmadness.fr/wp-content/uploads/2021/09/cropped-LunarMadness_logo_white.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.147.190 , France, ASN16276 (OVH, FR), Reverse DNS serveur.fra13.ex2.cloud Software LiteSpeed / Resource Hash `cf0d94d7ce87e2ff0e5efb2e02a99d8c6cbe4ed69a5b50d8d2f6d3f4731b2744` Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.lunarmadness.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 22:47:17 GMT last-modified Sun, 05 Sep 2021 11:11:56 GMT server LiteSpeed vary User-Agent content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 12951 expires Mon, 05 Jun 2023 22:47:17 GMT
GET		/ www.lunarmadness.fr/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.lunarmadness.fr
URL: https://www.lunarmadness.fr/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lunarmadness.fr/	1970-01-20 21:46:00	Name: tk_or Value: %22%22
.lunarmadness.fr/	1970-01-20 12:14:19	Name: tk_r3d Value: %22%22
.lunarmadness.fr/	1970-01-20 20:55:36	Name: tk_lr Value: %22%22
www.lunarmadness.fr/	1970-01-20 12:12:53	Name: _lscache_vary Value: 8f124518f0d5454c32d19add430f525e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mail.lunarmadness.fr
stats.wp.com
www.lunarmadness.fr
www.lunarmadness.fr
141.95.147.190
192.0.76.3
23106f201af45d19b48a0159c74f2f5a861d5e6a7a4484cee20b41c22fa5b562
4047fc5f089a1439aa1ad8a9e72ae593c4e3745037c5265cf1abf0f06f8c622f
5847c20e6ed6279b228be827ea75fd54f2376e99ad2bdddf3ff86648ab152231
627e06c8c31eb004407fb7548a4c53dbd0c2ecddfdc14d671926ddc6d187bb12
71f65893b677d05e154914cc80b00092780e4db9f8a78f459126d33f945dfd5e
76fb65f605df2b2d124684c3c4ec3e0c75fdf013b2727af6cdb68b73b5c8a9bb
7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1
89af738f2bb2ecba04ddd7a5ce76bba79b3a5f0a7ff0f9164e756949b34f8f5d
96f5d4b63628fb196bd9b8b9941cf7007b20172b6469fa896fd22a63a22272ce
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
c964bd5912b4202830c312fb841eb7a26bd14476e172c43042329921e037b6f3
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cf0d94d7ce87e2ff0e5efb2e02a99d8c6cbe4ed69a5b50d8d2f6d3f4731b2744

www.lunarmadness.fr Open in urlscan Pro 141.95.147.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

85 kBTransfer

234 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

Indicators

www.lunarmadness.fr Open in urlscan Pro
141.95.147.190 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

85 kB
Transfer

234 kB
Size

4
Cookies

7 HTTP transactions
7 data transactions