lunar.icu Open in urlscan Pro
2606:4700:3038::6815:ea7b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lunar.icu/
Submission Tags: phishingrod
Submission: On July 17 via api (July 17th 2024, 3:18:39 am UTC) from DE — Scanned from DE

Summary HTTP 7 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3038::6815:ea7b, located in United States and belongs to CLOUDFLARENET, US. The main domain is lunar.icu.
TLS certificate: Issued by WE1 on July 11th 2024. Valid for: 3 months.

This is the only time lunar.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3038::6815:ea7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.21.234.123 104.21.234.123	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

2 2606:4700:3038::6815:ea7b (United States)

ASN13335 (CLOUDFLARENET, US)

lunar.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.234.123 (None, )

ASN13335 (CLOUDFLARENET, US)

lunar.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	lunar.icu lunar.icu	101 KB
7	1

	Domain	Requested by
7	lunar.icu	lunar.icu
7	1

This site contains links to these domains. Also see Links.

Domain
service.lunar.icu
3y.cx
kontakt.lunar.icu
status.lunoxia.net
lunoxia.net

Subject Issuer	Validity	Valid
lunar.icu WE1	`2024-07-11` - `2024-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lunar.icu/
Frame ID: 8993846AFB757E412DE941435CFCFA2A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Startseite | Lunar.ICU - Datenschutz hat erste Priorität!

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

3
IPs

2
Countries

101 kB
Transfer

160 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://service.lunar.icu/
Title: Service List

Search URL Search Domain Scan URL

URL: https://3y.cx/spenden
Title: Spenden / Donate

Search URL Search Domain Scan URL

URL: https://kontakt.lunar.icu/
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://status.lunoxia.net/
Title: Server Status

Search URL Search Domain Scan URL

URL: https://lunoxia.net/impressum-datenschutz.html
Title: Impressum & Datenschutz

Search URL Search Domain Scan URL

URL: https://service.lunar.icu/LunarPrivacy.pdf
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lunar.icu/ 26 KB
17 KB 127ms
78ms Document
text/html 2606:4700:3038::6815:ea7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lunar.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc48656b07590569853655a6ead89961561d3a25d63bbe9c142e10212746a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
cf-ray: 8a4715e58c3eb92d-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 17 Jul 2024 03:18:35 GMT
link: </data/css/A.style.css.pagespeed.cf.XhyuL0N4mm.css>; rel=preload; as=style; nopush
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfyMIYsHkXR%2FIpADq%2BfKDqViOvl5I%2Fmjw%2BEFZVXFf1lc00c88hzqleYaRJ605q7wrxDajrvu7J0u%2F7nompTsmLwWQltTlq8IUkgOKzBBP%2Bt7cAUXhWZt7IOXMDdSOu5GuCpA7zN4kX8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-page-speed: 1
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 A.style.css.pagespeed.cf.XhyuL0N4mm.css
lunar.icu/data/css/ 3 KB
1 KB 26ms
25ms Stylesheet
text/css 2606:4700:3038::6815:ea7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lunar.icu/data/css/A.style.css.pagespeed.cf.XhyuL0N4mm.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214f54545a532758ff5c98b08a019fd690469f0c10e6d93c220982c882393d1e

Request headers

Referer: https://lunar.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 03:18:35 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 2666
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1565993
alt-svc: h3=":443"; ma=86400
x-page-speed: 1
last-modified: Thu, 25 Apr 2024 03:18:33 GMT
server: cloudflare
etag: W/"0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zM7ROPKmfu%2Fk%2B%2BFuKaRfMzQL9YzJ34EHqk%2Bbcy%2Fmge6Syc%2BZjJ0X4QvABnemAlOCIFRestxF2zCYnxXr9xtM3suyt%2FnpXrCGO%2BRaKzXogZxINoskYEnWOO2P1MJjI6vXiYvV8oPggAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8a4715e60c87b92d-AMS
expires: Fri, 25 Apr 2025 03:18:33 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a8da8e66b2cc3abbf5fd10f752dfeac8106027e14730e9b178d1e7a103eb2c4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df2674ed3e4eeaaee33614672017ea6e8930dc6cda9e9dd21adc8bd632ee6e88

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 1.JiBnMqyl6S.gif
lunar.icu/pagespeed_static/ 53 B
601 B 19ms
19ms Image
image/gif 104.21.234.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lunar.icu/pagespeed_static/1.JiBnMqyl6S.gif

Requested by

Host: lunar.icu
URL: https://lunar.icu/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.123 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lunar.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 03:18:35 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 37347
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 30 Jun 2024 20:08:52 GMT
server: cloudflare
etag: W/"0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PvuMp%2B1%2BsQ26%2F61sR96P%2BT7qS95%2BFvb5Rsv0vcZMkg3kOjH1LJYwUmavg6IAQSJciXi%2F3k4S3iGSVr5Uy%2BrZX4kTZCtT1wEjINmJOMObpAGozMG77USrDl5h4Gw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a4715e63d2637e0-FRA

GET
H3 200 font-1.woff2
lunar.icu/data/fonts/ 22 KB
23 KB 34ms
34ms Font
application/octet-stream 104.21.234.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lunar.icu/data/fonts/font-1.woff2
Requested by: Host: lunar.icu
URL: https://lunar.icu/data/css/A.style.css.pagespeed.cf.XhyuL0N4mm.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671

Request headers

Referer: https://lunar.icu/data/css/A.style.css.pagespeed.cf.XhyuL0N4mm.css
Origin: https://lunar.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 03:18:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 22592
last-modified: Sat, 30 Apr 2022 19:34:38 GMT
server: cloudflare
etag: "626d8f4e-5840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KVnVitDuusrLmOR41inhVNo%2BOh0Y%2B3gu8cEdtOW97QY5a2snvdVvxv8Hf%2Fu%2Fyw5fUrznSXElPULEPW97CctmUvljroru%2Bond3suYJ3sL1hTfjuYD2cQSAudg6MY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 8a4715e63d2d37e0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 font-2.woff2
lunar.icu/data/fonts/ 22 KB
23 KB 35ms
35ms Font
application/octet-stream 104.21.234.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lunar.icu/data/fonts/font-2.woff2
Requested by: Host: lunar.icu
URL: https://lunar.icu/data/css/A.style.css.pagespeed.cf.XhyuL0N4mm.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7

Request headers

Referer: https://lunar.icu/data/css/A.style.css.pagespeed.cf.XhyuL0N4mm.css
Origin: https://lunar.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 03:18:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 22760
last-modified: Sat, 30 Apr 2022 19:34:38 GMT
server: cloudflare
etag: "626d8f4e-58e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfYhm1wthRSDbYUkHSkL5J4vl1R9agH8pF1Ue5VPLD5610unQnckNidr0%2BeBYNH3JA7EUHpgVSLpNpXK5E38qdZaafuHgEt7Glb%2Fi5uLzcR47QbfPmkiaMZFJqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 8a4715e63d2f37e0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 xlogo.png.pagespeed.ic.LJSXemgZqy.webp
lunar.icu/data/img/ 37 KB
37 KB 21ms
20ms Image
image/webp 104.21.234.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lunar.icu/data/img/xlogo.png.pagespeed.ic.LJSXemgZqy.webp
Requested by: Host: lunar.icu
URL: https://lunar.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f1ea5cd645850edf7503be90d4d34fd2f30dda5a79762db1eb08623884eed3d

Request headers

Referer: https://lunar.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 03:18:35 GMT
cf-cache-status: HIT
x-original-content-length: 83444
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8071
alt-svc: h3=":443"; ma=86400
content-length: 37382
x-page-speed: 1
last-modified: Thu, 02 May 2024 16:00:50 GMT
server: cloudflare
etag: W/"0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7uOdlsfN3CHgrXr2cdrukRQSMMI3MzP%2B3bk6CrRUnqEsDYuuZ9Hiz%2FS9IwapVURMnJQKb3%2Fr2xly9x4o68SQnx6wNdHkRlp8%2B3cNQJepziIIfeueYYEAp21xB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a4715e63d2e37e0-FRA
link: <https://lunar.icu/data/img/logo.png>; rel="canonical"
expires: Fri, 02 May 2025 16:00:50 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f8db5c018a5c40bc9a8bfc4034a70548faead901b31581ac69f2a8167f86d4a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 xlogo.png.pagespeed.ic.LJSXemgZqy.webp
lunar.icu/data/img/ 37 KB
0 0ms
0ms Other
image/webp 104.21.234.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lunar.icu/data/img/xlogo.png.pagespeed.ic.LJSXemgZqy.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f1ea5cd645850edf7503be90d4d34fd2f30dda5a79762db1eb08623884eed3d

Request headers

Referer: https://lunar.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 03:18:35 GMT
cf-cache-status: HIT
x-original-content-length: 83444
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8071
alt-svc: h3=":443"; ma=86400
content-length: 37382
x-page-speed: 1
last-modified: Thu, 02 May 2024 16:00:50 GMT
server: cloudflare
etag: W/"0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7uOdlsfN3CHgrXr2cdrukRQSMMI3MzP%2B3bk6CrRUnqEsDYuuZ9Hiz%2FS9IwapVURMnJQKb3%2Fr2xly9x4o68SQnx6wNdHkRlp8%2B3cNQJepziIIfeueYYEAp21xB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a4715e63d2e37e0-FRA
link: <https://lunar.icu/data/img/logo.png>; rel="canonical"
expires: Fri, 02 May 2025 16:00:50 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pagespeed

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lunar.icu
104.21.234.123
2606:4700:3038::6815:ea7b
1a8da8e66b2cc3abbf5fd10f752dfeac8106027e14730e9b178d1e7a103eb2c4
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
214f54545a532758ff5c98b08a019fd690469f0c10e6d93c220982c882393d1e
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
8f8db5c018a5c40bc9a8bfc4034a70548faead901b31581ac69f2a8167f86d4a
9f1ea5cd645850edf7503be90d4d34fd2f30dda5a79762db1eb08623884eed3d
cdc48656b07590569853655a6ead89961561d3a25d63bbe9c142e10212746a20
df2674ed3e4eeaaee33614672017ea6e8930dc6cda9e9dd21adc8bd632ee6e88
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671

lunar.icu Open in urlscan Pro 2606:4700:3038::6815:ea7b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

50 %IPv6

1 Domains

1 Subdomains

3 IPs

2 Countries

101 kBTransfer

160 kBSize

0 Cookies

6 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

lunar.icu Open in urlscan Pro
2606:4700:3038::6815:ea7b Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

3
IPs

2
Countries

101 kB
Transfer

160 kB
Size

0
Cookies

7 HTTP transactions
3 data transactions