Submitted URL: http://moonraft.com/
Effective URL: https://moonraft.com/
Submission: On November 19 via manual from IN — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 2a05:d014:58f:6202::65, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is moonraft.com.
TLS certificate: Issued by E6 on September 28th 2024. Valid for: 3 months.
This is the only time moonraft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a05:d014:58f... 16509 (AMAZON-02)
2 2600:9000:235... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
3 93.184.223.240 15133 (EDGECAST)
8 5
Apex Domain
Subdomains
Transfer
3 ust.com
www.ust.com
7 KB
2 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3811
678 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
30 KB
1 moonraft.com
moonraft.com
3 KB
0 hs-scripts.com Failed
js.hs-scripts.com Failed
8 5
Domain Requested by
3 www.ust.com moonraft.com
2 images.ctfassets.net moonraft.com
1 code.jquery.com moonraft.com
1 moonraft.com
0 js.hs-scripts.com Failed moonraft.com
8 5

This site contains links to these domains. Also see Links.

Domain
www.ust.com
Subject Issuer Validity Valid
*.moonraft.com
E6
2024-09-28 -
2024-12-27
3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M02
2024-11-18 -
2025-12-16
a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
ust.com
Sectigo RSA Domain Validation Secure Server CA
2023-11-08 -
2024-12-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://moonraft.com/
Frame ID: 449A5BA6CE424CCD35C019AA98461DA8
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

UST Evolve

Page URL History Show full URLs

  1. http://moonraft.com/ HTTP 307
    https://moonraft.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

88 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

718 kB
Transfer

791 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://moonraft.com/ HTTP 307
    https://moonraft.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
moonraft.com/
Redirect Chain
  • http://moonraft.com/
  • https://moonraft.com/
6 KB
3 KB
Document
General
Full URL
https://moonraft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
ad2fc43af579c7ea2a580ebb64c7b10872b676b6fa1eed6ce457f10deb672d0e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
x-requested-with, X-Accept-Charset,X-Accept,Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-methods
POST, GET, OPTIONS, HEAD
access-control-allow-origin
*
age
0
cache-control
public,max-age=1296000
cache-status
"Netlify Edge"; fwd=miss
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Tue, 19 Nov 2024 05:34:21 GMT
etag
"dbce8705e6d20669796f438f8d63327c-ssl-df"
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
referrer-policy
same-origin
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-nf-request-id
01JD1EM9BZTJPWSYACTY7T5D7C
x-xss-protection
1; mode=block

Redirect headers

Location
https://moonraft.com/
Non-Authoritative-Reason
HttpsUpgrades
hs.jpg
images.ctfassets.net/d0t1b8j9k0xb/5ryqqqc9G3yxPkCjH8on0f/fb7fe12f7e41ed0ca1b051f5188255fa/
675 KB
676 KB
Image
General
Full URL
https://images.ctfassets.net/d0t1b8j9k0xb/5ryqqqc9G3yxPkCjH8on0f/fb7fe12f7e41ed0ca1b051f5188255fa/hs.jpg?fm=webp&q=50
Requested by
Host: moonraft.com
URL: https://moonraft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a4cf045ff62757428f6bee01595df24fb72d9c3d7331c632f35d7c189508fe1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=31536000
etag
"0450d2668e186e43cf56bdc905a42a18"
age
12616
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
691072
x-amz-cf-id
fWzvfZwo4Qx_MwhxY19Hb_hdH7K68cDqG-jy8cxY-dxuZyxAGxlw9A==
date
Tue, 19 Nov 2024 02:04:05 GMT
content-type
image/webp
last-modified
Wed, 23 Oct 2024 11:45:52 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
vary
Accept-Encoding
jquery-3.7.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: moonraft.com
URL: https://moonraft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://moonraft.com
Referer

Response headers

content-encoding
gzip
etag
W/"28feccc0-155ed"
age
4137505
x-cache
HIT, HIT
date
Tue, 19 Nov 2024 05:34:21 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
332074, 381725
x-served-by
cache-lga21978-LGA, cache-mxp6925-MXP
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1731994462.852067,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30336
server
nginx
mr_footer_new.svg
images.ctfassets.net/d0t1b8j9k0xb/4ZbemILrWYQj4KmbmiSZrT/b47cb27b66d52100702f0f54521980b5/
5 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/d0t1b8j9k0xb/4ZbemILrWYQj4KmbmiSZrT/b47cb27b66d52100702f0f54521980b5/mr_footer_new.svg
Requested by
Host: moonraft.com
URL: https://moonraft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
f0d95512fd5f9b2e7f555b7e109a744138a5e6cdac67835b4d79f6b38e8aa806

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"78a84abcb9e4eef39639cf8b415447c5"
via
1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
7VtZQRiMJk5bGeJuTYK-Javk_zlPZwCYh2i51IY-Xg9dG4weCFjFNg==
date
Tue, 19 Nov 2024 05:34:22 GMT
content-type
image/svg+xml
last-modified
Wed, 11 Aug 2021 04:39:18 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
vary
Accept-Encoding
ust-white-logo.svg
www.ust.com/content/dam/ust/images/logos/
1 KB
2 KB
Image
General
Full URL
https://www.ust.com/content/dam/ust/images/logos/ust-white-logo.svg
Requested by
Host: moonraft.com
URL: https://moonraft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.223.240 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/66A2) /
Resource Hash
9b0a2292825c27066f2337ade8363615af521c09dde91ead80f72f918de508ac
Security Headers
Name Value
Content-Security-Policy frame-src https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com https://www.youtube-nocookie.com https://www.google.com https://www.facebook.com https://forms.hsforms.com https://www.youtube.com https://ustglobalinc.jifflenow.com https://js.hsforms.net https://view.ceros.com https://player.vimeo.com https://download-video.akamaized.net https://app.hubspot.com https://vars.hotjar.com https://ustglobal.demdex.net https://app.hubspot.com https://13505543.fls.doubleclick.net https://s.company-target.com https://td.doubleclick.net https://form.typeform.com https://resources.digital-cloud-west.medallia.com; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-vhost
publish
etag
"498-621e793607c80-gzip"
age
63497
x-content-type-options
nosniff
x-cache
HIT
date
Tue, 19 Nov 2024 05:34:22 GMT
content-disposition
attachment; filename="ust-white-logo.svg"
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Thu, 12 Sep 2024 08:05:54 GMT
x-frame-options
ALLOW-FROM https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com
strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
frame-src https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com https://www.youtube-nocookie.com https://www.google.com https://www.facebook.com https://forms.hsforms.com https://www.youtube.com https://ustglobalinc.jifflenow.com https://js.hsforms.net https://view.ceros.com https://player.vimeo.com https://download-video.akamaized.net https://app.hubspot.com https://vars.hotjar.com https://ustglobal.demdex.net https://app.hubspot.com https://13505543.fls.doubleclick.net https://s.company-target.com https://td.doubleclick.net https://form.typeform.com https://resources.digital-cloud-west.medallia.com; frame-ancestors 'self'
cache-control
max-age=31536000, public,s-maxage=31536000
x-dispatcher
dispatcher1eastus2-28575182
x-ex-rules
5.96
accept-ranges
bytes
access-control-allow-origin
https://ust.com
content-length
637
x-xss-protection
1; mode=block
server
ECAcc (frb/66A2)
Footer-Logo.png
www.ust.com/content/dam/ust/images/logos/
3 KB
3 KB
Image
General
Full URL
https://www.ust.com/content/dam/ust/images/logos/Footer-Logo.png
Requested by
Host: moonraft.com
URL: https://moonraft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.223.240 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6721) /
Resource Hash
f1f65f64fac98c999e0f40213048a7d1997c3ceb15784f7d533446a08d6062ae
Security Headers
Name Value
Content-Security-Policy frame-src https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com https://www.youtube-nocookie.com https://www.google.com https://www.facebook.com https://forms.hsforms.com https://www.youtube.com https://ustglobalinc.jifflenow.com https://js.hsforms.net https://view.ceros.com https://player.vimeo.com https://download-video.akamaized.net https://app.hubspot.com https://vars.hotjar.com https://ustglobal.demdex.net https://app.hubspot.com https://13505543.fls.doubleclick.net https://s.company-target.com https://td.doubleclick.net https://form.typeform.com https://resources.digital-cloud-west.medallia.com; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-vhost
publish
etag
"d36-5d8479d4e8640"
age
58916
x-content-type-options
nosniff
x-cache
HIT
date
Tue, 19 Nov 2024 05:34:22 GMT
content-disposition
inline
content-type
image/png
last-modified
Fri, 18 Feb 2022 09:36:17 GMT
x-frame-options
ALLOW-FROM https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com
strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
frame-src https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com https://www.youtube-nocookie.com https://www.google.com https://www.facebook.com https://forms.hsforms.com https://www.youtube.com https://ustglobalinc.jifflenow.com https://js.hsforms.net https://view.ceros.com https://player.vimeo.com https://download-video.akamaized.net https://app.hubspot.com https://vars.hotjar.com https://ustglobal.demdex.net https://app.hubspot.com https://13505543.fls.doubleclick.net https://s.company-target.com https://td.doubleclick.net https://form.typeform.com https://resources.digital-cloud-west.medallia.com; frame-ancestors 'self'
cache-control
max-age=31536000, public,s-maxage=31536000
x-dispatcher
dispatcher2eastus2-28593843
x-ex-rules
5.96
accept-ranges
bytes
access-control-allow-origin
https://ust.com
content-length
3382
x-xss-protection
1; mode=block
server
ECAcc (frb/6721)
3451723.js
js.hs-scripts.com/
0
0

favicon.ico
www.ust.com/etc.clientlibs/global/clientlibs/clientlib-base/resources/images/
15 KB
2 KB
Other
General
Full URL
https://www.ust.com/etc.clientlibs/global/clientlibs/clientlib-base/resources/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.223.240 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67BB) /
Resource Hash
000328297b75266bf1d520db9571769253dcb080fb03a7b67191db1725e19565
Security Headers
Name Value
Content-Security-Policy frame-src https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com https://www.youtube-nocookie.com https://www.google.com https://www.facebook.com https://forms.hsforms.com https://www.youtube.com https://ustglobalinc.jifflenow.com https://js.hsforms.net https://view.ceros.com https://player.vimeo.com https://download-video.akamaized.net https://app.hubspot.com https://vars.hotjar.com https://ustglobal.demdex.net https://app.hubspot.com https://13505543.fls.doubleclick.net https://s.company-target.com https://td.doubleclick.net https://form.typeform.com https://resources.digital-cloud-west.medallia.com; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-vhost
publish
etag
"3c2e-5d4f887455880-gzip"
age
63495
x-content-type-options
nosniff
x-cache
HIT
date
Tue, 19 Nov 2024 05:34:22 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 07 Jan 2022 06:59:30 GMT
vary
Accept-Encoding
x-frame-options
ALLOW-FROM https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com
strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
frame-src https://privacyassure.force.com https://sbx-privacyassure.cs219.force.com https://www.youtube-nocookie.com https://www.google.com https://www.facebook.com https://forms.hsforms.com https://www.youtube.com https://ustglobalinc.jifflenow.com https://js.hsforms.net https://view.ceros.com https://player.vimeo.com https://download-video.akamaized.net https://app.hubspot.com https://vars.hotjar.com https://ustglobal.demdex.net https://app.hubspot.com https://13505543.fls.doubleclick.net https://s.company-target.com https://td.doubleclick.net https://form.typeform.com https://resources.digital-cloud-west.medallia.com; frame-ancestors 'self'
cache-control
max-age=31536000, public,s-maxage=31536000
x-dispatcher
dispatcher1eastus2-28575182
x-ex-rules
5.96
accept-ranges
bytes
access-control-allow-origin
https://ust.com
content-length
1910
x-xss-protection
1; mode=block
server
ECAcc (frb/67BB)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.hs-scripts.com
URL
https://js.hs-scripts.com/3451723.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block