urlscan.io logo urlscan.io
SecurityTrails logo

moya.us Open in urlscan Pro
104.21.16.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://moya.us/biqkhybuvmqs/x1mfbz030z.zip
Effective URL: https://moya.us/biqkhybuvmqs/x1mfbz030z.zip
Submission: On December 15 via api from RU — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 104.21.16.1, located in and belongs to CLOUDFLARENET, US. The main domain is moya.us.
TLS certificate: Issued by E5 on December 2nd 2024. Valid for: 3 months.
This is the only time moya.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.21.16.1 13335 (CLOUDFLAR...)
3 142.251.167.94 15169 (GOOGLE)
1 104.16.80.73 13335 (CLOUDFLAR...)
1 173.194.204.94 15169 (GOOGLE)
8 4
Apex Domain
Subdomains		 Transfer
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1188
2 KB
3 moya.us
moya.us
4 KB
1 gstatic.com
www.gstatic.com
216 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
8 4
Domain Requested by
3 www.recaptcha.net moya.us
www.gstatic.com
3 moya.us static.cloudflareinsights.com
1 www.gstatic.com www.recaptcha.net
1 static.cloudflareinsights.com moya.us
8 4

This site contains no links.

Subject Issuer Validity Valid
moya.us
E5		 2024-12-02 -
2025-03-02		 3 months crt.sh
misc.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://moya.us/biqkhybuvmqs/x1mfbz030z.zip
Frame ID: 5B6801E1968207F0FD5507C6666D582D
Requests: 6 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcC38UUAAAAAG3VR2KPGdlym_PWAPIfwqjIMs2L&co=aHR0cHM6Ly9tb3lhLnVzOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=7lv0lx3p9j4r
Frame ID: 78E06FD4C461D95CF26168D7AE44338F
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LcC38UUAAAAAG3VR2KPGdlym_PWAPIfwqjIMs2L
Frame ID: 6DC800DD2F2BAFC484DF8430CC5E543D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bot Verification

Page URL History Show full URLs

  1. http://moya.us/biqkhybuvmqs/x1mfbz030z.zip HTTP 307
    https://moya.us/biqkhybuvmqs/x1mfbz030z.zip Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

229 kB
Transfer

574 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://moya.us/biqkhybuvmqs/x1mfbz030z.zip HTTP 307
    https://moya.us/biqkhybuvmqs/x1mfbz030z.zip Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request x1mfbz030z.zip
moya.us/biqkhybuvmqs/
Redirect Chain
  • http://moya.us/biqkhybuvmqs/x1mfbz030z.zip
  • https://moya.us/biqkhybuvmqs/x1mfbz030z.zip
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moya.us/biqkhybuvmqs/x1mfbz030z.zip
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0669805bced507e7a688745aa05dcf02768f116eb39ef1c79617bf14554469
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache,no-store
cf-cache-status
BYPASS
cf-ray
8f244ec3ba5a07f2-IAD
content-encoding
zstd
content-type
text/html
date
Sun, 15 Dec 2024 06:16:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPhgSGP%2BWMUv0VyHOa1f0dKvgGvOu9XjaU%2F221LrbxdqJLJXBP8BsQp4A1WP%2BFcgd4wOwcRerM42NvJidW2KR3WFUFt%2BPU1J4h1kZKoU4XaGXdmbAhqpopLt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="BYPASS"
vary
Accept-Encoding,Origin
x-cache-status
MISS
x-edge-location
WPX CLOUD/ASH01
x-frame-options
SAMEORIGIN
x-quic
h3
x-turbo-charged-by
LiteSpeed

Redirect headers

Location
https://moya.us/biqkhybuvmqs/x1mfbz030z.zip
Non-Authoritative-Reason
HttpsUpgrades
api.js
www.recaptcha.net/recaptcha/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: moya.us
URL: https://moya.us/biqkhybuvmqs/x1mfbz030z.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
ESF /
Resource Hash
03a045fe259765d27ca2170d6eb9ea36be8f51d8fbca025ba85f3d92223b9c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://moya.us/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 06:16:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sun, 15 Dec 2024 06:16:55 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: moya.us
URL: https://moya.us/biqkhybuvmqs/x1mfbz030z.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://moya.us
Referer
https://moya.us/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8f244ec4cadfc5c2-IAD
access-control-allow-origin
*
date
Sun, 15 Dec 2024 06:16:55 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
recaptcha__en.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 		547 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.204.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f94.1e100.net
Software
sffe /
Resource Hash
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://moya.us
Referer
https://moya.us/

Response headers

content-encoding
gzip
age
344134
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 06:41:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 06:41:21 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220882
x-xss-protection
0
server
sffe
anchor
www.recaptcha.net/recaptcha/api2/ Frame 78E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcC38UUAAAAAG3VR2KPGdlym_PWAPIfwqjIMs2L&co=aHR0cHM6Ly9tb3lhLnVzOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=7lv0lx3p9j4r
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OJmacgkJCpwgKfoRxFpWmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://moya.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-OJmacgkJCpwgKfoRxFpWmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Dec 2024 06:16:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
rum
moya.us/cdn-cgi/ 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://moya.us/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://moya.us/biqkhybuvmqs/x1mfbz030z.zip

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST,OPTIONS
cf-ray
8f244ec73a6407f2-IAD
access-control-allow-origin
https://moya.us
date
Sun, 15 Dec 2024 06:16:56 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
moya.us/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://moya.us/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4380dccef55f2333d94d3418ab8cf6f3bd33089c1b76b3fab6833984cd515881

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://moya.us/biqkhybuvmqs/x1mfbz030z.zip

Response headers

content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZLf1sWKMVYcoWIRw343UbWdfMrxpivf8BYlVtGGx%2Bt9PV%2ByDUZBZGFRJKbvHAkikgekQPuVFEzFoamDkRyJ8imYYnS0rW5CgKeASB%2Bio6GKlCi74ngY70HUX"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Sun, 15 Dec 2024 06:16:56 GMT
content-type
text/html; charset=UTF-8
last-modified
Wed, 08 May 2024 10:34:06 GMT
wpx
1,1
vary
Accept-Encoding,Origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://moya.us/
x-edge-location
WPX CLOUD/ASH01
cache-control
public, max-age=14400
cf-ray
8f244ec73a6507f2-IAD
x-turbo-charged-by
LiteSpeed
server
cloudflare
bframe
www.recaptcha.net/recaptcha/api2/ Frame 6DC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LcC38UUAAAAAG3VR2KPGdlym_PWAPIfwqjIMs2L
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fp81GHwv0JCMEjATKDDFTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://moya.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fp81GHwv0JCMEjATKDDFTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Dec 2024 06:16:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| onSubmit function| onloadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __cfBeacon object| recaptcha object| closure_lm_79211

1 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09AJNbFncmZP8ELJOBjbCEAE6w2DvaZCJPGh1Un00fa6NPXceRnFzIibRk0oaCg2HBSf5ya5JxfBwOR_gAXFNKJAg

1 Console Messages

Source Level URL
Text
network error URL: https://moya.us/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN