URL: https://moth-api-staging.lunar.build/
Submission Tags: phishingrod
Submission: On September 30 via api from DE — Scanned from GB

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 209.97.187.223, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is moth-api-staging.lunar.build.
TLS certificate: Issued by E5 on September 30th 2024. Valid for: 3 months.
This is the only time moth-api-staging.lunar.build was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 209.97.187.223 14061 (DIGITALOC...)
5 1
Apex Domain
Subdomains
Transfer
5 lunar.build
moth-api-staging.lunar.build
87 KB
5 1
Domain Requested by
5 moth-api-staging.lunar.build moth-api-staging.lunar.build
5 1

This site contains no links.

Subject Issuer Validity Valid
moth-api-staging.lunar.build
E5
2024-09-30 -
2024-12-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://moth-api-staging.lunar.build/
Frame ID: 56293EADCCCD4A5DF5FFBB094EFEB0DD
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Moth Q1 Synth API

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <[^>]{1,512}\bwire:
  • livewire(?:\.min)?\.js

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

87 kB
Transfer

257 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
moth-api-staging.lunar.build/
8 KB
3 KB
Document
General
Full URL
https://moth-api-staging.lunar.build/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.97.187.223 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
251f40ef732a4338f83586efc3c30aed15c1c9bb8494997b8db164f6f06c6d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 03:25:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
app-CP-cMA0g.css
moth-api-staging.lunar.build/build/assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://moth-api-staging.lunar.build/build/assets/app-CP-cMA0g.css
Requested by
Host: moth-api-staging.lunar.build
URL: https://moth-api-staging.lunar.build/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.97.187.223 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
88fd147be55144ab21018086158df1e8cc328068c89be19b7afa452d8ab99d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moth-api-staging.lunar.build/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"663a2bd0-138e"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Mon, 30 Sep 2024 03:25:41 GMT
content-type
text/css
last-modified
Tue, 07 May 2024 13:25:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
app-BHUIwzWU.js
moth-api-staging.lunar.build/build/assets/
106 KB
34 KB
Script
General
Full URL
https://moth-api-staging.lunar.build/build/assets/app-BHUIwzWU.js
Requested by
Host: moth-api-staging.lunar.build
URL: https://moth-api-staging.lunar.build/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.97.187.223 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
130955b091160da108f907df305c54bf717201c774b20a7651c8cbf5913b9c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://moth-api-staging.lunar.build
Referer
https://moth-api-staging.lunar.build/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"663a800f-1a9a1"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Mon, 30 Sep 2024 03:25:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 07 May 2024 19:25:03 GMT
server
nginx
x-frame-options
SAMEORIGIN
livewire.min.js
moth-api-staging.lunar.build/livewire/
138 KB
49 KB
Script
General
Full URL
https://moth-api-staging.lunar.build/livewire/livewire.min.js?id=770f7738
Requested by
Host: moth-api-staging.lunar.build
URL: https://moth-api-staging.lunar.build/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.97.187.223 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9bc36a7989f38410509250574b77cd553765e4c10a94027bc6505a8939500921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moth-api-staging.lunar.build/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 30 Sep 2025 03:25:41 GMT
date
Mon, 30 Sep 2024 03:25:41 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Thu, 02 May 2024 17:10:37 GMT
x-frame-options
SAMEORIGIN
favicon.ico
moth-api-staging.lunar.build/
0
182 B
Other
General
Full URL
https://moth-api-staging.lunar.build/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.97.187.223 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://moth-api-staging.lunar.build/

Response headers

etag
"663a2bd0-0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
date
Mon, 30 Sep 2024 03:25:42 GMT
content-type
image/x-icon
last-modified
Tue, 07 May 2024 13:25:36 GMT
server
nginx
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Livewire object| Alpine function| Pusher object| Echo function| axios

2 Cookies

Domain/Path Name / Value
moth-api-staging.lunar.build/ Name: XSRF-TOKEN
Value: eyJpdiI6IkJZME02RC95dXUxSTMyNXZIa2ZOd0E9PSIsInZhbHVlIjoiR05odFVIbTRsMXFWUUN1TkJaMGJ4TkJkQmNhZTZsbEdvVEJRRGJYMzVYdzE0dXFvSDdXR01DT3VGZlQxOHNlN3FiZnpZNGtraFc3MWNQODdiSVBZMEltalVWUHI1QWxRdi9NU2JKeWVNTXMzVlNCck52a0VqNExySURISG1jWW0iLCJtYWMiOiJhNjhmMmU4OTczNGQ5ODBiNThmMDA0NTg5YzIzNjhmZDYxYmYzZmIzMmU2MDE0YWYzOTZkOTBkY2EyZGE2MDYwIiwidGFnIjoiIn0%3D
moth-api-staging.lunar.build/ Name: laravel_session
Value: eyJpdiI6IlN0MXVXL2lnOFFuVUh6UCtIbE1XUnc9PSIsInZhbHVlIjoiRWliQzJabVFtbnJPa2RVUjkvMkRZbjdYZldwcWtrQ2VsSVJiRHR1MTc1YndXWEJZZERueFY4QlBxNmZBa1BLOXpvVVlTd25ubmQ2MDk3WXEvMlpmU1F3dTVxQS9BM3FRRWhjbks0bjNxQVA5Nm8rWURUdnhxN29EdUg4R2NGaHQiLCJtYWMiOiI4YThiNTI0NTZlN2YyZDkyZjAzZGQ4MWQxM2YxODkxYTkxNTY3ZWU0ODM5ZThhNDIxMWY3ZDY0ZjFmY2E3NzcwIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block