![](/screenshots/3d67579e-5ce7-41d5-8b6e-8f69348cd691.png)
www.citistar.top.starxexp.icu
Open in
urlscan Pro
104.128.226.6
Public Scan
Submission: On May 30 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 26th 2024. Valid for: 3 months.
This is the only time www.citistar.top.starxexp.icu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 104.128.226.6 104.128.226.6 | 7489 (HOSTUS-GL...) (HOSTUS-GLOBAL-AS HostUS) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2602:816:5001... 2602:816:5001::39 | 54113 (FASTLY) (FASTLY) | |
1 | 162.247.243.29 162.247.243.29 | 54113 (FASTLY) (FASTLY) | |
24 | 6 |
ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK)
PTR: 104.128.226.6.server159.mainpacket.com
www.citistar.top.starxexp.icu | |
www.1click.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
starxexp.icu
www.citistar.top.starxexp.icu |
475 KB |
3 |
1click.io
www.1click.io |
232 KB |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 245 |
571 B |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 636 |
9 KB |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
2 KB |
24 | 6 |
Domain | Requested by | |
---|---|---|
15 | www.citistar.top.starxexp.icu |
www.citistar.top.starxexp.icu
|
3 | www.1click.io |
www.citistar.top.starxexp.icu
www.1click.io |
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | js-agent.newrelic.com |
www.citistar.top.starxexp.icu
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
www.citistar.top.starxexp.icu
|
24 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
timesofmalta.com |
twitter.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail.1click.io R3 |
2024-04-26 - 2024-07-25 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-03-21 - 2025-04-22 |
a year | crt.sh |
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.citistar.top.starxexp.icu/
Frame ID: D3CA584CFD380B81D660D10588CA5639
Requests: 24 HTTP requests in this frame
Screenshot
![](/screenshots/3d67579e-5ce7-41d5-8b6e-8f69348cd691.png)
Page Title
1click - Take Control of Your Social ConnectionsDetected technologies
![](/vendor/wappa/icons/LocomotiveCMS.png)
Detected patterns
- <link[^>]*/sites/[a-z\d]{24}/theme/stylesheets
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.citistar.top.starxexp.icu/ |
21 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fox.css
www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/stylesheets/ |
41 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
22 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background-poster-video.jpg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
139 KB 139 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
laptop.svg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
42 KB 43 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
workflow.jpg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
75 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search.jpg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
90 KB 90 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
benefits-startup.svg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
benefits-retailers.svg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
benefits-financial.svg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
benefits-telcos.svg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
benefits-agencies.svg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dynamic-qr.jpeg
www.citistar.top.starxexp.icu/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-twitter.svg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/icons/ |
873 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-facebook.svg
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/icons/ |
495 B 704 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/javascripts/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background-poster-video.jpg
www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
139 KB 139 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background-team.jpg
www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/images/ |
51 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2B5A61_2_0.woff
www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2B5A61_2_0.ttf
www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-632.min.js
js-agent.newrelic.com/ |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/assets/5406dc765918add2f500114e/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d636e818b2
bam.nr-data.net/1/ |
79 B 571 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.1click.io
- URL
- https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/2B5A61_2_0.woff
- Domain
- www.1click.io
- URL
- https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/2B5A61_2_0.ttf
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| NREUM object| newrelic function| __nr_require function| signup function| dw_getScrollOffsets function| openPopup function| createCookie function| readCookie function| getURLParameter function| hasClass function| addClass function| removeClass function| toggleClass function| getNextElementSibling undefined| video object| navMobile object| mainNav object| loadMore object| more object| medium object| source object| campaign object| readMedium object| readSource object| readCampaign object| smoothScroll object| analytics0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
www.1click.io
www.citistar.top.starxexp.icu
www.1click.io
104.128.226.6
162.247.243.29
2602:816:5001::39
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
0109aecba761dec302a48553c77ce40e3ec5f219ab7ac3f6c58387ae09c57dcc
028663e2d5fa9cb339acc99f74f51aaeebf685a4016ba4e1d119cccf880bab78
2d709190d155f3fd692d36e1e8551d7753064b66afa1e028c7a8004206a4361a
2f055e95770a16540e9ab983d28b4ba02c3f60e4c0e5b1f74f109ba161a660a9
36ded8d29d05acd4bd86a51e29041afec5f135c9fd8de47d33c1453bc2cf0bb3
397770b371bbeeee74abd65f70ecbe43d68621930b5ba4beaa61558e22453fd3
3bbe0400abb30926575c4f8ca56e7a570aa473aeefb4a784051290061d36b06f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
46435da938b27c15c74d11adc4765e8909354ae2b388e4529266c7def20beb0b
501ec9c7d97b9f0f4f34b707b6518f48e8be672836c6910de6903def7e7a008c
53d75543d5ba666db9d498bb969b60bac90debdfcee7bc1e1dfabee4c13f2939
5753cadf8c0ac4552c27f5622322821c36c98a9cf30bea62275bd577b085df88
a0d1e3aa503768af043511f31971dc6510bd8750d2bc31cd6b7a9c8fb8e690ac
b39746c07da532b57661a77d04dc53159691290bc22dbc1a413b1443909c07b6
beb10d0523d26ee78ed92bd674a19acbf926787fc079e8fd599f856f7c9db163
c28f3fcfa4e839d67ed83a489ca461cf6c3182c47d1a35e7eb719deba23f9106
cca390172e622bba6d82f5d624e81adb67620a705714cf12b6415f73b6d3e32f
cfad80141e75860a6db00b4ff7485dd7a8e621a2ba09d6ba5f3a42b669f6f66f
d95273890b1b350bf57b54c10521b18db152abf4a82c729c247a1306b6baf2e6
e59187d4ede72414808c177d0d1e3f7f4949bf93b51e0a88afaa86dea4229e92
ee6dd57eeefa588d74127f78b09ace89f53635bcafd1028393c029c07e9fafb1