www.citistar.top.starxexp.icu Open in urlscan Pro
104.128.226.6  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.citistar.top.starxexp.icu/	21 KB 21 KB	853ms 156ms	Document text/html	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Full URL https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 501ec9c7d97b9f0f4f34b707b6518f48e8be672836c6910de6903def7e7a008c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Connection close Content-Length 21342 Content-Type text/html Date Thu, 30 May 2024 16:37:24 GMT Last-Modified Mon, 27 May 2024 11:34:54 GMT Server Apache
GET H/1.1	200 OK	fox.css www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/stylesheets/	41 KB 41 KB	1138ms 140ms	Stylesheet text/css	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Full URL https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/stylesheets/fox.css?bc0ee868233295c748af7381462494a8 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash a0d1e3aa503768af043511f31971dc6510bd8750d2bc31cd6b7a9c8fb8e690ac Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:26 GMT Last-Modified Tue, 19 Sep 2023 14:16:26 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 41680 Content-Type text/css
GET H2	200	css fonts.googleapis.com/	22 KB 2 KB	74ms 28ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300,600 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2f055e95770a16540e9ab983d28b4ba02c3f60e4c0e5b1f74f109ba161a660a9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 30 May 2024 16:37:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 30 May 2024 16:37:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 30 May 2024 16:37:25 GMT
GET H/1.1	200 OK	background-poster-video.jpg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/	139 KB 139 KB	415ms 140ms	Image image/jpeg	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/background-poster-video.jpg?372138047ea27a8bb361e89213a5dda7 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash e59187d4ede72414808c177d0d1e3f7f4949bf93b51e0a88afaa86dea4229e92 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:25 GMT Last-Modified Tue, 19 Sep 2023 14:09:50 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 142391 Content-Type image/jpeg
GET H/1.1	200 OK	laptop.svg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/	42 KB 43 KB	419ms 141ms	Image image/svg+xml	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/laptop.svg?c58beba7ea63199c8c1a7b8c567ea3f7 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash beb10d0523d26ee78ed92bd674a19acbf926787fc079e8fd599f856f7c9db163 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:25 GMT Last-Modified Tue, 19 Sep 2023 17:13:34 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 43327 Content-Type image/svg+xml
GET H/1.1	200 OK	workflow.jpg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/	75 KB 75 KB	420ms 142ms	Image image/jpeg	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/workflow.jpg?43d58405649df7ccee6389ac2411a068 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 028663e2d5fa9cb339acc99f74f51aaeebf685a4016ba4e1d119cccf880bab78 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:25 GMT Last-Modified Tue, 19 Sep 2023 14:16:18 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 76819 Content-Type image/jpeg
GET H/1.1	200 OK	search.jpg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/	90 KB 90 KB	423ms 143ms	Image image/jpeg	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/search.jpg?9c6de025527681608ac79adfb254099e Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 3bbe0400abb30926575c4f8ca56e7a570aa473aeefb4a784051290061d36b06f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:25 GMT Last-Modified Tue, 19 Sep 2023 17:13:26 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 91952 Content-Type image/jpeg
GET H/1.1	200 OK	benefits-startup.svg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/	3 KB 3 KB	418ms 140ms	Image image/svg+xml	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/benefits-startup.svg?71f9b68dd5e4e87b2aacd3d0ef0fbdd4 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 46435da938b27c15c74d11adc4765e8909354ae2b388e4529266c7def20beb0b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:25 GMT Last-Modified Tue, 19 Sep 2023 14:13:58 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 2565 Content-Type image/svg+xml
GET H/1.1	200 OK	benefits-retailers.svg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/	3 KB 3 KB	836ms 141ms	Image image/svg+xml	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/benefits-retailers.svg?937695ff749a1ab3b682e89be4fc80f5 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 2d709190d155f3fd692d36e1e8551d7753064b66afa1e028c7a8004206a4361a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:25 GMT Last-Modified Tue, 19 Sep 2023 17:13:32 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 3235 Content-Type image/svg+xml
GET H/1.1	200 OK	benefits-financial.svg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/	2 KB 2 KB	419ms 142ms	Image image/svg+xml	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/benefits-financial.svg?676c7736d6fd0c69c6101cbf13b5ef5a Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 0109aecba761dec302a48553c77ce40e3ec5f219ab7ac3f6c58387ae09c57dcc Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:26 GMT Last-Modified Tue, 19 Sep 2023 14:13:48 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 2309 Content-Type image/svg+xml
GET H/1.1	200 OK	benefits-telcos.svg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/	4 KB 4 KB	421ms 142ms	Image image/svg+xml	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/benefits-telcos.svg?6107e662049c9d10f01ea5ffe4b9a04a Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash ee6dd57eeefa588d74127f78b09ace89f53635bcafd1028393c029c07e9fafb1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:26 GMT Last-Modified Tue, 19 Sep 2023 14:16:14 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 3646 Content-Type image/svg+xml
GET H/1.1	200 OK	benefits-agencies.svg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/	6 KB 6 KB	427ms 144ms	Image image/svg+xml	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/benefits-agencies.svg?c1a451a5acff2e5a076c84932f143f28 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 5753cadf8c0ac4552c27f5622322821c36c98a9cf30bea62275bd577b085df88 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:26 GMT Last-Modified Tue, 19 Sep 2023 14:12:34 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 5716 Content-Type image/svg+xml
GET H/1.1	200 OK	dynamic-qr.jpeg www.citistar.top.starxexp.icu/	59 KB 59 KB	417ms 141ms	Image image/jpeg	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/dynamic-qr.jpeg Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash d95273890b1b350bf57b54c10521b18db152abf4a82c729c247a1306b6baf2e6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:26 GMT Last-Modified Sat, 23 Sep 2023 20:00:19 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 60411 Content-Type image/jpeg
GET H/1.1	200 OK	icon-twitter.svg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/icons/	873 B 1 KB	413ms 139ms	Image image/svg+xml	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/icons/icon-twitter.svg?e204601888ae7e6ecac971a64937882c Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash cfad80141e75860a6db00b4ff7485dd7a8e621a2ba09d6ba5f3a42b669f6f66f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:26 GMT Last-Modified Tue, 19 Sep 2023 14:20:40 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 873 Content-Type image/svg+xml
GET H/1.1	200 OK	icon-facebook.svg www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/icons/	495 B 704 B	413ms 140ms	Image image/svg+xml	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/images/icons/icon-facebook.svg?8b37470dbe18387bd61cd7be574b68a7 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash cca390172e622bba6d82f5d624e81adb67620a705714cf12b6415f73b6d3e32f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:26 GMT Last-Modified Tue, 19 Sep 2023 14:12:40 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 495 Content-Type image/svg+xml
GET H/1.1	200 OK	main.js Show response www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/javascripts/	13 KB 13 KB	417ms 146ms	Script application/javascript	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/theme/javascripts/main.js?8d8ef539457557b1d63e9bff8066bcb1 Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 397770b371bbeeee74abd65f70ecbe43d68621930b5ba4beaa61558e22453fd3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:25 GMT Last-Modified Tue, 19 Sep 2023 15:22:39 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 13246 Content-Type application/javascript
GET H/1.1	200 OK	background-poster-video.jpg www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/images/	139 KB 139 KB	413ms 140ms	Image image/jpeg	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/images/background-poster-video.jpg?1426254103 Requested by Host: www.1click.io URL: https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/stylesheets/fox.css?bc0ee868233295c748af7381462494a8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash e59187d4ede72414808c177d0d1e3f7f4949bf93b51e0a88afaa86dea4229e92 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/stylesheets/fox.css?bc0ee868233295c748af7381462494a8 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:26 GMT Last-Modified Tue, 19 Sep 2023 14:09:50 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 142391 Content-Type image/jpeg
GET H/1.1	200 OK	background-team.jpg www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/images/	51 KB 52 KB	419ms 142ms	Image image/jpeg	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/images/background-team.jpg?1426254103 Requested by Host: www.1click.io URL: https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/stylesheets/fox.css?bc0ee868233295c748af7381462494a8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 36ded8d29d05acd4bd86a51e29041afec5f135c9fd8de47d33c1453bc2cf0bb3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/stylesheets/fox.css?bc0ee868233295c748af7381462494a8 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:26 GMT Last-Modified Tue, 19 Sep 2023 14:12:02 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 52626 Content-Type image/jpeg
GET		2B5A61_2_0.woff www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/	0 0
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	67ms 20ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://www.citistar.top.starxexp.icu Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 22:45:56 GMT x-content-type-options nosniff age 496290 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 24 May 2025 22:45:56 GMT
GET		2B5A61_2_0.ttf www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/	0 0
GET H2	200	nr-632.min.js Show response js-agent.newrelic.com/	22 KB 9 KB	63ms 19ms	Script application/javascript	2602:816:5001::39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-632.min.js Requested by Host: www.citistar.top.starxexp.icu URL: https://www.citistar.top.starxexp.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2602:816:5001::39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c28f3fcfa4e839d67ed83a489ca461cf6c3182c47d1a35e7eb719deba23f9106 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id OcEJW9CM5EOBosjPj0gqv19ctkwz7tIl content-encoding br via 1.1 varnish date Thu, 30 May 2024 16:37:27 GMT strict-transport-security max-age=300 x-amz-request-id 0YX0H31M6SWV6RWM x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 8922 x-amz-id-2 2vN2jzkmign4lp3y3OAtwLvR1BaPkKKfxhDj6/4f10+ciRsa5L3MhoE2Grp3aI//o3lRCZrIMfo= x-served-by cache-fra-eddf8230029-FRA last-modified Wed, 18 Oct 2023 21:00:22 GMT server AmazonS3 etag "f9cdcb1e4b2be3825b6dfcbd33deff25" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 17
GET H/1.1	200 OK	favicon.ico www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/assets/5406dc765918add2f500114e/	15 KB 15 KB	418ms 141ms	Other image/x-icon	104.128.226.6 HOSTUS-GLOBAL-AS ...
General Check archive.org Show headers Download Go to Full URL https://www.citistar.top.starxexp.icu/sites/53a1549d2c1cc48a4d0000c7/assets/5406dc765918add2f500114e/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.128.226.6 Charlotte, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK), Reverse DNS 104.128.226.6.server159.mainpacket.com Software Apache / Resource Hash 53d75543d5ba666db9d498bb969b60bac90debdfcee7bc1e1dfabee4c13f2939 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 30 May 2024 16:37:27 GMT Last-Modified Tue, 19 Sep 2023 14:16:32 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 15086 Content-Type image/x-icon
GET H/1.1	200	d636e818b2 Show response bam.nr-data.net/1/	79 B 571 B	635ms 577ms	Script text/javascript	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/d636e818b2?a=2542635&pl=1717087044168&v=632.2b17625&to=IVkKEERXWggAF0kKXQFZCQtCUUABShUTBF4LVUsUV19TF0oWDglF&ap=143&be=871&fe=2395&dc=1550&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1717087044168,%22n%22:0,%22dl%22:857,%22di%22:2420,%22ds%22:2420,%22de%22:2421,%22dc%22:3266,%22l%22:3266,%22le%22:3267,%22f%22:0,%22dn%22:419,%22dne%22:419,%22c%22:419,%22ce%22:697,%22s%22:557,%22rq%22:698,%22rp%22:854,%22rpe%22:995%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-632.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b39746c07da532b57661a77d04dc53159691290bc22dbc1a413b1443909c07b6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.citistar.top.starxexp.icu/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 16:37:28 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/javascript access-control-allow-origin * access-control-expose-headers Date access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive timing-allow-origin * Content-Length 79 x-served-by cache-fra-eddf8230022-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.1click.io

URL

https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/2B5A61_2_0.woff

Domain

www.1click.io

URL

https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/2B5A61_2_0.ttf

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require function| signup function| dw_getScrollOffsets function| openPopup function| createCookie function| readCookie function| getURLParameter function| hasClass function| addClass function| removeClass function| toggleClass function| getNextElementSibling undefined| video object| navMobile object| mainNav object| loadMore object| more object| medium object| source object| campaign object| readMedium object| readSource object| readCampaign object| smoothScroll object| analytics

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.citistar.top.starxexp.icu/ Message: Access to font at 'https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/2B5A61_2_0.woff' from origin 'https://www.citistar.top.starxexp.icu' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/2B5A61_2_0.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.citistar.top.starxexp.icu/ Message: Access to font at 'https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/2B5A61_2_0.ttf' from origin 'https://www.citistar.top.starxexp.icu' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.1click.io/sites/53a1549d2c1cc48a4d0000c7/theme/fonts/2B5A61_2_0.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
www.1click.io
www.citistar.top.starxexp.icu
www.1click.io
104.128.226.6
162.247.243.29
2602:816:5001::39
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
0109aecba761dec302a48553c77ce40e3ec5f219ab7ac3f6c58387ae09c57dcc
028663e2d5fa9cb339acc99f74f51aaeebf685a4016ba4e1d119cccf880bab78
2d709190d155f3fd692d36e1e8551d7753064b66afa1e028c7a8004206a4361a
2f055e95770a16540e9ab983d28b4ba02c3f60e4c0e5b1f74f109ba161a660a9
36ded8d29d05acd4bd86a51e29041afec5f135c9fd8de47d33c1453bc2cf0bb3
397770b371bbeeee74abd65f70ecbe43d68621930b5ba4beaa61558e22453fd3
3bbe0400abb30926575c4f8ca56e7a570aa473aeefb4a784051290061d36b06f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
46435da938b27c15c74d11adc4765e8909354ae2b388e4529266c7def20beb0b
501ec9c7d97b9f0f4f34b707b6518f48e8be672836c6910de6903def7e7a008c
53d75543d5ba666db9d498bb969b60bac90debdfcee7bc1e1dfabee4c13f2939
5753cadf8c0ac4552c27f5622322821c36c98a9cf30bea62275bd577b085df88
a0d1e3aa503768af043511f31971dc6510bd8750d2bc31cd6b7a9c8fb8e690ac
b39746c07da532b57661a77d04dc53159691290bc22dbc1a413b1443909c07b6
beb10d0523d26ee78ed92bd674a19acbf926787fc079e8fd599f856f7c9db163
c28f3fcfa4e839d67ed83a489ca461cf6c3182c47d1a35e7eb719deba23f9106
cca390172e622bba6d82f5d624e81adb67620a705714cf12b6415f73b6d3e32f
cfad80141e75860a6db00b4ff7485dd7a8e621a2ba09d6ba5f3a42b669f6f66f
d95273890b1b350bf57b54c10521b18db152abf4a82c729c247a1306b6baf2e6
e59187d4ede72414808c177d0d1e3f7f4949bf93b51e0a88afaa86dea4229e92
ee6dd57eeefa588d74127f78b09ace89f53635bcafd1028393c029c07e9fafb1