Submitted URL: https://clicknlook.com//wp-content/themes/it/
Effective URL: https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php
Submission Tags: phishing malicious Search All
Submission: On December 16 via api from IT — Scanned from IT

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 162.251.80.17, located in United States and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is starbuziness.in.
TLS certificate: Issued by R3 on November 15th 2021. Valid for: 3 months.
This is the only time starbuziness.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2404:2f40:1a0... 133938 (XEON-BD Xeon)
3 7 162.251.80.17 394695 (PUBLIC-DO...)
4 1
Apex Domain
Subdomains
Transfer
7 starbuziness.in
starbuziness.in
43 KB
1 clicknlook.com
clicknlook.com
297 B
4 2
Domain Requested by
7 starbuziness.in 3 redirects starbuziness.in
1 clicknlook.com 1 redirects
4 2

This site contains no links.

Subject Issuer Validity Valid
starbuziness.sukoonretreat.in
R3
2021-11-15 -
2022-02-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php
Frame ID: A342635205DAE5DFB34EC987657AF8E1
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Area Personale Nexi

Page URL History Show full URLs

  1. https://clicknlook.com//wp-content/themes/it/ HTTP 302
    https://starbuziness.in//js/it/Nexi.it/ HTTP 302
    https://starbuziness.in//js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee?cmd=_identifier_Demarrer_ID=... HTTP 301
    https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/?cmd=_identifier_Demarrer_ID=... Page URL
  2. https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/?view=login&appIdKey=f... HTTP 302
    https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php Page URL

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

42 kB
Transfer

44 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicknlook.com//wp-content/themes/it/ HTTP 302
    https://starbuziness.in//js/it/Nexi.it/ HTTP 302
    https://starbuziness.in//js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am HTTP 301
    https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am Page URL
  2. https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/?view=login&appIdKey=fcd00c0656cc490&country= HTTP 302
    https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://clicknlook.com//wp-content/themes/it/ HTTP 302
  • https://starbuziness.in//js/it/Nexi.it/ HTTP 302
  • https://starbuziness.in//js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am HTTP 301
  • https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/
Redirect Chain
  • https://clicknlook.com//wp-content/themes/it/
  • https://starbuziness.in//js/it/Nexi.it/
  • https://starbuziness.in//js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am
  • https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am
162 B
307 B
Document
General
Full URL
https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.251.80.17 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
cp-6.webhostbox.net
Software
Apache /
Resource Hash
30463bcdd1c949f58def31908b55566ff4b0378dcedfb6132643ba35c3f45426

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

date
Thu, 16 Dec 2021 08:24:32 GMT
server
Apache
content-type
text/html; charset=UTF-8
content-length
154
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
x-server-cache
false

Redirect headers

date
Thu, 16 Dec 2021 08:24:32 GMT
server
Apache
content-type
text/html; charset=iso-8859-1
content-length
350
location
https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am
x-server-cache
false
Primary Request home.php
starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/
Redirect Chain
  • https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/?view=login&appIdKey=fcd00c0656cc490&country=
  • https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php
3 KB
1 KB
Document
General
Full URL
https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php
Requested by
Host: starbuziness.in
URL: https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.251.80.17 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
cp-6.webhostbox.net
Software
Apache /
Resource Hash
8a8fef5206422f75454fc96290983b5c1eaf41f4d01ed640470508fb9d809bc8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/?cmd=_identifier_Demarrer_ID=2321690400864+_TIme:Thu,Dec,16,2021-8:24am

Response headers

date
Thu, 16 Dec 2021 08:24:34 GMT
server
Apache
content-type
text/html; charset=UTF-8
content-length
1091
vary
Accept-Encoding
content-encoding
gzip
x-server-cache
false

Redirect headers

date
Thu, 16 Dec 2021 08:24:33 GMT
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
home.php
x-server-cache
false
PAPA.gif
starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/PAPA/
43 B
108 B
Image
General
Full URL
https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/PAPA/PAPA.gif
Requested by
Host: starbuziness.in
URL: https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.251.80.17 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
cp-6.webhostbox.net
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 08:24:34 GMT
last-modified
Thu, 16 Dec 2021 08:24:32 GMT
server
Apache
accept-ranges
bytes
content-length
43
content-type
image/gif
PAPA2.png
starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/PAPA/
41 KB
41 KB
Image
General
Full URL
https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/PAPA/PAPA2.png
Requested by
Host: starbuziness.in
URL: https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.251.80.17 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
cp-6.webhostbox.net
Software
Apache /
Resource Hash
5b25c28af267b8dc4e5670f86fb733948ae358217b58d5fb3eb1e6a00f326daa

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://starbuziness.in/js/it/Nexi.it/5e8e8991c1686b6b60f4ae7eee030bee/manage/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 08:24:34 GMT
last-modified
Thu, 16 Dec 2021 08:24:32 GMT
server
Apache
accept-ranges
bytes
content-length
41626
content-type
image/png

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

1 Cookies

Domain/Path Name / Value
starbuziness.in/ Name: PHPSESSID
Value: 9bb452efde29c4a4b0c7fc35942099d9