www.steam.sigmaexpense.com Open in urlscan Pro
2a04:2180:0:3:3::32 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.steam.sigmaexpense.com/
Submission: On February 17 via automatic, source certstream-suspicious (February 17th 2020, 12:16:19 am UTC)

Summary HTTP 24 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 2a04:2180:0:3:3::32, located in Lithuania and belongs to IST-AS, LT. The main domain is www.steam.sigmaexpense.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 3rd 2019. Valid for: 3 months.

This is the only time www.steam.sigmaexpense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
19	2a04:2180:0:3... 2a04:2180:0:3:3::32		61272 (IST-AS) (IST-AS)
1	2606:4700:20:... 2606:4700:20::681a:daf		13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3038::681f:db9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	3

19 2a04:2180:0:3:3::32 (Lithuania)

ASN61272 (IST-AS, LT)

www.steam.sigmaexpense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:daf (United States)

ASN13335 (CLOUDFLARENET, US)

cpabuild.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::681f:db9 (United States)

ASN13335 (CLOUDFLARENET, US)

b7ax3cyzhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	sigmaexpense.com www.steam.sigmaexpense.com	691 KB
4	b7ax3cyzhq.com b7ax3cyzhq.com	4 KB
1	cpabuild.com cpabuild.com	6 KB
24	3

	Domain	Requested by
19	www.steam.sigmaexpense.com	www.steam.sigmaexpense.com
4	b7ax3cyzhq.com	cpabuild.com
1	cpabuild.com	www.steam.sigmaexpense.com
24	3

This site contains no links.

Subject Issuer	Validity	Valid
steam.sigmaexpense.com cPanel, Inc. Certification Authority	`2019-12-03` - `2020-03-02`	3 months	crt.sh
cpabuild.com CloudFlare Inc ECC CA-2	`2019-11-09` - `2020-10-09`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-19` - `2020-10-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.steam.sigmaexpense.com/
Frame ID: 45183DB12CE7B07A2D98EED6502902A2
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

html /<div id="particles-js">/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

702 kB
Transfer

723 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.steam.sigmaexpense.com/	11 KB 11 KB	188ms 37ms	Document text/html	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `383e4a48758b596f15a6861b9b72445ec18cf0b1230babf62c7ccbeb86375e0f` Request headers Host www.steam.sigmaexpense.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Server Apache Last-Modified Sun, 19 Mar 2017 20:21:29 GMT Accept-Ranges bytes Content-Length 11471 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	bootstrap.min.css www.steam.sigmaexpense.com/css/	118 KB 119 KB	38ms 37ms	Stylesheet text/css	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/css/bootstrap.min.css Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `298c150093e530d8b35c23d6144fe141f7ee76252f05af8aeb464c23b11d40d9` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 121279
GET H/1.1	200 OK	font-awesome.min.css www.steam.sigmaexpense.com/css/	28 KB 29 KB	107ms 36ms	Stylesheet text/css	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/css/font-awesome.min.css Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `311ee295b16854555738e3d9c8b57a59d987e2c8112cf30a7719b036feab0dae` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 29110
GET H/1.1	200 OK	animate.css www.steam.sigmaexpense.com/css/	71 KB 71 KB	109ms 38ms	Stylesheet text/css	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/css/animate.css Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 72259
GET H/1.1	200 OK	style.css www.steam.sigmaexpense.com/css/	21 KB 21 KB	112ms 37ms	Stylesheet text/css	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/css/style.css Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `c61a8d40a021beac6a39810dde51611379ce4d469df520fb4d822e62b6e564cc` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 21445
GET H/1.1	200 OK	logo2.png www.steam.sigmaexpense.com/images/	2 KB 2 KB	125ms 35ms	Image image/png	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.steam.sigmaexpense.com/images/logo2.png Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `12947f6d171cae51535ba488c72f794943462b2be86ec56ab46afa6428685567` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2030
GET H/1.1	200 OK	logo-mini.png www.steam.sigmaexpense.com/images/	1023 B 1 KB	147ms 36ms	Image image/png	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.steam.sigmaexpense.com/images/logo-mini.png Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `8ad36b60b76e993767b83af132bc69a67a0265e4c029b7413cf8b1a351012b94` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1023
GET H/1.1	200 OK	10-gift.jpg www.steam.sigmaexpense.com/images/	47 KB 47 KB	36ms 35ms	Image image/jpeg	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.steam.sigmaexpense.com/images/10-gift.jpg Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `225743b767ad2fd0481245e66c88d0920a1a8ec85c1d992b405baf6325bd3f09` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 47729
GET H/1.1	200 OK	20-gift.jpg www.steam.sigmaexpense.com/images/	47 KB 47 KB	36ms 36ms	Image image/jpeg	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.steam.sigmaexpense.com/images/20-gift.jpg Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `f62345d6bca9c7646c3ed403e6fcb7df9a9809117fcff07d6f71a6b7896c55ae` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 47833
GET H/1.1	200 OK	50-gift.jpg www.steam.sigmaexpense.com/images/	47 KB 47 KB	37ms 37ms	Image image/jpeg	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.steam.sigmaexpense.com/images/50-gift.jpg Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `ec9b0e01b87fdf46242235f5a6e03853e949b67776d2cc8a65b42aba9e052782` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 47860
GET H/1.1	200 OK	100-gift.jpg www.steam.sigmaexpense.com/images/	47 KB 47 KB	37ms 37ms	Image image/jpeg	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.steam.sigmaexpense.com/images/100-gift.jpg Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `d6ad4dde206ac6c304a01f17aae0a1a5a998d285b1be7b596e03f2c187c9a09b` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 47963
GET H/1.1	200 OK	jquery-2.2.3.min.js Show response www.steam.sigmaexpense.com/scripts/	84 KB 84 KB	109ms 37ms	Script application/javascript	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/scripts/jquery-2.2.3.min.js Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 85659
GET H/1.1	200 OK	bootstrap.min.js Show response www.steam.sigmaexpense.com/scripts/	36 KB 36 KB	36ms 35ms	Script application/javascript	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/scripts/bootstrap.min.js Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 36868
GET H/1.1	200 OK	particles.min.js Show response www.steam.sigmaexpense.com/scripts/	23 KB 23 KB	37ms 37ms	Script application/javascript	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/scripts/particles.min.js Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 23364
GET H/1.1	200 OK	jquery.shuffleLetters.js Show response www.steam.sigmaexpense.com/scripts/	3 KB 3 KB	37ms 37ms	Script application/javascript	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/scripts/jquery.shuffleLetters.js Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `60426114bc67ea17e453aca1f3ec70fc80b67055baa6eef36453758c2dc5cc7b` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 3014
GET H/1.1	200 OK	script.js Show response www.steam.sigmaexpense.com/scripts/	5 KB 6 KB	38ms 37ms	Script application/javascript	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/scripts/script.js Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `9d4c833944221711235492f294ad4bcf549afe25497d6d2c1616dd89386bafa9` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5407
GET H2	200	locker.js Show response cpabuild.com/public/external/	22 KB 6 KB	51ms 20ms	Script text/javascript	2606:4700:20::681a:daf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cpabuild.com/public/external/locker.js Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:daf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e1283e4ec130e45b2775b89ae683abe7f75dfc0c61f1cd012d6b3c9109d5419e` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 17 Feb 2020 00:16:01 GMT content-encoding br cf-cache-status HIT last-modified Mon, 13 Jan 2020 04:51:58 GMT server cloudflare age 1476 etag W/"5791-59bfe3c424dcd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript status 200 cache-control max-age=691200 cf-ray 566391f84c6397ba-FRA
GET H/1.1	200 OK	bg1.jpg www.steam.sigmaexpense.com/images/	9 KB 10 KB	37ms 37ms	Image image/jpeg	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.steam.sigmaexpense.com/images/bg1.jpg Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `cf47b66b0555507dc302ca32250b7e26a5a352f51ba8cb44528f9928c66115a4` Request headers Referer https://www.steam.sigmaexpense.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Fri, 30 Dec 2016 12:11:38 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 9598
GET H/1.1	200 OK	unicode.frutigel-webfont.html www.steam.sigmaexpense.com/fonts/frutigel/	17 KB 17 KB	45ms 36ms	Font text/html	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/fonts/frutigel/unicode.frutigel-webfont.html Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `32dcdf3adfc91f50e40f6358e26ee9d91790d1d6f5af34e232272cb4ed329ab6` Request headers Referer https://www.steam.sigmaexpense.com/css/style.css Origin https://www.steam.sigmaexpense.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Sun, 19 Mar 2017 20:18:47 GMT Server Apache Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 17080
GET H/1.1	200 OK	fontawesome-webfont5b625b62.html www.steam.sigmaexpense.com/fonts/	70 KB 70 KB	62ms 36ms	Font text/html	2a04:2180:0:3:3::32 IST-AS
General Check archive.org Show headers Download Go to Full URL https://www.steam.sigmaexpense.com/fonts/fontawesome-webfont5b625b62.html?v=4.6.3 Requested by Host: www.steam.sigmaexpense.com URL: https://www.steam.sigmaexpense.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a04:2180:0:3:3::32 , Lithuania, ASN61272 (IST-AS, LT), Reverse DNS Software Apache / Resource Hash `7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73` Request headers Referer https://www.steam.sigmaexpense.com/css/font-awesome.min.css Origin https://www.steam.sigmaexpense.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 17 Feb 2020 00:16:01 GMT Last-Modified Sun, 19 Mar 2017 20:18:44 GMT Server Apache Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 71896
GET H2	200	html.116950.18a1e.0.js Show response b7ax3cyzhq.com/public/external/v2/	8 KB 2 KB	405ms 347ms	Script application/javascript	2606:4700:3038::681f:db9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://b7ax3cyzhq.com/public/external/v2/html.116950.18a1e.0.js Requested by Host: cpabuild.com URL: https://cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::681f:db9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.32 Resource Hash `fdf2a9d4ed9b615bc1a2baa714b9d05e96520519ff3b117841b8f990ee923e4f` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 17 Feb 2020 00:16:01 GMT content-encoding br cf-cache-status MISS server cloudflare x-powered-by PHP/5.6.32 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 566391fa1a8b1776-FRA
GET H2	200	css_front.css b7ax3cyzhq.com/public/external/	6 KB 2 KB	71ms 13ms	Stylesheet text/css	2606:4700:3038::681f:db9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://b7ax3cyzhq.com/public/external/css_front.css Requested by Host: cpabuild.com URL: https://cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::681f:db9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Mon, 17 Feb 2020 00:16:01 GMT content-encoding br cf-cache-status HIT last-modified Tue, 04 Dec 2018 23:26:57 GMT server cloudflare age 1305 etag W/"19c4-57c3a9a09a779" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 566391fa1a8a1776-FRA
GET H2	200	css.css b7ax3cyzhq.com/public/clockers/Blank/	700 B 313 B	10ms 10ms	Stylesheet text/css	2606:4700:3038::681f:db9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://b7ax3cyzhq.com/public/clockers/Blank/css.css Requested by Host: cpabuild.com URL: https://cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::681f:db9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0b1e91559bf23d2dce422563b7f51f45fd5ce9e09ed759d384a5077474c3962d` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Mon, 17 Feb 2020 00:16:01 GMT content-encoding br cf-cache-status HIT last-modified Tue, 04 Dec 2018 23:26:58 GMT server cloudflare age 4357 etag W/"2bc-57c3a9a17e011" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 566391fc4d9d1776-FRA
GET H2	200	check.php Show response b7ax3cyzhq.com/public/external/	0 177 B	328ms 328ms	Script application/javascript	2606:4700:3038::681f:db9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://b7ax3cyzhq.com/public/external/check.php?time=1581898563966&it=116950 Requested by Host: cpabuild.com URL: https://cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::681f:db9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.32 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.steam.sigmaexpense.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 17 Feb 2020 00:16:04 GMT cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/5.6.32 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript status 200 cf-ray 56639208c8c21776-FRA content-length 0

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS function| randomString boolean| lck object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker number| r number| g number| b

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b7ax3cyzhq.com
cpabuild.com
www.steam.sigmaexpense.com
2606:4700:20::681a:daf
2606:4700:3038::681f:db9
2a04:2180:0:3:3::32
0b1e91559bf23d2dce422563b7f51f45fd5ce9e09ed759d384a5077474c3962d
12947f6d171cae51535ba488c72f794943462b2be86ec56ab46afa6428685567
225743b767ad2fd0481245e66c88d0920a1a8ec85c1d992b405baf6325bd3f09
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
298c150093e530d8b35c23d6144fe141f7ee76252f05af8aeb464c23b11d40d9
311ee295b16854555738e3d9c8b57a59d987e2c8112cf30a7719b036feab0dae
32dcdf3adfc91f50e40f6358e26ee9d91790d1d6f5af34e232272cb4ed329ab6
383e4a48758b596f15a6861b9b72445ec18cf0b1230babf62c7ccbeb86375e0f
60426114bc67ea17e453aca1f3ec70fc80b67055baa6eef36453758c2dc5cc7b
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8ad36b60b76e993767b83af132bc69a67a0265e4c029b7413cf8b1a351012b94
9d4c833944221711235492f294ad4bcf549afe25497d6d2c1616dd89386bafa9
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
c61a8d40a021beac6a39810dde51611379ce4d469df520fb4d822e62b6e564cc
cf47b66b0555507dc302ca32250b7e26a5a352f51ba8cb44528f9928c66115a4
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
d6ad4dde206ac6c304a01f17aae0a1a5a998d285b1be7b596e03f2c187c9a09b
e1283e4ec130e45b2775b89ae683abe7f75dfc0c61f1cd012d6b3c9109d5419e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9b0e01b87fdf46242235f5a6e03853e949b67776d2cc8a65b42aba9e052782
f62345d6bca9c7646c3ed403e6fcb7df9a9809117fcff07d6f71a6b7896c55ae
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
fdf2a9d4ed9b615bc1a2baa714b9d05e96520519ff3b117841b8f990ee923e4f