www.sigmaclient.site Open in urlscan Pro
2606:4700:3032::6815:3eee Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sigmaclient.site/
Effective URL:
https://www.sigmaclient.site/
Submission Tags: suspect
Submission: On November 08 via api (November 8th 2024, 7:35:56 pm UTC) from BR — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3032::6815:3eee, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sigmaclient.site.
TLS certificate: Issued by WE1 on November 8th 2024. Valid for: 3 months.

This is the only time www.sigmaclient.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 5	2606:4700:303... 2606:4700:3032::6815:3eee		13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

5 2606:4700:3032::6815:3eee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sigmaclient.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sigmaclient.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	sigmaclient.site 1 redirects sigmaclient.site www.sigmaclient.site	11 MB
8	1

	Domain	Requested by
4	www.sigmaclient.site	www.sigmaclient.site
1	sigmaclient.site	1 redirects
8	2

This site contains no links.

Subject Issuer	Validity	Valid
sigmaclient.site WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.sigmaclient.site/
Frame ID: 02C5228C86885432DD7413EB486873AE
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sigma Client

Page URL History Show full URLs

http://sigmaclient.site/ HTTP 307
https://sigmaclient.site/ HTTP 302
https://www.sigmaclient.site/ Page URL

Page Statistics

8
Requests

50 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

11242 kB
Transfer

23067 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sigmaclient.site/ HTTP 307
https://sigmaclient.site/ HTTP 302
https://www.sigmaclient.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.sigmaclient.site/ Redirect Chain http://sigmaclient.site/ https://sigmaclient.site/ https://www.sigmaclient.site/	449 KB 339 KB	336ms 221ms	Document text/html	2606:4700:3032::6815:3eee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sigmaclient.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3eee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `77637bd17571501e028b7c20fb646d43964d8564af449e8e25f2fbc7d1a399fd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Response headers access-control-allow-origin * age 0 alt-svc h3=":443"; ma=86400 cache-control max-age=600 cf-cache-status DYNAMIC cf-ray 8df801ff2afed2d3-FRA content-encoding zstd content-type text/html; charset=utf-8 date Fri, 08 Nov 2024 19:35:43 GMT expires Fri, 08 Nov 2024 19:45:43 GMT last-modified Fri, 08 Nov 2024 10:45:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBeQk7ZukQ9WNQ3VR2mjDjv9K3223gMx92wpuHYTDpRP6vP9edO3YKZjzxcnTWduBnJRVIBgsssqPyHKFbV1FKQVoRRbotfF8B8C6Upg%2BWSrYah6WimSLyw6SjGPXSjAVqvarcrZ0gD6BuNltSs1LQTRuQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=16828&sent=9&recv=14&lost=0&retrans=0&sent_bytes=4031&recv_bytes=2315&delivery_rate=492581&cwnd=254&unsent_bytes=0&cid=72974c58f884f35b&ts=286&x=0" vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-fastly-request-id e3aeada9af64cd90c9979a1e2ce4d5493fd8302d x-github-request-id 9DA8:394E4D:3448B5E:35A2606:672E680E x-proxy-cache MISS x-served-by cache-fra-eddf8230050-FRA x-timer S1731094543.244053,VS0,VE140 Redirect headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8df801fdef82d26d-FRA content-length 143 content-type text/html date Fri, 08 Nov 2024 19:35:43 GMT expires Thu, 01 Jan 1970 00:00:01 GMT location https://www.sigmaclient.site/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umzNqmnBViDYuJK%2F%2BqOK0%2FrMWiGy2J29tVYsddWfIjWYswegeywFHxQGyXd8jaNBLvQF11o9U%2BG5GxMqnZkeOk8lN2I60XQGcSVudd0Hu%2Fj0WKoOgvGdBSO8MY7pYsnyelaI2bJJr5jvZTrDK9B4"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	classes.js Show response www.sigmaclient.site/	13 MB 3 MB	477ms 425ms	Script application/javascript	2606:4700:3032::6815:3eee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sigmaclient.site/classes.js Requested by Host: www.sigmaclient.site URL: https://www.sigmaclient.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3eee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3c97ab4fae9b2aa6ece7a24ba6ddc233d504719f9953cf51268e1fa4ace73fff` Request headers User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Referer https://www.sigmaclient.site/ Response headers x-fastly-request-id f74ca9c2907111c7db99f9d96150c8e07d4904a8 content-encoding gzip cf-cache-status EXPIRED etag W/"672debdc-d5a680" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJmyn1Dsz%2FkpdWOtBoJbgGh8Tl%2FALNEUQgqatv3Vp3zquPyqnXrIHbX8oC8tSFpDBdSWcWWtfh7cCumYmd9JMzKAkX%2BbbUTkw0JFt4Dtqvz%2FVaWTke59tLSibw%2BUP89lUv3OOvuUaCP%2BnERkTw3JhWPryg%3D%3D"}],"group":"cf-nel","max_age":604800} x-github-request-id 5C7C:3754A2:37E215D:393AEEA:672E680E expires Fri, 08 Nov 2024 19:45:43 GMT x-proxy-cache MISS alt-svc h3=":443"; ma=86400 x-cache MISS server-timing cfL4;desc="?proto=TCP&rtt=8970&sent=326&recv=213&lost=0&retrans=47&sent_bytes=414377&recv_bytes=2427&delivery_rate=1796275&cwnd=62&unsent_bytes=0&cid=72974c58f884f35b&ts=946&x=0" date Fri, 08 Nov 2024 19:35:44 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230074-FRA x-cache-hits 0 last-modified Fri, 08 Nov 2024 10:45:48 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-timer S1731094544.635462,VS0,VE407 via 1.1 varnish cf-ray 8df802019a47d2d3-FRA accept-ranges bytes access-control-allow-origin * content-length 2837613 x-origin-cache HIT server cloudflare
GET BLOB	200 OK	7ec3ffdb-46f0-4c87-a5ad-7ad316132e6a Show response https://www.sigmaclient.site/	4 B 0		XHR text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://www.sigmaclient.site/7ec3ffdb-46f0-4c87-a5ad-7ad316132e6a Requested by Host: www.sigmaclient.site URL: https://www.sigmaclient.site/classes.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `ae92980f4fe253e4f4e8a8c6058830cf2588bd09d5ca05c48b3bca54e6f3e181` Request headers User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Referer Response headers Content-Type Content-Length 4
GET DATA	200 OK	truncated /	1 KB 1 KB		Other application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `785b0751fc2c53dc14a4ce3d800e69ef9ce1009eb327ccf458afe09c242c26c9` Request headers User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Referer Response headers Content-Type application/octet-stream
GET BLOB	200 OK	473576e0-ff03-4865-acfa-f8ce1d1d94d8 https://www.sigmaclient.site/	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:https://www.sigmaclient.site/473576e0-ff03-4865-acfa-f8ce1d1d94d8 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `f60d69005b99eacbafc45c4c7e529c7f12cfdb79c94fd30967d25ba8152bc41f` Request headers User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Referer Response headers Content-Type image/png Content-Length 2069
GET BLOB	200 OK	319448b0-64b6-492c-a8c3-5a758087b1df https://www.sigmaclient.site/	839 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:https://www.sigmaclient.site/319448b0-64b6-492c-a8c3-5a758087b1df Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `0cb01a880df180d54cd1149906bd973ae5025cb0fc30ba074b6cbbfdd7336ab1` Request headers User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Referer Response headers Content-Type image/png Content-Length 839
GET H3	200	assets.epk Show response www.sigmaclient.site/	8 MB 8 MB	305ms 305ms	Fetch application/octet-stream	2606:4700:3032::6815:3eee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sigmaclient.site/assets.epk Requested by Host: www.sigmaclient.site URL: https://www.sigmaclient.site/classes.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3eee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `70874f6de203d998f9a0ab91791aedc7084686cd7d4b83cab3065b6b4a17f241` Request headers User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Referer https://www.sigmaclient.site/ Response headers x-fastly-request-id 6cc51fc84ad17bd8b76cbaab866fa2875d690670 cf-cache-status DYNAMIC etag "672debdc-7ef320" age 0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5LcDeDFNg3fCrbL0dliBkP5BRRyAJIig92B3z9Uk0u2Z4j5iJJIBV%2FU%2FIFY332jvbcGO5VCFdnVb2%2Bw%2FW2SFNEKDfbrJVDiYB0oZjrnnoN0AQU4zFGzQpQPWvXlxf2dZ8DSBlbGXz4yhj%2BQ0S8VekO4eJA%3D%3D"}],"group":"cf-nel","max_age":604800} x-github-request-id 9CE6:29EFA5:232AED0:2406951:672E6813 expires Fri, 08 Nov 2024 19:45:47 GMT x-proxy-cache MISS alt-svc h3=":443"; ma=86400 x-cache MISS server-timing cfL4;desc="?proto=QUIC&rtt=18399&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4346&recv_bytes=4360&delivery_rate=837&cwnd=12000&unsent_bytes=0&cid=75f3bdc884e317c1&ts=4054&x=1", cfHdrFlush;dur=0 date Fri, 08 Nov 2024 19:35:47 GMT content-type application/octet-stream last-modified Fri, 08 Nov 2024 10:45:48 GMT x-served-by cache-fra-eddf8230075-FRA x-cache-hits 0 vary Accept-Encoding cache-control max-age=600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-timer S1731094547.350007,VS0,VE282 via 1.1 varnish cf-ray 8df80218dad2d2df-FRA accept-ranges bytes access-control-allow-origin * content-length 8319776 server cloudflare
GET H3	200	assets.epk www.sigmaclient.site/	816 KB 0	16ms 16ms	Fetch application/octet-stream	2606:4700:3032::6815:3eee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sigmaclient.site/assets.epk Requested by Host: www.sigmaclient.site URL: https://www.sigmaclient.site/classes.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3eee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0 Referer https://www.sigmaclient.site/ Response headers x-fastly-request-id 5ef72977666a1381a845f1e4a70c1ddf679b024f cf-cache-status DYNAMIC etag "672debdc-7ef320" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvHu5KIt0ve5j9hGo6j0%2Bqoh9BYVIOsXhuk6vZ52auprD8xqWOkIY4PBFcV%2BgoQk2Kzd3lshKWrbexmjWwYO18NOKLt2ckb1j4TcHlUMtC55tBdbpSyUvqjK40%2FVbG3q%2BJrU7tDMtXBvelP4X8RoSOJJGA%3D%3D"}],"group":"cf-nel","max_age":604800} x-github-request-id 9CE6:29EFA5:232AED0:2406951:672E6813 expires Fri, 08 Nov 2024 19:45:47 GMT x-proxy-cache MISS alt-svc h3=":443"; ma=86400 x-cache HIT server-timing cfL4;desc="?proto=QUIC&rtt=8850&sent=8609&recv=837&lost=1455&retrans=1456&sent_bytes=10241030&recv_bytes=45596&delivery_rate=4061713&cwnd=152698&unsent_bytes=0&cid=75f3bdc884e317c1&ts=5858&x=1", cfHdrFlush;dur=0 date Fri, 08 Nov 2024 19:35:49 GMT content-type application/octet-stream last-modified Fri, 08 Nov 2024 10:45:48 GMT x-served-by cache-fra-eddf8230075-FRA x-cache-hits 0 vary Accept-Encoding cache-control max-age=600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-timer S1731094549.435525,VS0,VE1 via 1.1 varnish cf-ray 8df80225eb5fd2df-FRA accept-ranges bytes access-control-allow-origin * content-length 8319776 server cloudflare
GET		assets.epk www.sigmaclient.site/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.sigmaclient.site
URL: https://www.sigmaclient.site/assets.epk?eaglerCacheFix=projectForkVersion

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.sigmaclient.site/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B071003C170000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sigmaclient.site
www.sigmaclient.site
www.sigmaclient.site
2606:4700:3032::6815:3eee
0cb01a880df180d54cd1149906bd973ae5025cb0fc30ba074b6cbbfdd7336ab1
3c97ab4fae9b2aa6ece7a24ba6ddc233d504719f9953cf51268e1fa4ace73fff
70874f6de203d998f9a0ab91791aedc7084686cd7d4b83cab3065b6b4a17f241
77637bd17571501e028b7c20fb646d43964d8564af449e8e25f2fbc7d1a399fd
785b0751fc2c53dc14a4ce3d800e69ef9ce1009eb327ccf458afe09c242c26c9
ae92980f4fe253e4f4e8a8c6058830cf2588bd09d5ca05c48b3bca54e6f3e181
f60d69005b99eacbafc45c4c7e529c7f12cfdb79c94fd30967d25ba8152bc41f

www.sigmaclient.site Open in urlscan Pro 2606:4700:3032::6815:3eee Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

50 %HTTPS

100 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

11242 kBTransfer

23067 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www.sigmaclient.site Open in urlscan Pro
2606:4700:3032::6815:3eee Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

50 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

11242 kB
Transfer

23067 kB
Size

0
Cookies

8 HTTP transactions
1 data transactions