staking.step.app Open in urlscan Pro
2606:4700:20::681a:107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://staking.step.app/
Submission: On April 27 via api (April 27th 2024, 3:20:50 pm UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 2606:4700:20::681a:107, located in United States and belongs to CLOUDFLARENET, US. The main domain is staking.step.app.
TLS certificate: Issued by GTS CA 1P5 on April 14th 2024. Valid for: 3 months.

This is the only time staking.step.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 9	2606:4700:20:... 2606:4700:20::681a:107		13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2

9 2606:4700:20::681a:107 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

staking.step.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	step.app 1 redirects staking.step.app	1 MB
0	googletagmanager.com Failed www.googletagmanager.com Failed
9	2

	Domain	Requested by
9	staking.step.app	1 redirects staking.step.app
0	www.googletagmanager.com Failed	staking.step.app
9	2

This site contains links to these domains. Also see Links.

Domain
step.app

Subject Issuer	Validity	Valid
step.app GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://staking.step.app/
Frame ID: FD5BC0F96BA625109CDC2AA4DD13F8E4
Requests: 7 HTTP requests in this frame

Frame: https://staking.step.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: CFD82EC51CF45A9E41D5714E2D25B2DA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Step App | Staking

Page Statistics

9
Requests

78 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1068 kB
Transfer

4112 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://step.app/
Title: BACK TO LANDING

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://staking.step.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://staking.step.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
staking.step.app/ 4 KB
3 KB 232ms
117ms Document
text/html 2606:4700:20::681a:107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staking.step.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac863a7de08e12bf6a8d3ca34e9ea2bbce1861b2e207a1cfc715d19672d590a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET HEAD OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
cache-control: max-age=60, stale-while-revalidate=3600
cdn-cache: REVALIDATED
cdn-cachedat: 04/26/2024 08:28:39
cdn-edgestorageid: 1081
cdn-proxyver: 1.04
cdn-pullzone: 777467
cdn-requestcountrycode: DE
cdn-requestid: e99634137cef70b1011e0ba67e8ba230
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d
cf-cache-status: DYNAMIC
cf-ray: 87afcc694cbf366f-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sat, 27 Apr 2024 15:20:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uV5sr4PhqAS1RrL04zo7DhBnb3cmgLTStx6APcyVAh%2FDC0au2%2B7fHYhseUfmVutMrKcgBWX5BD5pRsW8LEmy%2FtAmwOcUzGLK2iba5G44YvOklaL6fCNV3%2BduOfVyl56E5yCeB83g4VeZ1AiO224%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache-status: MISS
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeifhk6t4wmo6cyppxxdnmcf2xsyl2kj7dhiwhy3mtgmn5o2hnzuk64/
x-ipfs-roots: bafybeifhk6t4wmo6cyppxxdnmcf2xsyl2kj7dhiwhy3mtgmn5o2hnzuk64
x-request-id: 36b901dbb2f47b21f880cce057663eca
x-xss-protection: 0

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H2 200 main.00cda9d4.chunk.css
staking.step.app/static/css/ 25 KB
6 KB 116ms
115ms Stylesheet
text/css 2606:4700:20::681a:107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staking.step.app/static/css/main.00cda9d4.chunk.css

Requested by

Host: staking.step.app
URL: https://staking.step.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

833e736d6db6bad35bd8418f65bc4bc20d91b2ef85d92f7f4dbf6c11944449c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://staking.step.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
cdn-pullzone: 777467
referrer-policy: strict-origin-when-cross-origin
cdn-proxyver: 1.04
x-ipfs-roots: bafybeidhsfhdkxzbog3o6q4b25fofy32rbsydnmpcgizx4zckbkodbu4mi,QmbYxRyXFt1FModmMYdwidK8PRuY35nxQaiFFpXcwjPy77,Qmcuev8b3bENTqf6HzeYPKwHqU9GqaAagSxdQfTZWZSo7C,QmQR3iJoNRQKQf6LmC7h1upF34ruwF43cLeqcY6GQ3vbxb
etag: W/"QmQR3iJoNRQKQf6LmC7h1upF34ruwF43cLeqcY6GQ3vbxb"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: REVALIDATED
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=14400, stale-while-revalidate=3600
x-ipfs-path: /ipfs/bafybeidhsfhdkxzbog3o6q4b25fofy32rbsydnmpcgizx4zckbkodbu4mi/static/css/main.00cda9d4.chunk.css
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date: Sat, 27 Apr 2024 15:20:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1080
x-cache-status: HIT
cdn-cachedat: 03/25/2024 12:23:34
x-xss-protection: 0
x-request-id: 6eb3b7463e1d670b924d8a009d96aa3d
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cryBPikXWvjAKnsS9qQB9bPBW1rfL6qjqcFSrd5F%2F%2FI1fbfPoocu3uNcoedswhe4ufNFvuavLgfzDr5za37EccMuboYc%2B%2Bc5LZ9PgxVQZYI3aBrLw6TaUMDBwgRQ9ggEoP6FJKaTfZKJ5bn%2BEj0%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid: 566da9158c6bf8758feafdb87c6ee76d
cf-ray: 87afcc6a1de2366f-FRA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2.e110308a.chunk.js Show response
staking.step.app/static/js/ 4 MB
1016 KB 120ms
120ms Script
text/javascript 2606:4700:20::681a:107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staking.step.app/static/js/2.e110308a.chunk.js

Requested by

Host: staking.step.app
URL: https://staking.step.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

814e6d48f629d3b186785069c1b151f3cdf03c02d26b172bf7a5d145e8c83603

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://staking.step.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
cdn-pullzone: 777467
referrer-policy: strict-origin-when-cross-origin
cdn-proxyver: 1.04
x-ipfs-roots: bafybeidhsfhdkxzbog3o6q4b25fofy32rbsydnmpcgizx4zckbkodbu4mi,QmbYxRyXFt1FModmMYdwidK8PRuY35nxQaiFFpXcwjPy77,QmZYKaYV8zP4WhvSJfDk63WEC1HaFbipeCNWFXFx7z2w78,QmWYvkqHsnAMi2XXuvQj3BYdahFUUcv2qJVmeSJZE453xg
etag: W/"QmWYvkqHsnAMi2XXuvQj3BYdahFUUcv2qJVmeSJZE453xg"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: REVALIDATED
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: max-age=14400, stale-while-revalidate=3600
x-ipfs-path: /ipfs/bafybeidhsfhdkxzbog3o6q4b25fofy32rbsydnmpcgizx4zckbkodbu4mi/static/js/2.e110308a.chunk.js
cdn-requestcountrycode: DE
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
date: Sat, 27 Apr 2024 15:20:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1082
x-cache-status: MISS
cdn-cachedat: 03/25/2024 12:23:34
x-xss-protection: 0
x-request-id: 564131bd7165b0e0e657cf10bd01df37
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35bg0P6ADUaa%2BUZawlB3E8O%2B%2Bxc%2B4K1sEhp%2BB5U5DpNYCSA3xyJCU3%2BrgLhZJ3a65okiMr5ZutEUTylRT74HYEejRh8%2B5kEp9c3rAP4kGIQlqRKKkQwLvBFfoX%2FRuJC1qwcsUpo4apOjX612K0s%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid: b56225d89062b71dff7cd4981de96d17
cf-ray: 87afcc6a1de5366f-FRA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.d154962b.chunk.js Show response
staking.step.app/static/js/ 105 KB
22 KB 111ms
111ms Script
text/javascript 2606:4700:20::681a:107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staking.step.app/static/js/main.d154962b.chunk.js

Requested by

Host: staking.step.app
URL: https://staking.step.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4300422ec8df88cbe15ce347e3746a53aed9d6cad5ebd4bd50a30944ea50c096

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://staking.step.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
cdn-pullzone: 777467
referrer-policy: strict-origin-when-cross-origin
cdn-proxyver: 1.04
x-ipfs-roots: bafybeifhk6t4wmo6cyppxxdnmcf2xsyl2kj7dhiwhy3mtgmn5o2hnzuk64,QmQZnEfMMyJ4xxLjNyfoFf97SzSgaDCPJGkSW1xPTAgdZy,QmNRRPNHsHFKLLNtWG3JPgVsU7KH9ug8xcaegWwab9vNBN,QmQTUv4oQ1TAwZihQBk6mjuW1i6reMx9SpwS6MUS61C7oT
etag: W/"QmQTUv4oQ1TAwZihQBk6mjuW1i6reMx9SpwS6MUS61C7oT"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: MISS
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: max-age=14400, stale-while-revalidate=3600
x-ipfs-path: /ipfs/bafybeifhk6t4wmo6cyppxxdnmcf2xsyl2kj7dhiwhy3mtgmn5o2hnzuk64/static/js/main.d154962b.chunk.js
cdn-requestcountrycode: US
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
date: Sat, 27 Apr 2024 15:20:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1082
x-cache-status: HIT
cdn-cachedat: 04/23/2024 00:19:53
x-xss-protection: 0
x-request-id: 667ba9f5d42a6a9582424d60638c5d2b
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPOnz5irBbEEoJx%2FW75nsv4D6BxQb0EhxxbkIS9vE%2B79LQktqqTIajtw%2BAXvBl%2BRFI%2BjKSF%2B695DvrfIinSrO%2FLQtnVhl%2B677llT9C%2B2M6VNxwQ8n1HBjAc%2F4HQA119em%2FzEThAKg6OqvGmW98U%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid: 602ce81d999af311b6eedfce22ad27d9
cf-ray: 87afcc6a1de8366f-FRA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo.svg
staking.step.app/img/ 10 KB
5 KB 94ms
94ms Image
image/svg+xml 2606:4700:20::681a:107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staking.step.app/img/logo.svg

Requested by

Host: staking.step.app
URL: https://staking.step.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99aedc79d189a38480d604240099d7d028360b5925a3846fa4cb1f44a05ab081

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://staking.step.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
cdn-pullzone: 777467
referrer-policy: strict-origin-when-cross-origin
cdn-proxyver: 1.04
x-ipfs-roots: bafybeicbluuriiqyperkmz34bzj6skjftnnql3lrakntp6dg643fawyuxa,QmdsnFepsuqaiadBnovw2BZ62rNcZouiqGwPvooMjfQcea,QmXctjWswDM87DWnAAXKu6nZQSZ2qoKfiwqegSUx2fyx9Q
etag: W/"QmXctjWswDM87DWnAAXKu6nZQSZ2qoKfiwqegSUx2fyx9Q"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: REVALIDATED
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: max-age=14400, stale-while-revalidate=3600
x-ipfs-path: /ipfs/bafybeicbluuriiqyperkmz34bzj6skjftnnql3lrakntp6dg643fawyuxa/img/logo.svg
cdn-requestcountrycode: DE
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
date: Sat, 27 Apr 2024 15:20:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1081
x-cache-status: MISS
cdn-cachedat: 04/08/2024 17:01:54
x-xss-protection: 0
x-request-id: 8fd40b4cf535ee69ce6e7e2cb89b2b2c
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dr5ZuaiCkSPGOtTzTCHccKSTrogwk7ZHpguQ1ZvhP9b8pp8ELlZMWb4MA8nUjVSQbpB0KvzY6fCxKdXCVjQbeVFjuCfx8246w8Dr3azZlaVvjGkLANgWzKpZVVhMjFY7DuaS9QB%2FM4ZxuvNueqc%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid: 43c8659c9cdd115198fd612108131de0
cf-ray: 87afcc6ce99b366f-FRA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

main.js Show response
staking.step.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame CFD8
Redirect Chain

https://staking.step.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://staking.step.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

8 KB
4 KB

49ms
49ms

Script
application/javascript

2606:4700:20::681a:107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staking.step.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

Requested by

Host: staking.step.app
URL: https://staking.step.app/

Protocol

Server

2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44689bcba7e193a45990b2124d72de6558a99ced82863c920e1e331d0aebbabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Apr 2024 15:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nICytt8%2BFPhWVXyEmU46AIGbraC28wZKaD6JupsXs%2F08zHn1FwqjkCHiGYl8Rre0LAv0mzT7DL1hc%2BeM1mBu8675skjqycIiDg4j%2FNWqWauRXjW3GDRCkRBPHyW5QYGOZs%2BBFH%2BD0ojFsmeyOPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 87afcc6d5a2b366f-FRA

Redirect headers

date: Sat, 27 Apr 2024 15:20:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtHAfns1uDP%2FeeAtl9kYlPjMDyyOataeEPJrG2MIwCp%2Biqy9B1hs2gcinFC35dWlOd%2B3RbSG1ep8KjBBl%2BNGM%2BDSEddlIrrxVI%2FabNCdEFVWKjEVcmzO%2FmO9QTg3imEozCo0xa3rsfSlp2VOF70%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
cf-ray: 87afcc6d09c5366f-FRA
content-length: 0

GET
H2 200 logo128x128.png
staking.step.app/img/ 11 KB
12 KB 86ms
86ms Other
image/png 2606:4700:20::681a:107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staking.step.app/img/logo128x128.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b89f71ebd43337077c0e123fb6de3fad5b6a5dafc74c9ed25b5e91b2eeca734

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://staking.step.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
cdn-pullzone: 777467
referrer-policy: strict-origin-when-cross-origin
cdn-proxyver: 1.04
x-ipfs-roots: bafybeidhsfhdkxzbog3o6q4b25fofy32rbsydnmpcgizx4zckbkodbu4mi,QmRnKuzRDStLoGHwk8NDEVJf4nFYK67zseRY2XCa3Z4Ntc,QmYVW5CRqTs2TiNsHQ8phJoSuvJJDrRUAd3DRmiSAG6ReE
etag: "QmYVW5CRqTs2TiNsHQ8phJoSuvJJDrRUAd3DRmiSAG6ReE"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: max-age=14400, stale-while-revalidate=3600
x-ipfs-path: /ipfs/bafybeidhsfhdkxzbog3o6q4b25fofy32rbsydnmpcgizx4zckbkodbu4mi/img/logo128x128.png
cdn-requestcountrycode: DE
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
date: Sat, 27 Apr 2024 15:20:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1081
x-cache-status: MISS
cdn-cachedat: 03/25/2024 12:23:35
content-length: 11430
x-xss-protection: 0
x-request-id: a9df872832d47dfa23080b2cfaac3f21
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iy0sJSGRu9NF7Qi1EOFwr2ckBY6DskX87FDhXLs8hVXFBFvxCedTYV7DIt0PMLNKUeTO4UJZWFJsXme91ywxip6KFgp%2B7uoRMUkBUcmK4hg%2Be5usUvcuZBXT%2Bh86Y9DO07Q2ohTVZl4jh79VqjU%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid: f74ed92bca0a56d4ea0dd753a0349e7b
accept-ranges: bytes
cf-ray: 87afcc6d8a77366f-FRA
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 87afcc694cbf366f Show response
staking.step.app/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CFD8 0
485 B 108ms
108ms XHR
text/plain 2606:4700:20::681a:107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://staking.step.app/cdn-cgi/challenge-platform/h/b/jsd/r/87afcc694cbf366f
Requested by: Host: staking.step.app
URL: https://staking.step.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 27 Apr 2024 15:20:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87afcc6deb0b366f-FRA
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8oSyQzyU0Zz%2BL6cRUhp6s814A%2B%2Fy%2BoCmQA09yuKS2O1Urur%2BPn8mqJC17r%2BCZsoZA1Hy1ulQdAooJNh9MAP03oTGTTYJ6ecR5dgFURym8w4pZhpVuoScZwRfIAP1OH1208%2B47ocUULkbcU95DUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6G4XR2L3J8

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.step.app/	1970-01-21 04:56:07	Name: cf_clearance Value: p0GDOecrXHCB6._2UdNrrmvYK5.BPfvq.E2jAIEWjTY-1714231247-1.0.1.1-uKK3MLhEdY5spIkI8EVVvylNIv5PjUtefripUMXpKJxqd3NlX6QozeV879DuvM2Amy7Cy0TN8vEFiehZ0DUkSg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

staking.step.app
www.googletagmanager.com
www.googletagmanager.com
2606:4700:20::681a:107
3b89f71ebd43337077c0e123fb6de3fad5b6a5dafc74c9ed25b5e91b2eeca734
4300422ec8df88cbe15ce347e3746a53aed9d6cad5ebd4bd50a30944ea50c096
44689bcba7e193a45990b2124d72de6558a99ced82863c920e1e331d0aebbabb
814e6d48f629d3b186785069c1b151f3cdf03c02d26b172bf7a5d145e8c83603
833e736d6db6bad35bd8418f65bc4bc20d91b2ef85d92f7f4dbf6c11944449c3
99aedc79d189a38480d604240099d7d028360b5925a3846fa4cb1f44a05ab081
ac863a7de08e12bf6a8d3ca34e9ea2bbce1861b2e207a1cfc715d19672d590a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

staking.step.app Open in urlscan Pro 2606:4700:20::681a:107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

78 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1068 kBTransfer

4112 kBSize

1 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

staking.step.app Open in urlscan Pro
2606:4700:20::681a:107 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1068 kB
Transfer

4112 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions