www.wwwwwsjsteam.sin-city.io Open in urlscan Pro
190.115.30.131  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.wwwwwsjsteam.sin-city.io/	3 KB 2 KB	586ms 200ms	Document text/html	190.115.30.131 IQWEB
General Check archive.org Show headers Download Go to Full URL https://www.wwwwwsjsteam.sin-city.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.30.131 , Belize, ASN59692 (IQWEB, AE), Reverse DNS cryptomining.energy Software ddos-guard / Resource Hash 851f456fe2048f44c2997b715d6f4162aabb87cef7ddb8107ce184a6e7bba1ec Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * content-encoding br content-security-policy upgrade-insecure-requests; content-type text/html date Sun, 07 Jul 2024 05:13:50 GMT last-modified Tue, 16 Nov 2021 14:32:28 GMT server ddos-guard vary Accept-Encoding
GET H2	200	2.dfa6656c.chunk.css www.wwwwwsjsteam.sin-city.io/static/css/	11 KB 2 KB	183ms 183ms	Stylesheet text/css	190.115.30.131 IQWEB
General Check archive.org Show headers Download Go to Full URL https://www.wwwwwsjsteam.sin-city.io/static/css/2.dfa6656c.chunk.css Requested by Host: www.wwwwwsjsteam.sin-city.io URL: https://www.wwwwwsjsteam.sin-city.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.30.131 , Belize, ASN59692 (IQWEB, AE), Reverse DNS cryptomining.energy Software ddos-guard / Resource Hash ac8ebbd847faed4673640c5edfa948b4e2f293a539b899bcd5b7671631082d65 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.wwwwwsjsteam.sin-city.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 07 Jul 2024 05:13:51 GMT content-encoding br last-modified Tue, 16 Nov 2021 14:32:34 GMT server ddos-guard age 1 vary Accept-Encoding content-type text/css access-control-allow-origin * ddg-cache-status MISS accept-ranges bytes
GET H2	200	main.5ae5ec11.chunk.css www.wwwwwsjsteam.sin-city.io/static/css/	692 B 472 B	57ms 57ms	Stylesheet text/css	190.115.30.131 IQWEB
General Check archive.org Show headers Download Go to Full URL https://www.wwwwwsjsteam.sin-city.io/static/css/main.5ae5ec11.chunk.css Requested by Host: www.wwwwwsjsteam.sin-city.io URL: https://www.wwwwwsjsteam.sin-city.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.30.131 , Belize, ASN59692 (IQWEB, AE), Reverse DNS cryptomining.energy Software ddos-guard / Resource Hash 8f773332e4a4ee077be38df42cfddc6664326dfa6dc56f6f02397a608c72dfa4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.wwwwwsjsteam.sin-city.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 07 Jul 2024 05:13:50 GMT content-encoding br last-modified Wed, 17 Aug 2022 06:51:53 GMT server ddos-guard age 0 vary Accept-Encoding content-type text/css access-control-allow-origin * ddg-cache-status MISS accept-ranges bytes
GET H2	200	2.bc004b4b.chunk.js Show response www.wwwwwsjsteam.sin-city.io/static/js/	2 MB 364 KB	185ms 184ms	Script application/javascript	190.115.30.131 IQWEB
General Check archive.org Show headers Download Go to Full URL https://www.wwwwwsjsteam.sin-city.io/static/js/2.bc004b4b.chunk.js Requested by Host: www.wwwwwsjsteam.sin-city.io URL: https://www.wwwwwsjsteam.sin-city.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.30.131 , Belize, ASN59692 (IQWEB, AE), Reverse DNS cryptomining.energy Software ddos-guard / Resource Hash 3e82422ffe9cd453db48c78c52e9d0db24642317c9b06f7ea2bfeadae4eae11a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.wwwwwsjsteam.sin-city.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 07 Jul 2024 05:13:51 GMT content-encoding br last-modified Tue, 16 Nov 2021 14:32:45 GMT server ddos-guard age 1 vary Accept-Encoding content-type application/javascript access-control-allow-origin * ddg-cache-status MISS accept-ranges bytes
GET H2	200	main.847996f1.chunk.js Show response www.wwwwwsjsteam.sin-city.io/static/js/	32 KB 7 KB	181ms 181ms	Script application/javascript	190.115.30.131 IQWEB
General Check archive.org Show headers Download Go to Full URL https://www.wwwwwsjsteam.sin-city.io/static/js/main.847996f1.chunk.js Requested by Host: www.wwwwwsjsteam.sin-city.io URL: https://www.wwwwwsjsteam.sin-city.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.30.131 , Belize, ASN59692 (IQWEB, AE), Reverse DNS cryptomining.energy Software ddos-guard / Resource Hash 8e0477ffb16b1d4b125c4ae2ebace36676005ad0ee6c1ad094ac7afeab1608e2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.wwwwwsjsteam.sin-city.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 07 Jul 2024 05:13:51 GMT content-encoding br last-modified Tue, 16 Nov 2021 14:32:40 GMT server ddos-guard age 1 vary Accept-Encoding content-type application/javascript access-control-allow-origin * ddg-cache-status MISS accept-ranges bytes
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	43ms 16ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;700&display=swap Requested by Host: www.wwwwwsjsteam.sin-city.io URL: https://www.wwwwwsjsteam.sin-city.io/static/css/main.5ae5ec11.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 098792ec37af414b654138aced42c1da67175122e5a9f734fe505d804556b656 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.wwwwwsjsteam.sin-city.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 07 Jul 2024 05:13:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 07 Jul 2024 05:13:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 07 Jul 2024 05:13:50 GMT
GET H2	200	Logo.500cb8b2.png www.wwwwwsjsteam.sin-city.io/static/media/	39 KB 40 KB	63ms 62ms	Image image/png	190.115.30.131 IQWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.wwwwwsjsteam.sin-city.io/static/media/Logo.500cb8b2.png Requested by Host: www.wwwwwsjsteam.sin-city.io URL: https://www.wwwwwsjsteam.sin-city.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.30.131 , Belize, ASN59692 (IQWEB, AE), Reverse DNS cryptomining.energy Software ddos-guard / Resource Hash 9597195fe475411155aeed63df21da5bcc5137da9ea7b1f1f0dcee48d0ffb4b3 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.wwwwwsjsteam.sin-city.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 07 Jul 2024 05:13:51 GMT last-modified Wed, 14 Sep 2022 08:29:22 GMT server ddos-guard age 0 content-type image/png access-control-allow-origin * ddg-cache-status MISS accept-ranges bytes content-length 40384
GET H2	200	metamask.5dad4192.png www.wwwwwsjsteam.sin-city.io/static/media/	26 KB 26 KB	186ms 186ms	Image image/png	190.115.30.131 IQWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.wwwwwsjsteam.sin-city.io/static/media/metamask.5dad4192.png Requested by Host: www.wwwwwsjsteam.sin-city.io URL: https://www.wwwwwsjsteam.sin-city.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.30.131 , Belize, ASN59692 (IQWEB, AE), Reverse DNS cryptomining.energy Software ddos-guard / Resource Hash c045c0bee7a298713d6a550e9086a7c8ced3f04b5b83626a03be8a002344f2ef Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.wwwwwsjsteam.sin-city.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 07 Jul 2024 05:13:51 GMT last-modified Wed, 14 Sep 2022 08:29:21 GMT server ddos-guard age 0 content-type image/png access-control-allow-origin * ddg-cache-status MISS accept-ranges bytes content-length 26132
GET H2	200	XRXV3I6Li01BKofINeaB.woff2 fonts.gstatic.com/s/nunito/v26/	38 KB 39 KB	48ms 7ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://www.wwwwwsjsteam.sin-city.io Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 14:46:11 GMT x-content-type-options nosniff age 397660 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39124 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:02:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Jul 2025 14:46:11 GMT
GET H2	200	favicon.ico www.wwwwwsjsteam.sin-city.io/	4 KB 3 KB	187ms 187ms	Other image/x-icon	190.115.30.131 IQWEB
General Check archive.org Show headers Download Go to Full URL https://www.wwwwwsjsteam.sin-city.io/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.30.131 , Belize, ASN59692 (IQWEB, AE), Reverse DNS cryptomining.energy Software ddos-guard / Resource Hash 3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.wwwwwsjsteam.sin-city.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests; date Sun, 07 Jul 2024 05:13:51 GMT content-encoding gzip last-modified Tue, 16 Nov 2021 14:32:27 GMT server ddos-guard age 0 vary Accept-Encoding content-type image/x-icon access-control-allow-origin * ddg-cache-status MISS accept-ranges bytes

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| webpackJsonpmy-app object| regeneratorRuntime function| setImmediate function| clearImmediate number| 2f1acc6c3a606b082e5eef5e54414ffb

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sin-city.io/	1970-01-21 06:37:45	Name: __ddg1_ Value: 1f1WqOn4qimuSV5YqX2z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.wwwwwsjsteam.sin-city.io
190.115.30.131
2a00:1450:4001:811::200a
2a00:1450:4001:829::2003
098792ec37af414b654138aced42c1da67175122e5a9f734fe505d804556b656
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
3e82422ffe9cd453db48c78c52e9d0db24642317c9b06f7ea2bfeadae4eae11a
851f456fe2048f44c2997b715d6f4162aabb87cef7ddb8107ce184a6e7bba1ec
8e0477ffb16b1d4b125c4ae2ebace36676005ad0ee6c1ad094ac7afeab1608e2
8f773332e4a4ee077be38df42cfddc6664326dfa6dc56f6f02397a608c72dfa4
9597195fe475411155aeed63df21da5bcc5137da9ea7b1f1f0dcee48d0ffb4b3
ac8ebbd847faed4673640c5edfa948b4e2f293a539b899bcd5b7671631082d65
c045c0bee7a298713d6a550e9086a7c8ced3f04b5b83626a03be8a002344f2ef