unisvvap.store
Open in
urlscan Pro
2a00:f940:2:2:1:4:0:112
Malicious Activity!
Public Scan
Effective URL: https://unisvvap.store/
Submission: On December 17 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on December 14th 2021. Valid for: a year.
This is the only time unisvvap.store was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Uniswap (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 185.179.190.34 185.179.190.34 | 44094 (WEBHOST1-AS) (WEBHOST1-AS) | |
7 | 2a00:f940:2:2... 2a00:f940:2:2:1:4:0:112 | 197695 (AS-REG) (AS-REG) | |
1 | 91.215.155.5 91.215.155.5 | 59729 (ITL-BG) (ITL-BG) | |
8 | 3 |
ASN44094 (WEBHOST1-AS, RU)
PTR: static.34.190.179.185.ip.webhost1.net
unlswap.store |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
unisvvap.store
unisvvap.store |
361 KB |
1 |
mrproper.tk
mrproper.tk |
2 KB |
1 |
unlswap.store
1 redirects
unlswap.store |
794 B |
8 | 3 |
Domain | Requested by | |
---|---|---|
7 | unisvvap.store |
unisvvap.store
|
1 | mrproper.tk |
unisvvap.store
|
1 | unlswap.store | 1 redirects |
8 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
uniswap-fath.tech |
info.uniswap.org |
etherscan.io |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.unisvvap.store GlobalSign GCC R3 DV TLS CA 2020 |
2021-12-14 - 2023-01-15 |
a year | crt.sh |
mrproper.tk R3 |
2021-10-22 - 2022-01-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://unisvvap.store/
Frame ID: A7C7046FADED298FB3FE280E89146688
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Uniswap InterfacelogoPage URL History Show full URLs
-
https://unlswap.store/exchange
HTTP 302
https://unisvvap.store/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: logo
Search URL Search Domain Scan URL
Title: Swap
Search URL Search Domain Scan URL
Title: Pool
Search URL Search Domain Scan URL
Title: Vote
Search URL Search Domain Scan URL
Title: Charts↗
Search URL Search Domain Scan URL
Title: 13434506 
Search URL Search Domain Scan URL
Title: Learn how to connect
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://unlswap.store/exchange
HTTP 302
https://unisvvap.store/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
unisvvap.store/ Redirect Chain
|
94 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JHZ1XJ
unisvvap.store/ |
3 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JHZ1XJ_1
unisvvap.store/ |
3 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
35.83e03661.chunk.css
unisvvap.store/css/ |
5 KB 964 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e77dabfada86ed1c3b850a800b435e9fd1a6a8c4.png
unisvvap.store/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
unisvvap.store/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JHZ1XJ
mrproper.tk/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-roman.var.woff2
unisvvap.store/fonts/ |
292 KB 292 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Uniswap (Crypto Exchange)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _Jptdx5r9Fv7fxTH6 object| _C1F74PZ3yMJNv8YF object| _TDC94YTYGhCHYLbr function| $ function| jQuery function| vib object| _4DcbkCbkRj76hWdt2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
unlswap.store/ | Name: _subid Value: 2tsngjk2j1 |
|
unlswap.store/ | Name: 5bf00 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM3XCI6MTYzOTczMTY2Nn0sXCJjYW1wYWlnbnNcIjp7XCIxOFwiOjE2Mzk3MzE2NjZ9LFwidGltZVwiOjE2Mzk3MzE2NjZ9In0.PO0c-aPy5Sf2kckG9Z2DC3v18xdZC-7Ubc4aflfJChc |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mrproper.tk
unisvvap.store
unlswap.store
185.179.190.34
2a00:f940:2:2:1:4:0:112
91.215.155.5
05029490712ad5a909a96ceb8d97791a148ed63c86f7dba26903853733dd1917
09612ab78535d8b10659b3b0a3874d1cb4091ea8788d45c434bae15f372c0efa
2f352ed76a13d59f8903e515b69373a4d4a6338e73cb3063cec94712d9822f5d
3cc4d2019d09cfeb52c4ce96c88c026320f80076ec3c471ba0778004ec981342
9f129631d730392a770e6506c5877b480bde05b5bcfa8d9a4721b780285b2e7c
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
c0bbe7d74f2ae4cbb4d5d9248c738118e43cae0aa32561c7a0755b5727a0e614
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
dfff2110fcc584be300e2e9f7c4c039fbdeba1b9b3aaa3428c2fb8fbf4f249b0