app.incaswap.com Open in urlscan Pro
192.99.135.14  Malicious Activity! Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response app.incaswap.com/	4 KB 2 KB	39ms 21ms	Document text/html	192.99.135.14 OVH
General Check archive.org Show headers Download Go to Full URL http://app.incaswap.com/ Protocol HTTP/1.1 Server 192.99.135.14 , Canada, ASN16276 (OVH, FR), Reverse DNS host3942.hospedameusite.net Software / Resource Hash ce240d09e597ff417457b1be6a5ec0de2826bb6942da0b2a630b63e472e76dfd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Connection Keep-Alive Keep-Alive timeout=5, max=100 accept-ranges bytes content-encoding gzip content-length 2035 content-type text/html date Tue, 28 Nov 2023 11:36:24 GMT last-modified Wed, 22 Nov 2023 03:06:44 GMT vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/	3 KB 615 B	110ms 42ms	Stylesheet text/css	172.253.122.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Kanit:wght@400;600&display=swap Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f95.1e100.net Software ESF / Resource Hash 2109ee2b3cfcd3c8f9834655a8863949318813ed4dfa4c9713f11f7b2bff7388 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 11:36:24 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 11:28:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 11:36:24 GMT
GET H2	200	css2 fonts.googleapis.com/	1 KB 853 B	108ms 41ms	Stylesheet text/css	172.253.122.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins&display=swap Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f95.1e100.net Software ESF / Resource Hash e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 11:36:24 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 10:25:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 11:36:24 GMT
GET H/1.1	200 OK	2.5b5b985f.chunk.css app.incaswap.com/static/css/	20 KB 3 KB	20ms 19ms	Stylesheet text/css	192.99.135.14 OVH
General Check archive.org Show headers Download Go to Full URL http://app.incaswap.com/static/css/2.5b5b985f.chunk.css Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol HTTP/1.1 Server 192.99.135.14 , Canada, ASN16276 (OVH, FR), Reverse DNS host3942.hospedameusite.net Software / Resource Hash 2d46295691fe374e98d4da8c5eafb67c4f213f67963ebc185144360bcabd5525 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 11:36:24 GMT content-encoding gzip last-modified Wed, 22 Nov 2023 03:06:44 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 Connection Keep-Alive accept-ranges bytes Keep-Alive timeout=5, max=100 content-length 2976 expires Tue, 05 Dec 2023 11:36:24 GMT
GET H/1.1	200 OK	2.96f2c4df.chunk.js Show response app.incaswap.com/static/js/	2 MB 635 KB	38ms 21ms	Script application/javascript	192.99.135.14 OVH
General Check archive.org Show headers Download Go to Full URL http://app.incaswap.com/static/js/2.96f2c4df.chunk.js Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol HTTP/1.1 Server 192.99.135.14 , Canada, ASN16276 (OVH, FR), Reverse DNS host3942.hospedameusite.net Software / Resource Hash 82f7b631c51e5d808c881067cfa9e546ac1103b389a938be1ace8f630a6d99e6 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 11:36:24 GMT content-encoding gzip last-modified Wed, 22 Nov 2023 03:06:44 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 Connection Keep-Alive accept-ranges bytes Keep-Alive timeout=5, max=100 content-length 650105 expires Tue, 05 Dec 2023 11:36:24 GMT
GET H/1.1	200 OK	main.caf6aaeb.chunk.js Show response app.incaswap.com/static/js/	537 KB 107 KB	39ms 22ms	Script application/javascript	192.99.135.14 OVH
General Check archive.org Show headers Download Go to Full URL http://app.incaswap.com/static/js/main.caf6aaeb.chunk.js Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol HTTP/1.1 Server 192.99.135.14 , Canada, ASN16276 (OVH, FR), Reverse DNS host3942.hospedameusite.net Software / Resource Hash e4568ea719a087a5fa8a149d94823ea7cdbe337c159e8a7afb66bc13bc35b3ee Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 11:36:24 GMT content-encoding gzip last-modified Wed, 22 Nov 2023 03:06:44 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 Connection Keep-Alive accept-ranges bytes Keep-Alive timeout=5, max=100 content-length 108817 expires Tue, 05 Dec 2023 11:36:24 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	209 KB 72 KB	121ms 54ms	Script application/javascript	142.251.16.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TLF66T4 Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f97.1e100.net Software Google Tag Manager / Resource Hash 5e69d66ffaf18c095e5c6f255ecc10664b5fd9f7423e2b8fdce8ad52513d80a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 11:36:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73530 x-xss-protection 0 last-modified Tue, 28 Nov 2023 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 28 Nov 2023 11:36:24 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	101ms 33ms	Font font/woff2	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://app.incaswap.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 04:19:47 GMT x-content-type-options nosniff age 458197 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Nov 2024 04:19:47 GMT
GET DATA	200 OK	truncated /	54 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e4b3f47b5013f141836079914de3a98cb82d85ddeb1ebc4cbe1ced27ca88ab7e Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	eth.png app.incaswap.com/images/tokens/	4 KB 4 KB	19ms 19ms	Image image/png	192.99.135.14 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://app.incaswap.com/images/tokens/eth.png Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol HTTP/1.1 Server 192.99.135.14 , Canada, ASN16276 (OVH, FR), Reverse DNS host3942.hospedameusite.net Software / Resource Hash cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 11:36:24 GMT last-modified Wed, 22 Nov 2023 03:01:42 GMT content-type image/png cache-control public, max-age=604800 Connection Keep-Alive accept-ranges bytes Keep-Alive timeout=5, max=100 content-length 3954 expires Tue, 05 Dec 2023 11:36:24 GMT
GET H/1.1	206 Partial Content	swap.mp3 app.incaswap.com/	23 KB 23 KB	20ms 20ms	Media audio/mpeg	192.99.135.14 OVH
General Check archive.org Show headers Download Go to Full URL http://app.incaswap.com/swap.mp3 Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol HTTP/1.1 Server 192.99.135.14 , Canada, ASN16276 (OVH, FR), Reverse DNS host3942.hospedameusite.net Software / Resource Hash 3206235e5cbbf590ad623878726801ae2341bb40b11d60d8298f2649e121226e Request headers Referer http://app.incaswap.com/ Accept-Encoding identity;q=1, *;q=0 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-23167/23168 date Tue, 28 Nov 2023 11:36:25 GMT last-modified Wed, 22 Nov 2023 03:01:42 GMT Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 23168 content-type audio/mpeg
GET BLOB	200 OK	e08c541d-094b-481f-b42f-db68c2371292 http://app.incaswap.com/	7 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://app.incaswap.com/e08c541d-094b-481f-b42f-db68c2371292 Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash a386986cfae8401068ea1a4d69eb473b2bc6e33bf6314b534f446bf3e35c8a09 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Length 7679 Content-Type
OPTIONS H/1.1	200 OK	/ rpc.patex.io/	0 0	300ms 98ms	Preflight	141.94.197.206 OVH
General Check archive.org Show headers Download Go to Full URL https://rpc.patex.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.94.197.206 , France, ASN16276 (OVH, FR), Reverse DNS ns31546461.ip-141-94-197.eu Software nginx/1.14.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://app.incaswap.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Headers Content-Type Access-Control-Allow-Methods POST Access-Control-Allow-Origin * Access-Control-Max-Age 600 Connection close Content-Encoding gzip Content-Length 23 Date Tue, 28 Nov 2023 11:36:25 GMT Server nginx/1.14.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	/ Show response rpc.patex.io/	43 B 286 B	299ms 100ms	Fetch application/json	141.94.197.206 OVH
General Check archive.org Show headers Download Go to Full URL https://rpc.patex.io/ Requested by Host: app.incaswap.com URL: http://app.incaswap.com/static/js/2.96f2c4df.chunk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.94.197.206 , France, ASN16276 (OVH, FR), Reverse DNS ns31546461.ip-141-94-197.eu Software nginx/1.14.1 / Resource Hash cc58e107c0f1fa386ad970f6ec0932403a366ecb112a179e5ee44e00b881f9e8 Request headers Referer http://app.incaswap.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 content-type application/json Response headers Date Tue, 28 Nov 2023 11:36:25 GMT Content-Encoding gzip Server nginx/1.14.1 Vary Origin Content-Type application/json Access-Control-Allow-Origin * Connection close Content-Length 67
GET H2	200	js Show response www.googletagmanager.com/gtag/	252 KB 86 KB	50ms 49ms	Script application/javascript	142.251.16.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-334KNG3DMQ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLF66T4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f97.1e100.net Software Google Tag Manager / Resource Hash 627a441af6a21e907ff83b5efb4d91bea394b4aab8b4ca55b87ab9031df17bd0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 11:36:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87490 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 28 Nov 2023 11:36:25 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	98ms 32ms	Script text/javascript	142.251.16.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLF66T4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f102.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 28 Nov 2023 10:56:41 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2384 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 28 Nov 2023 12:56:41 GMT
POST H2	204	collect analytics.google.com/g/	0 254 B	93ms 40ms	Ping text/plain	216.239.32.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-334KNG3DMQ&gtm=45je3b81v873867766z8834067533&_p=1701171384598&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1724928876.1701171385&ul=en-us&sr=1600x1200&_s=1&sid=1701171385&sct=1&seg=0&dl=http%3A%2F%2Fapp.incaswap.com%2F&dt=IncaSwap&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=650 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-334KNG3DMQ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 28 Nov 2023 11:36:25 GMT server Golfe2 content-type text/plain access-control-allow-origin http://app.incaswap.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 254 B	107ms 40ms	Ping text/plain	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-334KNG3DMQ&cid=1724928876.1701171385&gtm=45je3b81v873867766z8834067533&aip=1&dma=0&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-334KNG3DMQ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 28 Nov 2023 11:36:25 GMT server Golfe2 content-type text/plain access-control-allow-origin http://app.incaswap.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 408 B	111ms 45ms	Image image/gif	142.251.111.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-334KNG3DMQ&cid=1724928876.1701171385&gtm=45je3b81v873867766z8834067533&aip=1&dma=0&gcd=11l1l1l1l1&z=494563438 Requested by Host: app.incaswap.com URL: http://app.incaswap.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer http://app.incaswap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 28 Nov 2023 11:36:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 209 B	41ms 40ms	XHR text/plain	142.251.16.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1466083658&t=pageview&_s=1&dl=http%3A%2F%2Fapp.incaswap.com%2F&ul=en-us&de=UTF-8&dt=IncaSwap&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=284623186&gjid=445516474&cid=1724928876.1701171385&tid=UA-172345269-4&_gid=1629804950.1701171385&_r=1&_slc=1&gtm=45He3b81n81TLF66T4v834067533&gcd=11l1l1l1l1&dma=0&z=1327868465 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f102.1e100.net Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://app.incaswap.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 28 Nov 2023 11:36:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://app.incaswap.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 148 B	40ms 40ms	XHR text/plain	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-172345269-4&cid=1724928876.1701171385&jid=284623186&gjid=445516474&_gid=1629804950.1701171385&_u=YADAAEAAAAAAACAAI~&z=1390063281 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://app.incaswap.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 28 Nov 2023 11:36:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://app.incaswap.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	/ Show response rpc.patex.io/	43 B 286 B	306ms 102ms	Fetch application/json	141.94.197.206 OVH
General Check archive.org Show headers Download Go to Full URL https://rpc.patex.io/ Requested by Host: app.incaswap.com URL: http://app.incaswap.com/static/js/2.96f2c4df.chunk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.94.197.206 , France, ASN16276 (OVH, FR), Reverse DNS ns31546461.ip-141-94-197.eu Software nginx/1.14.1 / Resource Hash c4228ff341aa2a39d2ea1f4a6310a83a3a27110e09fd9935a170631fabd977e1 Request headers Referer http://app.incaswap.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 content-type application/json Response headers Date Tue, 28 Nov 2023 11:36:26 GMT Content-Encoding gzip Server nginx/1.14.1 Vary Origin Content-Type application/json Access-Control-Allow-Origin * Connection close Content-Length 67
OPTIONS H/1.1	200 OK	/ rpc.patex.io/	0 0	304ms 101ms	Preflight	141.94.197.206 OVH
General Check archive.org Show headers Download Go to Full URL https://rpc.patex.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.94.197.206 , France, ASN16276 (OVH, FR), Reverse DNS ns31546461.ip-141-94-197.eu Software nginx/1.14.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://app.incaswap.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Headers Content-Type Access-Control-Allow-Methods POST Access-Control-Allow-Origin * Access-Control-Max-Age 600 Connection close Content-Encoding gzip Content-Length 23 Date Tue, 28 Nov 2023 11:36:25 GMT Server nginx/1.14.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	/ Show response rpc.patex.io/	680 B 310 B	299ms 100ms	Fetch application/json	141.94.197.206 OVH
General Check archive.org Show headers Download Go to Full URL https://rpc.patex.io/ Requested by Host: app.incaswap.com URL: http://app.incaswap.com/static/js/2.96f2c4df.chunk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.94.197.206 , France, ASN16276 (OVH, FR), Reverse DNS ns31546461.ip-141-94-197.eu Software nginx/1.14.1 / Resource Hash 76d5a4b0e75b69bf1bd734cf273c6a761a2bc975c86f5b2ac4e7bcc45f5c4ea2 Request headers Referer http://app.incaswap.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 content-type application/json Response headers Date Tue, 28 Nov 2023 11:36:26 GMT Content-Encoding gzip Server nginx/1.14.1 Vary Origin Content-Type application/json Access-Control-Allow-Origin * Connection close Content-Length 91
OPTIONS H/1.1	200 OK	/ rpc.patex.io/	0 0	321ms 107ms	Preflight	141.94.197.206 OVH
General Check archive.org Show headers Download Go to Full URL https://rpc.patex.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.94.197.206 , France, ASN16276 (OVH, FR), Reverse DNS ns31546461.ip-141-94-197.eu Software nginx/1.14.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://app.incaswap.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Headers Content-Type Access-Control-Allow-Methods POST Access-Control-Allow-Origin * Access-Control-Max-Age 600 Connection close Content-Encoding gzip Content-Length 23 Date Tue, 28 Nov 2023 11:36:26 GMT Server nginx/1.14.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uniswap (Crypto Exchange)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| webpackJsonppancake-frontend object| regeneratorRuntime function| setImmediate function| clearImmediate object| _ethers function| _ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.incaswap.com/	1970-01-21 02:08:51	Name: _ga_334KNG3DMQ Value: GS1.1.1701171385.1.0.1701171385.60.0.0
			.incaswap.com/	1970-01-21 02:08:51	Name: _ga Value: GA1.2.1724928876.1701171385
			.incaswap.com/	1970-01-20 16:34:17	Name: _gid Value: GA1.2.1629804950.1701171385
			.incaswap.com/	1970-01-20 16:32:51	Name: _gat_UA-172345269-4 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
app.incaswap.com
fonts.googleapis.com
fonts.gstatic.com
rpc.patex.io
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.googletagmanager.com
141.94.197.206
142.251.111.94
142.251.16.102
142.251.16.97
142.251.163.94
172.253.122.156
172.253.122.95
192.99.135.14
216.239.32.181
2109ee2b3cfcd3c8f9834655a8863949318813ed4dfa4c9713f11f7b2bff7388
2d46295691fe374e98d4da8c5eafb67c4f213f67963ebc185144360bcabd5525
3206235e5cbbf590ad623878726801ae2341bb40b11d60d8298f2649e121226e
5e69d66ffaf18c095e5c6f255ecc10664b5fd9f7423e2b8fdce8ad52513d80a5
627a441af6a21e907ff83b5efb4d91bea394b4aab8b4ca55b87ab9031df17bd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76d5a4b0e75b69bf1bd734cf273c6a761a2bc975c86f5b2ac4e7bcc45f5c4ea2
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82f7b631c51e5d808c881067cfa9e546ac1103b389a938be1ace8f630a6d99e6
a386986cfae8401068ea1a4d69eb473b2bc6e33bf6314b534f446bf3e35c8a09
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c4228ff341aa2a39d2ea1f4a6310a83a3a27110e09fd9935a170631fabd977e1
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
cc58e107c0f1fa386ad970f6ec0932403a366ecb112a179e5ee44e00b881f9e8
ce240d09e597ff417457b1be6a5ec0de2826bb6942da0b2a630b63e472e76dfd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e4568ea719a087a5fa8a149d94823ea7cdbe337c159e8a7afb66bc13bc35b3ee
e4b3f47b5013f141836079914de3a98cb82d85ddeb1ebc4cbe1ced27ca88ab7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629