app.incaswap.com
Open in
urlscan Pro
192.99.135.14
Malicious Activity!
Public Scan
Submission: On November 28 via api from US — Scanned from CA
Summary
This is the only time app.incaswap.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Uniswap (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 192.99.135.14 192.99.135.14 | 16276 (OVH) (OVH) | |
2 | 172.253.122.95 172.253.122.95 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.251.16.97 142.251.16.97 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.163.94 142.251.163.94 | 15169 (GOOGLE) (GOOGLE) | |
6 | 141.94.197.206 141.94.197.206 | 16276 (OVH) (OVH) | |
2 | 142.251.16.102 142.251.16.102 | 15169 (GOOGLE) (GOOGLE) | |
1 | 216.239.32.181 216.239.32.181 | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.253.122.156 172.253.122.156 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.251.111.94 142.251.111.94 | 15169 (GOOGLE) (GOOGLE) | |
24 | 10 |
ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: bl-in-f97.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: bl-in-f102.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
patex.io
rpc.patex.io |
882 B |
6 |
incaswap.com
app.incaswap.com |
774 KB |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
402 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
158 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 9133 |
408 B |
1 |
google.com
analytics.google.com — Cisco Umbrella Rank: 157 |
254 B |
1 |
gstatic.com
fonts.gstatic.com |
8 KB |
24 | 9 |
Domain | Requested by | |
---|---|---|
6 | rpc.patex.io |
app.incaswap.com
|
6 | app.incaswap.com |
app.incaswap.com
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.googletagmanager.com |
app.incaswap.com
www.googletagmanager.com |
2 | fonts.googleapis.com |
app.incaswap.com
|
1 | www.google.ca |
app.incaswap.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
24 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.incaswap.com |
launchpad.incaswap.com |
t.me |
twitter.com |
medium.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
rpc.patex.io R3 |
2023-10-20 - 2024-01-18 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://app.incaswap.com/
Frame ID: 1E906788B1D4A9402148670288949CD0
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
IncaSwapDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Launchpad
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
app.incaswap.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 615 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 853 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.5b5b985f.chunk.css
app.incaswap.com/static/css/ |
20 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.96f2c4df.chunk.js
app.incaswap.com/static/js/ |
2 MB 635 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.caf6aaeb.chunk.js
app.incaswap.com/static/js/ |
537 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
209 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
54 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eth.png
app.incaswap.com/images/tokens/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swap.mp3
app.incaswap.com/ |
23 KB 23 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
e08c541d-094b-481f-b42f-db68c2371292
http://app.incaswap.com/ |
7 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
rpc.patex.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
rpc.patex.io/ |
43 B 286 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
252 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 148 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
rpc.patex.io/ |
43 B 286 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
rpc.patex.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
rpc.patex.io/ |
680 B 310 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
rpc.patex.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Uniswap (Crypto Exchange)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dataLayer object| webpackJsonppancake-frontend object| regeneratorRuntime function| setImmediate function| clearImmediate object| _ethers function| _ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.incaswap.com/ | Name: _ga_334KNG3DMQ Value: GS1.1.1701171385.1.0.1701171385.60.0.0 |
|
.incaswap.com/ | Name: _ga Value: GA1.2.1724928876.1701171385 |
|
.incaswap.com/ | Name: _gid Value: GA1.2.1629804950.1701171385 |
|
.incaswap.com/ | Name: _gat_UA-172345269-4 Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
app.incaswap.com
fonts.googleapis.com
fonts.gstatic.com
rpc.patex.io
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.googletagmanager.com
141.94.197.206
142.251.111.94
142.251.16.102
142.251.16.97
142.251.163.94
172.253.122.156
172.253.122.95
192.99.135.14
216.239.32.181
2109ee2b3cfcd3c8f9834655a8863949318813ed4dfa4c9713f11f7b2bff7388
2d46295691fe374e98d4da8c5eafb67c4f213f67963ebc185144360bcabd5525
3206235e5cbbf590ad623878726801ae2341bb40b11d60d8298f2649e121226e
5e69d66ffaf18c095e5c6f255ecc10664b5fd9f7423e2b8fdce8ad52513d80a5
627a441af6a21e907ff83b5efb4d91bea394b4aab8b4ca55b87ab9031df17bd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76d5a4b0e75b69bf1bd734cf273c6a761a2bc975c86f5b2ac4e7bcc45f5c4ea2
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82f7b631c51e5d808c881067cfa9e546ac1103b389a938be1ace8f630a6d99e6
a386986cfae8401068ea1a4d69eb473b2bc6e33bf6314b534f446bf3e35c8a09
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c4228ff341aa2a39d2ea1f4a6310a83a3a27110e09fd9935a170631fabd977e1
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
cc58e107c0f1fa386ad970f6ec0932403a366ecb112a179e5ee44e00b881f9e8
ce240d09e597ff417457b1be6a5ec0de2826bb6942da0b2a630b63e472e76dfd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e4568ea719a087a5fa8a149d94823ea7cdbe337c159e8a7afb66bc13bc35b3ee
e4b3f47b5013f141836079914de3a98cb82d85ddeb1ebc4cbe1ced27ca88ab7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629