v2.swap.lambda.im Open in urlscan Pro
13.251.34.233 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://v2.swap.lambda.im/
Effective URL:
https://v2.swap.lambda.im/
Submission: On October 19 via api (October 19th 2024, 8:25:11 am UTC) from BY — Scanned from SG

Summary HTTP 17 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 13.251.34.233, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is v2.swap.lambda.im.
TLS certificate: Issued by E5 on July 27th 2024. Valid for: 3 months.

This is the only time v2.swap.lambda.im was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Uniswap (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
10	13.251.34.233 13.251.34.233	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4003:c0f::65	15169 (GOOGLE) (GOOGLE)
2	2606:50c0:800... 2606:50c0:8002::154	54113 (FASTLY) (FASTLY)
1	74.125.200.102 74.125.200.102	15169 (GOOGLE) (GOOGLE)
2	3.220.107.23 3.220.107.23	14618 (AMAZON-AES) (AMAZON-AES)
17	6

10 13.251.34.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com

v2.swap.lambda.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c0f::65 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8002::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.107.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-107-23.compute-1.amazonaws.com

mainnet.infura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	lambda.im v2.swap.lambda.im	2 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	infura.io mainnet.infura.io — Cisco Umbrella Rank: 46547	264 B
2	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4897	1 KB
17	4

	Domain	Requested by
10	v2.swap.lambda.im	v2.swap.lambda.im
3	www.google-analytics.com	v2.swap.lambda.im www.google-analytics.com
2	mainnet.infura.io	v2.swap.lambda.im
2	raw.githubusercontent.com	v2.swap.lambda.im
17	4

This site contains links to these domains. Also see Links.

Domain
v2info.swap.lambda.im
portal.lambda.im
swap.lambda.im

Subject Issuer	Validity	Valid
v2.swap.lambda.im E5	`2024-07-27` - `2024-10-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
*.infura.io Amazon RSA 2048 M02	`2023-11-29` - `2024-12-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://v2.swap.lambda.im/
Frame ID: FA6A9A26D150D35C5B993459010D6933
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Uniswap Interface

Page URL History Show full URLs

http://v2.swap.lambda.im/ HTTP 307
https://v2.swap.lambda.im/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

17
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

2
Countries

2361 kB
Transfer

4259 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://v2info.swap.lambda.im/
Title: Charts ↗

Search URL Search Domain Scan URL

URL: https://portal.lambda.im/airdrop
Title: Airdrop ↗

Search URL Search Domain Scan URL

URL: https://swap.lambda.im/
Title: V3 ↗

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://v2.swap.lambda.im/ HTTP 307
https://v2.swap.lambda.im/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
v2.swap.lambda.im/
Redirect Chain

http://v2.swap.lambda.im/
https://v2.swap.lambda.im/

3 KB
2 KB

401ms
5ms

Document
text/html

13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.swap.lambda.im/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f4590984f1f7498d42fbbceee7d1a516c68c3549355a3000b24cba2882d09d98

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Disposition: inline; filename="index.html"
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sat, 19 Oct 2024 08:25:06 GMT
ETag: "39195221079e6287b0a3efaf9f7d336cebf23295"
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Location: https://v2.swap.lambda.im/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK 4.f04942fe.chunk.css
v2.swap.lambda.im/static/css/ 5 KB
1 KB 5ms
4ms Stylesheet
text/css 13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.swap.lambda.im/static/css/4.f04942fe.chunk.css
Requested by: Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "d65894a749fd66b67aabedbfad091e731819c755"
Connection: keep-alive
Accept-Ranges: bytes
Date: Sat, 19 Oct 2024 08:25:06 GMT
Content-Type: text/css; charset=utf-8
Content-Disposition: inline; filename="4.f04942fe.chunk.css"
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK 4.00eaae79.chunk.js Show response
v2.swap.lambda.im/static/js/ 2 MB
630 KB 21ms
16ms Script
application/javascript 13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.swap.lambda.im/static/js/4.00eaae79.chunk.js
Requested by: Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5b3363918ce6bc3bcfd39fd5ef5ec1d81a2483526df41603e75fd9dbc1affc57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "7f8518843def11031845cbb7ec42606c21a0fd5a"
Connection: keep-alive
Accept-Ranges: bytes
Date: Sat, 19 Oct 2024 08:25:06 GMT
Content-Type: application/javascript; charset=utf-8
Content-Disposition: inline; filename="4.00eaae79.chunk.js"
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK main.f77e3ef0.chunk.js Show response
v2.swap.lambda.im/static/js/ 459 KB
126 KB 19ms
13ms Script
application/javascript 13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.swap.lambda.im/static/js/main.f77e3ef0.chunk.js
Requested by: Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5f3ff5df0642e40b409e79e1340f704e0a177286db88a75cadb7c4289ecc2444

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "c23969ba319df16d69d4adbc54cdbe2ae8826dd0"
Connection: keep-alive
Accept-Ranges: bytes
Date: Sat, 19 Oct 2024 08:25:06 GMT
Content-Type: application/javascript; charset=utf-8
Content-Disposition: inline; filename="main.f77e3ef0.chunk.js"
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
8ms Script
text/javascript 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/static/js/4.00eaae79.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::65 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

content-encoding: gzip
age: 2297
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 09:46:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 07:46:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H/1.1 200
OK en.json Show response
v2.swap.lambda.im/locales/ 4 KB
2 KB 9ms
8ms XHR
application/json 13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.swap.lambda.im/locales/en.json
Requested by: Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/static/js/4.00eaae79.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/
X-Requested-With: XMLHttpRequest

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "ee3ffddfe172de9b28aa4261fd5b6f4d16642cdf"
Connection: keep-alive
Accept-Ranges: bytes
Date: Sat, 19 Oct 2024 08:25:06 GMT
Content-Type: application/json; charset=utf-8
Content-Disposition: inline; filename="en.json"
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 404
Not Found en-US.json Show response
v2.swap.lambda.im/locales/ 2 KB
1020 B 6ms
6ms XHR
text/html 13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.swap.lambda.im/locales/en-US.json
Requested by: Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/static/js/4.00eaae79.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8c45c679f40c3f81c111fbf2398d568189c3ab34d8a9704ad225cd8efe1b819f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/
X-Requested-With: XMLHttpRequest

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Sat, 19 Oct 2024 08:25:06 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

GET
H2 200 tokens.json Show response
raw.githubusercontent.com/LambdaIM/assets/master/blockchains/lambda/ 2 KB
1 KB 483ms
389ms Fetch
text/plain 2606:50c0:8002::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/LambdaIM/assets/master/blockchains/lambda/tokens.json

Requested by

Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/static/js/main.f77e3ef0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8375f65b17310d658cc86c89bf952f88365adf5af4c76430ea186e0399d31c55

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

x-fastly-request-id: 907c8fd3b563cced07e57be6a2b9625d8646f215
content-encoding: gzip
etag: W/"9e8c9d554ac2ab5069029f258d0695d8fb93a817b53ba5fe2a019152e37f6f50"
x-content-type-options: nosniff
x-github-request-id: 344B:183277:11DE97:156C9E:67136CE3
expires: Sat, 19 Oct 2024 08:30:07 GMT
x-cache: MISS
date: Sat, 19 Oct 2024 08:25:07 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-hkg17927-HKG
x-cache-hits: 0
source-age: 0
x-frame-options: deny
strict-transport-security: max-age=31536000
vary: Authorization,Accept-Encoding,Origin
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control: max-age=300
x-timer: S1729326307.099630,VS0,VE339
cross-origin-resource-policy: cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 536
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK logo.742edb09.svg
v2.swap.lambda.im/static/media/ 8 KB
4 KB 10ms
10ms Image
image/svg+xml 13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2.swap.lambda.im/static/media/logo.742edb09.svg
Requested by: Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f34534c13f4659b8c81936b849eb0d3211ffc5d7de0d277fc2fe2328193bad89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "eb0d4cbe3b40148ad3999a6cc24e7ea0009bb4a8"
Connection: keep-alive
Accept-Ranges: bytes
Date: Sat, 19 Oct 2024 08:25:07 GMT
Content-Type: image/svg+xml
Content-Disposition: inline; filename="logo.742edb09.svg"
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK Inter-roman.var.90e8f61d.woff2
v2.swap.lambda.im/static/media/ 221 KB
221 KB 10ms
9ms Font
font/woff2 13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.swap.lambda.im/static/media/Inter-roman.var.90e8f61d.woff2
Requested by: Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/static/css/4.f04942fe.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b8e5fc78cc13c39d7b6040a18239c1e50352520f8a205b179afaa48ff31e8549

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://v2.swap.lambda.im
Referer: https://v2.swap.lambda.im/static/css/4.f04942fe.chunk.css

Response headers

ETag: "624e8faae532efbb2169944a63dc9e42709a787f"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 226100
Date: Sat, 19 Oct 2024 08:25:07 GMT
Content-Type: font/woff2
Content-Disposition: inline; filename="Inter-roman.var.90e8f61d.woff2"
Server: nginx/1.18.0 (Ubuntu)

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
422 B 14ms
11ms XHR
text/plain 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1042855229&t=pageview&_s=1&dl=https%3A%2F%2Fv2.swap.lambda.im%2F&dp=%2F&ul=en-sg&de=UTF-8&dt=Uniswap%20Interface&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1059179534&gjid=1532473012&cid=753843529.1729326307&tid=UA-128182339-4&_gid=206805986.1729326307&_r=1&_slc=1&z=812193889

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::65 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://v2.swap.lambda.im/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 08:25:07 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://v2.swap.lambda.im
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 tokens.json Show response
raw.githubusercontent.com/LambdaIM/assets/master/blockchains/lambda/ 2 KB
0 412ms
412ms Fetch
text/plain 2606:50c0:8002::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/LambdaIM/assets/master/blockchains/lambda/tokens.json

Requested by

Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/static/js/main.f77e3ef0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8375f65b17310d658cc86c89bf952f88365adf5af4c76430ea186e0399d31c55

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

x-fastly-request-id: 907c8fd3b563cced07e57be6a2b9625d8646f215
content-encoding: gzip
etag: W/"9e8c9d554ac2ab5069029f258d0695d8fb93a817b53ba5fe2a019152e37f6f50"
x-github-request-id: 344B:183277:11DE97:156C9E:67136CE3
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 08:30:07 GMT
x-cache: MISS
date: Sat, 19 Oct 2024 08:25:07 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-hkg17927-HKG
x-cache-hits: 0
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control: max-age=300
x-timer: S1729326307.099630,VS0,VE339
cross-origin-resource-policy: cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 536
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK noise.17ab2292.png
v2.swap.lambda.im/static/media/ 1 MB
1 MB 7ms
7ms Image
image/png 13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2.swap.lambda.im/static/media/noise.17ab2292.png
Requested by: Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7cb52ff100d5fa89d754f4525a7eb4fbee73045be458c5a3235e71660cc7919b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

ETag: "8333ecc650ccb14328b36ec1acf00d8c72717832"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1380453
Date: Sat, 19 Oct 2024 08:25:07 GMT
Content-Type: image/png
Content-Disposition: inline; filename="noise.17ab2292.png"
Server: nginx/1.18.0 (Ubuntu)

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 16ms
15ms Image
image/gif 74.125.200.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1042855229&t=pageview&_s=2&dl=https%3A%2F%2Fv2.swap.lambda.im%2F&dp=%2Fswap&ul=en-sg&de=UTF-8&dt=Uniswap%20Interface&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=753843529.1729326307&tid=UA-128182339-4&_gid=206805986.1729326307&z=1441513511

Requested by

Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

age: 8839
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 05:57:48 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H2 403 099fc58e0de9451d80b18d7c74caa7c1 Show response
mainnet.infura.io/v3/ 90 B
264 B 240ms
239ms Fetch
text/plain 3.220.107.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

Requested by

Host: v2.swap.lambda.im
URL: https://v2.swap.lambda.im/static/js/main.f77e3ef0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.107.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-107-23.compute-1.amazonaws.com

Software

Resource Hash

1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://v2.swap.lambda.im/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

access-control-allow-origin: https://v2.swap.lambda.im
content-length: 90
date: Sat, 19 Oct 2024 08:25:08 GMT
content-type: text/plain; charset=utf-8
vary: Origin, Accept-Encoding
x-content-type-options: nosniff

OPTIONS
H2 200 099fc58e0de9451d80b18d7c74caa7c1
mainnet.infura.io/v3/ 0
0 820ms
241ms Preflight 3.220.107.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.107.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-107-23.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://v2.swap.lambda.im
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://v2.swap.lambda.im
access-control-max-age: 86400
content-length: 0
date: Sat, 19 Oct 2024 08:25:07 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK favicon.png
v2.swap.lambda.im/ 3 KB
3 KB 6ms
5ms Other
image/png 13.251.34.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.swap.lambda.im/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.251.34.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-34-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 125fc21801ff09cc34bf5a66fc512940562a8edbe62569d4a9a0dc308cf65233

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://v2.swap.lambda.im/

Response headers

ETag: "ced6a6de02b43c31c91c14a1b18c16284d50e8b4"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2841
Date: Sat, 19 Oct 2024 08:25:07 GMT
Content-Type: image/png
Content-Disposition: inline; filename="favicon.png"
Server: nginx/1.18.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uniswap (Crypto Exchange)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lambda.im/	1970-01-21 09:58:06	Name: _ga Value: GA1.2.753843529.1729326307
.lambda.im/	1970-01-21 00:23:32	Name: _gid Value: GA1.2.206805986.1729326307
.lambda.im/	1970-01-21 00:22:06	Name: _gat Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://v2.swap.lambda.im/locales/en-US.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mainnet.infura.io
raw.githubusercontent.com
v2.swap.lambda.im
www.google-analytics.com
13.251.34.233
2404:6800:4003:c0f::65
2606:50c0:8002::154
3.220.107.23
74.125.200.102
0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661
125fc21801ff09cc34bf5a66fc512940562a8edbe62569d4a9a0dc308cf65233
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
5b3363918ce6bc3bcfd39fd5ef5ec1d81a2483526df41603e75fd9dbc1affc57
5f3ff5df0642e40b409e79e1340f704e0a177286db88a75cadb7c4289ecc2444
7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430
7cb52ff100d5fa89d754f4525a7eb4fbee73045be458c5a3235e71660cc7919b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8375f65b17310d658cc86c89bf952f88365adf5af4c76430ea186e0399d31c55
8c45c679f40c3f81c111fbf2398d568189c3ab34d8a9704ad225cd8efe1b819f
b8e5fc78cc13c39d7b6040a18239c1e50352520f8a205b179afaa48ff31e8549
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f34534c13f4659b8c81936b849eb0d3211ffc5d7de0d277fc2fe2328193bad89
f4590984f1f7498d42fbbceee7d1a516c68c3549355a3000b24cba2882d09d98

v2.swap.lambda.im Open in urlscan Pro 13.251.34.233 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

40 %IPv6

4 Domains

4 Subdomains

6 IPs

2 Countries

2361 kBTransfer

4259 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

v2.swap.lambda.im Open in urlscan Pro
13.251.34.233 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

2
Countries

2361 kB
Transfer

4259 kB
Size

3
Cookies

17 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!