unisvvap.store Open in urlscan Pro
2a00:f940:2:2:1:4:0:112  Malicious Activity! Public Scan

Submitted URL: https://unlswap.store/exchange
Effective URL: https://unisvvap.store/
Submission: On December 16 via api from JP — Scanned from JP

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2a00:f940:2:2:1:4:0:112, located in Russian Federation and belongs to AS-REG, RU. The main domain is unisvvap.store.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on December 14th 2021. Valid for: a year.
This is the only time unisvvap.store was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Uniswap (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 1 185.179.190.34 44094 (WEBHOST1-AS)
7 2a00:f940:2:2... 197695 (AS-REG)
1 91.215.155.5 59729 (ITL-BG)
8 3
Apex Domain
Subdomains
Transfer
7 unisvvap.store
unisvvap.store
361 KB
1 mrproper.tk
mrproper.tk
2 KB
1 unlswap.store
unlswap.store
793 B
8 3
Domain Requested by
7 unisvvap.store unisvvap.store
1 mrproper.tk unisvvap.store
1 unlswap.store 1 redirects
8 3

This site contains links to these domains. Also see Links.

Domain
uniswap-fath.tech
info.uniswap.org
etherscan.io
www.youtube.com
Subject Issuer Validity Valid
www.unisvvap.store
GlobalSign GCC R3 DV TLS CA 2020
2021-12-14 -
2023-01-15
a year crt.sh
mrproper.tk
R3
2021-10-22 -
2022-01-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://unisvvap.store/
Frame ID: 033218FC28650CE3F93CFFDE017EC10F
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Uniswap Interfacelogo

Page URL History Show full URLs

  1. https://unlswap.store/exchange HTTP 302
    https://unisvvap.store/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

363 kB
Transfer

500 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://unlswap.store/exchange HTTP 302
    https://unisvvap.store/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
unisvvap.store/
Redirect Chain
  • https://unlswap.store/exchange
  • https://unisvvap.store/
94 KB
24 KB
Document
General
Full URL
https://unisvvap.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:112 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
0aa10a9e50feaeff20a79ae3e8ba550aa24ea4a4fafdc6e8845ded6941a67fba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

server
nginx
date
Thu, 16 Dec 2021 09:01:34 GMT
content-type
text/html
last-modified
Wed, 15 Dec 2021 12:57:42 GMT
content-encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 16 Dec 2021 09:01:33 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Thu, 16 Dec 2021 09:01:33 GMT
Location
https://unisvvap.store/
Pragma
no-cache
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
JHZ1XJ
unisvvap.store/
3 KB
3 KB
Script
General
Full URL
https://unisvvap.store/JHZ1XJ
Requested by
Host: unisvvap.store
URL: https://unisvvap.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:112 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
3cc4d2019d09cfeb52c4ce96c88c026320f80076ec3c471ba0778004ec981342

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://unisvvap.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:01:36 GMT
last-modified
Tue, 14 Dec 2021 13:40:22 GMT
server
nginx
accept-ranges
bytes
content-length
3340
JHZ1XJ_1
unisvvap.store/
3 KB
3 KB
Script
General
Full URL
https://unisvvap.store/JHZ1XJ_1
Requested by
Host: unisvvap.store
URL: https://unisvvap.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:112 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
9f129631d730392a770e6506c5877b480bde05b5bcfa8d9a4721b780285b2e7c

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://unisvvap.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:01:36 GMT
last-modified
Tue, 14 Dec 2021 13:40:22 GMT
server
nginx
accept-ranges
bytes
content-length
3340
35.83e03661.chunk.css
unisvvap.store/css/
5 KB
964 B
Stylesheet
General
Full URL
https://unisvvap.store/css/35.83e03661.chunk.css
Requested by
Host: unisvvap.store
URL: https://unisvvap.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:112 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
dfff2110fcc584be300e2e9f7c4c039fbdeba1b9b3aaa3428c2fb8fbf4f249b0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://unisvvap.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:01:36 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 13:40:22 GMT
server
nginx
content-type
text/css
e77dabfada86ed1c3b850a800b435e9fd1a6a8c4.png
unisvvap.store/images/
4 KB
4 KB
Image
General
Full URL
https://unisvvap.store/images/e77dabfada86ed1c3b850a800b435e9fd1a6a8c4.png
Requested by
Host: unisvvap.store
URL: https://unisvvap.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:112 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://unisvvap.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:01:36 GMT
last-modified
Tue, 14 Dec 2021 13:40:32 GMT
server
nginx
accept-ranges
bytes
content-length
3954
content-type
image/png
jquery.min.js
unisvvap.store/
94 KB
33 KB
Script
General
Full URL
https://unisvvap.store/jquery.min.js
Requested by
Host: unisvvap.store
URL: https://unisvvap.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:112 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://unisvvap.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:01:36 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 13:40:22 GMT
server
nginx
content-type
application/javascript
truncated
/
2 KB
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09612ab78535d8b10659b3b0a3874d1cb4091ea8788d45c434bae15f372c0efa

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
text/javascript
JHZ1XJ
mrproper.tk/
3 KB
2 KB
Script
General
Full URL
https://mrproper.tk/JHZ1XJ?return=js.client&&se_referrer=&default_keyword=&landing_url=unisvvap.store%2F&name=_TDC94YTYGhCHYLbr&host=https%3A%2F%2Fmrproper.tk%2FJHZ1XJ
Requested by
Host: unisvvap.store
URL: https://unisvvap.store/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.215.155.5 Sofia, Bulgaria, ASN59729 (ITL-BG, UA),
Reverse DNS
hmara69828.vds
Software
nginx /
Resource Hash
9f96cd778fbad0530deb972a4d3a9d2d03f9064e198dee2d48ebe74710cded3e

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://unisvvap.store/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 09:01:37 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
1355
Inter-roman.var.woff2
unisvvap.store/fonts/
292 KB
292 KB
Font
General
Full URL
https://unisvvap.store/fonts/Inter-roman.var.woff2
Requested by
Host: unisvvap.store
URL: https://unisvvap.store/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:112 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
05029490712ad5a909a96ceb8d97791a148ed63c86f7dba26903853733dd1917

Request headers

Referer
https://unisvvap.store/
Origin
https://unisvvap.store
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:01:36 GMT
last-modified
Tue, 14 Dec 2021 13:40:29 GMT
server
nginx
accept-ranges
bytes
content-length
299043
content-type
font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uniswap (Crypto Exchange)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _Jptdx5r9Fv7fxTH6 object| _C1F74PZ3yMJNv8YF object| _TDC94YTYGhCHYLbr function| $ function| jQuery function| vib object| _4mHVcT5kJ72RJFMV

2 Cookies

Domain/Path Name / Value
unlswap.store/ Name: _subid
Value: 359k8m21h
unlswap.store/ Name: 5bf00
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM3XCI6MTYzOTY0NTI5M30sXCJjYW1wYWlnbnNcIjp7XCIxOFwiOjE2Mzk2NDUyOTN9LFwidGltZVwiOjE2Mzk2NDUyOTN9In0.tqQnBenU489D_YXUkdoYLI2Oxnt41AOvw_LpPyswIPk

4 Console Messages

Source Level URL
Text
other warning URL: https://unisvvap.store/
Message:
Failed to decode downloaded font: https://unisvvap.store/fonts/Inter-roman.var.woff2
other warning URL: https://unisvvap.store/
Message:
OTS parsing error: invalid sfntVersion: 1008821359
other warning URL: https://unisvvap.store/
Message:
Failed to decode downloaded font: https://unisvvap.store/fonts/Inter-roman.var.woff2
other warning URL: https://unisvvap.store/
Message:
OTS parsing error: invalid sfntVersion: 1008821359