app.uniswap-ex.com Open in urlscan Pro
2606:4700:3031::681b:a10f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.uniswap-ex.com/#/swap
Effective URL:
https://app.uniswap-ex.com/
Submission: On August 17 via manual (August 17th 2020, 9:26:29 pm UTC) from GB

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3031::681b:a10f, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.uniswap-ex.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time app.uniswap-ex.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Uniswap (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3031::681b:a10f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3037::ac43:dd52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	7

9 2606:4700:3031::681b:a10f (United States)

ASN13335 (CLOUDFLARENET, US)

app.uniswap-ex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:dd52 (United States)

ASN13335 (CLOUDFLARENET, US)

uniswap-ex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	uniswap-ex.com app.uniswap-ex.com uniswap-ex.com	694 KB
3	unpkg.com 2 redirects unpkg.com	7 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	jquery.com code.jquery.com	83 KB
19	4

	Domain	Requested by
9	app.uniswap-ex.com	app.uniswap-ex.com
6	uniswap-ex.com	app.uniswap-ex.com
3	unpkg.com	2 redirects app.uniswap-ex.com
2	www.google-analytics.com	app.uniswap-ex.com
1	code.jquery.com	app.uniswap-ex.com
19	5

This site contains links to these domains. Also see Links.

Domain
etherscan.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.uniswap-ex.com/
Frame ID: C3CAC5DC0C38F9CA7A655D5998CD53FD
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

19
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

7
IPs

3
Countries

801 kB
Transfer

2377 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://etherscan.io/address/0x2DB3fBD2e6e0a0C06b352076e31dA43d327D5AE8
Title: (View on Etherscan)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://unpkg.com/@uniswap/default-token-list@latest HTTP 302
https://unpkg.com/@uniswap/default-token-list@1.3.0 HTTP 302
https://unpkg.com/@uniswap/default-token-list@1.3.0/build/uniswap-default.tokenlist.json

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
app.uniswap-ex.com/ 5 KB
3 KB 99ms
43ms Document
text/html 2606:4700:3031::681b:a10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uniswap-ex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: df6884f4191fe71a89aad874bd333d015783cf1460cdc0e6d323a4c336eca203

Request headers

:method: GET
:authority: app.uniswap-ex.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 17 Aug 2020 21:26:11 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=dac2479bebf40bfd33067c8100fb9a89b1597699571; expires=Wed, 16-Sep-20 21:26:11 GMT; path=/; domain=.uniswap-ex.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=qmpavpc9e14qb6439cgg2l5ob9; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.9
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
cf-request-id: 049fe9d84a00001f35a7357200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c4678d3ac771f35-FRA
content-encoding: br

GET
H2 200 4.f04942fe.chunk.css
app.uniswap-ex.com/static/css/ 5 KB
946 B 38ms
37ms Stylesheet
text/css 2606:4700:3031::681b:a10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uniswap-ex.com/static/css/4.f04942fe.chunk.css
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: 7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 21:26:11 GMT
content-encoding: br
cf-cache-status: BYPASS
x-powered-by: PHP/7.4.9
status: 200
cf-request-id: 049fe9d87a00001f35a735b200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678d3fd5c1f35-FRA
access-control-allow-headers: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 4.59c081e3.chunk.js Show response
app.uniswap-ex.com/static/js/ 1 MB
363 KB 149ms
148ms Script
application/x-javascript 2606:4700:3031::681b:a10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uniswap-ex.com/static/js/4.59c081e3.chunk.js
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: 51852dfd846bbc60fe1ed2d550a18ce445544e2cd6631abd6877a4b8ce073892

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 21:26:11 GMT
content-encoding: br
cf-cache-status: BYPASS
x-powered-by: PHP/7.4.9
status: 200
cf-request-id: 049fe9d87a00001f35a735c200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678d3fd5e1f35-FRA
access-control-allow-headers: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 main.28887162.chunk.js Show response
app.uniswap-ex.com/static/js/ 301 KB
68 KB 85ms
85ms Script
application/x-javascript 2606:4700:3031::681b:a10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uniswap-ex.com/static/js/main.28887162.chunk.js
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: 2665a1d6c807c1fb3d4d8359fefb9bedc5772e758a4af2b813ac43c8f36779ab

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 21:26:11 GMT
content-encoding: br
cf-cache-status: BYPASS
x-powered-by: PHP/7.4.9
status: 200
cf-request-id: 049fe9d87a00001f35a735d200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678d3fd611f35-FRA
access-control-allow-headers: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery-3.5.1.js Show response
code.jquery.com/ 281 KB
83 KB 26ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.js
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 21:26:11 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
status: 200
etag: W/"5eb09f0f-4638e"
vary: Accept-Encoding
x-hw: 1597699571.dop052.fr8.t,1597699571.cds204.fr8.hn,1597699571.cds234.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 84374

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/static/js/4.59c081e3.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 632
date: Mon, 17 Aug 2020 21:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 17 Aug 2020 23:15:40 GMT

GET
H2 200 en.json Show response
app.uniswap-ex.com/locales/ 4 KB
2 KB 280ms
279ms XHR
application/json 2606:4700:3031::681b:a10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uniswap-ex.com/locales/en.json
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/static/js/4.59c081e3.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: 0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 17 Aug 2020 21:26:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.4.9
status: 200
cf-request-id: 049fe9da0e00001f35a7373200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678d67acf1f35-FRA
access-control-allow-headers: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 logo.5827780d.svg
app.uniswap-ex.com/static/media/ 7 KB
3 KB 315ms
314ms Image
image/svg+xml 2606:4700:3031::681b:a10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.uniswap-ex.com/static/media/logo.5827780d.svg
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: a7c23707e191b848cf7636633fdc4a1f6782e950efc7f7e5d89f6876d93220ad

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 21:26:12 GMT
content-encoding: br
cf-cache-status: BYPASS
x-powered-by: PHP/7.4.9
status: 200
cf-request-id: 049fe9da1c00001f35a7374200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678d69af21f35-FRA
access-control-allow-headers: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 wordmark.b75565ae.svg
app.uniswap-ex.com/static/media/ 107 KB
32 KB 726ms
726ms Image
image/svg+xml 2606:4700:3031::681b:a10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.uniswap-ex.com/static/media/wordmark.b75565ae.svg
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: bd7a6976bd35ec63c5b4d7da9863689ad8dc088906b0a92015a79d20aa93dc6c

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 21:26:12 GMT
content-encoding: br
cf-cache-status: BYPASS
x-powered-by: PHP/7.4.9
status: 200
cf-request-id: 049fe9da1d00001f35a7375200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678d69af71f35-FRA
access-control-allow-headers: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

uniswap-default.tokenlist.json Show response
unpkg.com/@uniswap/default-token-list@1.3.0/build/
Redirect Chain

https://unpkg.com/@uniswap/default-token-list@latest
https://unpkg.com/@uniswap/default-token-list@1.3.0
https://unpkg.com/@uniswap/default-token-list@1.3.0/build/uniswap-default.tokenlist.json

43 KB
6 KB

16ms
16ms

Fetch
application/json

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@uniswap/default-token-list@1.3.0/build/uniswap-default.tokenlist.json

Requested by

Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52db8c43e4cc4f8ce0a07687d865ee2e76271f5d89602bd2978f95d3fcdce51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 21:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275796
status: 200
vary: Accept-Encoding
cf-request-id: 049fe9da790000beb537a0f200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"acf8-RGcdmcI17NSJp8D6OSxkjpSVjCY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 42580d04b41be6c7e10c31da4bfffccd
cache-control: public, max-age=31536000
cf-ray: 5c4678d72d85beb5-FRA

Redirect headers

date: Mon, 17 Aug 2020 21:26:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275796
status: 302
vary: Accept, Accept-Encoding
content-length: 93
cf-request-id: 049fe9da680000beb537a0e200000001
access-control-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
location: /@uniswap/default-token-list@1.3.0/build/uniswap-default.tokenlist.json
x-cloud-trace-context: 1e7aa1a296f176dfe96d33cc3e44eb2a
cache-control: public, max-age=31536000
cf-ray: 5c4678d70d75beb5-FRA

GET
H2 200 en-US.json Show response
app.uniswap-ex.com/locales/ 141 B
208 B 678ms
678ms XHR
application/json 2606:4700:3031::681b:a10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uniswap-ex.com/locales/en-US.json
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/static/js/4.59c081e3.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: a3ba162b7162c6ecb86913d5d1dc5877b5c27599249a958203646c758aca58d8

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 21:26:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678d6cb511f35-FRA
access-control-allow-headers: *
cf-request-id: 049fe9da3800001f35a7377200000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/2+Q/46 200 collect
www.google-analytics.com/r/ 35 B
79 B 14ms
14ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=622165385&t=pageview&_s=1&dl=https%3A%2F%2Fapp.uniswap-ex.com%2F&dp=%2Fswap&ul=en-us&de=UTF-8&dt=Uniswap%20Interface&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1549872527&gjid=1207841917&cid=1395507122.1597699572&tid=UA-128182339-4&_gid=851117668.1597699572&_r=1&z=1795731181

Requested by

Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 21:26:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Inter-roman.var.90e8f61d.woff2
app.uniswap-ex.com/static/media/ 221 KB
221 KB 43ms
43ms Font
font/woff2 2606:4700:3031::681b:a10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uniswap-ex.com/static/media/Inter-roman.var.90e8f61d.woff2
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/static/css/4.f04942fe.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash

Request headers

Origin: https://app.uniswap-ex.com
Referer: https://app.uniswap-ex.com/static/css/4.f04942fe.chunk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 21:26:13 GMT
cf-cache-status: BYPASS
server: cloudflare
status: 200
x-powered-by: PHP/7.4.9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678db0c651f35-FRA
access-control-allow-headers: *
cf-request-id: 049fe9dce200001f35a739f200000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c483324a4e9881deadeb8735ad86dbbecc5942b5b1be22973ce6dd6c0b7f73a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 099fc58e0de9451d80b18d7c74caa7c1 Show response
uniswap-ex.com/infura/v3/ 561 B
213 B 709ms
709ms Fetch
application/json 2606:4700:3037::ac43:dd52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uniswap-ex.com/infura/v3/099fc58e0de9451d80b18d7c74caa7c1
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/static/js/main.28887162.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: ce9f7a07a138bd500a34316c7c8b2af7be6cc7fe0a92ce518ed9ebd0019921f8

Request headers

accept: application/json
Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Mon, 17 Aug 2020 21:26:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.4.9
status: 200
cf-request-id: 049fe9e03e000016eee92df200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678e06a2016ee-FRA
access-control-allow-headers: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 099fc58e0de9451d80b18d7c74caa7c1
uniswap-ex.com/infura/v3/ 0
0 602ms
572ms Other
application/json 2606:4700:3037::ac43:dd52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uniswap-ex.com/infura/v3/099fc58e0de9451d80b18d7c74caa7c1
Protocol: H2
Server: 2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.uniswap-ex.com
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 17 Aug 2020 21:26:13 GMT
content-type: application/json
content-length: 19
x-powered-by: PHP/7.4.9
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
cf-request-id: 049fe9de02000016eee92a5200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c4678dcd8d916ee-FRA

POST
H2 200 099fc58e0de9451d80b18d7c74caa7c1 Show response
uniswap-ex.com/infura/v3/ 414 B
328 B 643ms
642ms Fetch
application/json 2606:4700:3037::ac43:dd52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uniswap-ex.com/infura/v3/099fc58e0de9451d80b18d7c74caa7c1
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/static/js/main.28887162.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: 221d598f11d192c600e9ac1852cf5d4942da0f43eebc2dd69922edcccd386381

Request headers

accept: application/json
Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Mon, 17 Aug 2020 21:26:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678e0aaaa16ee-FRA
access-control-allow-headers: *
cf-request-id: 049fe9e068000016eee92e2200000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 099fc58e0de9451d80b18d7c74caa7c1
uniswap-ex.com/infura/v3/ 0
0 590ms
589ms Other
application/json 2606:4700:3037::ac43:dd52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uniswap-ex.com/infura/v3/099fc58e0de9451d80b18d7c74caa7c1
Protocol: H2
Server: 2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.uniswap-ex.com
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 17 Aug 2020 21:26:13 GMT
content-type: application/json
content-length: 19
x-powered-by: PHP/7.4.9
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
cf-request-id: 049fe9de1a000016eee92a8200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c4678dcf94316ee-FRA

POST
H2 200 099fc58e0de9451d80b18d7c74caa7c1 Show response
uniswap-ex.com/infura/v3/ 5 KB
705 B 697ms
696ms Fetch
application/json 2606:4700:3037::ac43:dd52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uniswap-ex.com/infura/v3/099fc58e0de9451d80b18d7c74caa7c1
Requested by: Host: app.uniswap-ex.com
URL: https://app.uniswap-ex.com/static/js/main.28887162.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: d0727c1b3fd674fda41edd0932166ce078847938ca731e87073fa4f804fb2c00

Request headers

accept: application/json
Referer: https://app.uniswap-ex.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Mon, 17 Aug 2020 21:26:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.4.9
status: 200
cf-request-id: 049fe9e5f7000016eee9342200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c4678e98f0916ee-FRA
access-control-allow-headers: *
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 099fc58e0de9451d80b18d7c74caa7c1
uniswap-ex.com/infura/v3/ 0
0 494ms
494ms Other
application/json 2606:4700:3037::ac43:dd52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uniswap-ex.com/infura/v3/099fc58e0de9451d80b18d7c74caa7c1
Protocol: H2
Server: 2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.uniswap-ex.com
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 17 Aug 2020 21:26:15 GMT
content-type: application/json
content-length: 19
x-powered-by: PHP/7.4.9
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
cf-request-id: 049fe9e409000016eee931a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c4678e6785416ee-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uniswap (Crypto Exchange)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uniswap-ex.com/	1970-01-19 11:49:45	Name: _gid Value: GA1.2.851117668.1597699572
.uniswap-ex.com/	1970-01-20 05:19:31	Name: _ga Value: GA1.2.1395507122.1597699572
app.uniswap-ex.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qmpavpc9e14qb6439cgg2l5ob9
.uniswap-ex.com/	1970-01-19 11:48:19	Name: _gat Value: 1
.uniswap-ex.com/	1970-01-19 12:31:31	Name: __cfduid Value: dac2479bebf40bfd33067c8100fb9a89b1597699571

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://app.uniswap-ex.com/static/js/4.59c081e3.chunk.js(Line 2) Message: [Redux-LocalStorage-Simple] Invalid load 'redux_localstorage_simple_user' provided. Check your 'states' in 'load()'. If this is your first time running this app you may see this message. To disable it in future use the 'disableWarnings' flag, see documentation.
console-api	warning	URL: https://app.uniswap-ex.com/static/js/4.59c081e3.chunk.js(Line 2) Message: [Redux-LocalStorage-Simple] Invalid load 'redux_localstorage_simple_transactions' provided. Check your 'states' in 'load()'. If this is your first time running this app you may see this message. To disable it in future use the 'disableWarnings' flag, see documentation.
console-api	warning	URL: https://app.uniswap-ex.com/static/js/4.59c081e3.chunk.js(Line 2) Message: [Redux-LocalStorage-Simple] Invalid load 'redux_localstorage_simple_lists' provided. Check your 'states' in 'load()'. If this is your first time running this app you may see this message. To disable it in future use the 'disableWarnings' flag, see documentation.
console-api	debug	URL: https://app.uniswap-ex.com/static/js/main.28887162.chunk.js(Line 1) Message: Clearing batch [object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
console-api	debug	URL: https://app.uniswap-ex.com/static/js/main.28887162.chunk.js(Line 1) Message: Clearing batch [object Object],[object Object],[object Object],[object Object]
console-api	debug	URL: https://app.uniswap-ex.com/static/js/main.28887162.chunk.js(Line 1) Message: Fetching chunk [object Object] [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object] 10679957
console-api	debug	URL: https://app.uniswap-ex.com/static/js/main.28887162.chunk.js(Line 1) Message: Clearing batch [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.uniswap-ex.com
code.jquery.com
uniswap-ex.com
unpkg.com
www.google-analytics.com
2001:4de0:ac19::1:b:3a
2606:4700:3031::681b:a10f
2606:4700:3037::ac43:dd52
2606:4700::6810:7baf
2a00:1450:4001:814::200e
2a00:1450:4001:816::200e
0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661
221d598f11d192c600e9ac1852cf5d4942da0f43eebc2dd69922edcccd386381
2665a1d6c807c1fb3d4d8359fefb9bedc5772e758a4af2b813ac43c8f36779ab
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
51852dfd846bbc60fe1ed2d550a18ce445544e2cd6631abd6877a4b8ce073892
52db8c43e4cc4f8ce0a07687d865ee2e76271f5d89602bd2978f95d3fcdce51c
7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a3ba162b7162c6ecb86913d5d1dc5877b5c27599249a958203646c758aca58d8
a7c23707e191b848cf7636633fdc4a1f6782e950efc7f7e5d89f6876d93220ad
bd7a6976bd35ec63c5b4d7da9863689ad8dc088906b0a92015a79d20aa93dc6c
c483324a4e9881deadeb8735ad86dbbecc5942b5b1be22973ce6dd6c0b7f73a2
ce9f7a07a138bd500a34316c7c8b2af7be6cc7fe0a92ce518ed9ebd0019921f8
d0727c1b3fd674fda41edd0932166ce078847938ca731e87073fa4f804fb2c00
df6884f4191fe71a89aad874bd333d015783cf1460cdc0e6d323a4c336eca203
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

app.uniswap-ex.com Open in urlscan Pro 2606:4700:3031::681b:a10f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

19 Requests

100 %HTTPS

100 %IPv6

4 Domains

5 Subdomains

7 IPs

3 Countries

801 kBTransfer

2377 kBSize

5 Cookies

1 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

5 Cookies

7 Console Messages

Indicators

app.uniswap-ex.com Open in urlscan Pro
2606:4700:3031::681b:a10f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

7
IPs

3
Countries

801 kB
Transfer

2377 kB
Size

5
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!