app.retherswap.org
Open in
urlscan Pro
172.67.71.183
Malicious Activity!
Public Scan
Effective URL: https://app.retherswap.org/0.6538720413422834
Submission: On August 22 via api from US — Scanned from IT
Summary
TLS certificate: Issued by E5 on August 4th 2024. Valid for: 3 months.
This is the only time app.retherswap.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Uniswap (Crypto Exchange) Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 25 | 172.67.71.183 172.67.71.183 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 185.199.108.133 185.199.108.133 | 54113 (FASTLY) (FASTLY) | |
30 | 3 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-133.github.com
raw.githubusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
retherswap.org
1 redirects
app.retherswap.org api.retherswap.org Failed rpc.retherswap.org Failed |
2 MB |
1 |
githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 3512 |
8 KB |
30 | 2 |
Domain | Requested by | |
---|---|---|
24 | app.retherswap.org |
1 redirects
app.retherswap.org
|
1 | rpc.retherswap.org |
app.retherswap.org
|
1 | raw.githubusercontent.com | |
0 | api.retherswap.org Failed |
app.retherswap.org
|
30 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
retherswap.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
app.retherswap.org E5 |
2024-08-04 - 2024-11-02 |
3 months | crt.sh |
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-15 - 2025-03-14 |
a year | crt.sh |
retherswap.org WE1 |
2024-08-04 - 2024-11-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://app.retherswap.org/0.6538720413422834
Frame ID: 65DD0E1745E372D8CCF209E47858AD38
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
Retherswap LabsPage URL History Show full URLs
-
http://app.retherswap.org/0.6538720413422834
HTTP 307
https://app.retherswap.org/0.6538720413422834 Page URL
-
https://app.retherswap.org/cdn-cgi/phish-bypass?atok=5x3j0xic9_18Ffg3GgNwt4Ir2hgOjXYVkFz6qyvyrTA-172429...
HTTP 301
https://app.retherswap.org/0.6538720413422834 Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Learn more
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://app.retherswap.org/0.6538720413422834
HTTP 307
https://app.retherswap.org/0.6538720413422834 Page URL
-
https://app.retherswap.org/cdn-cgi/phish-bypass?atok=5x3j0xic9_18Ffg3GgNwt4Ir2hgOjXYVkFz6qyvyrTA-1724290599-0.0.1.1-%2F0.6538720413422834
HTTP 301
https://app.retherswap.org/0.6538720413422834 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://app.retherswap.org/0.6538720413422834 HTTP 307
- https://app.retherswap.org/0.6538720413422834
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
0.6538720413422834
app.retherswap.org/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf.errors.css
app.retherswap.org/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-exclamation.png
app.retherswap.org/cdn-cgi/images/ |
452 B 540 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
app.retherswap.org/ |
3 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
0.6538720413422834
app.retherswap.org/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.4f871c3a.chunk.css
app.retherswap.org/static/css/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.d79df18c.chunk.css
app.retherswap.org/static/css/ |
90 B 415 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.fec0e185.chunk.js
app.retherswap.org/static/js/ |
3 MB 920 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.29f40c40.chunk.js
app.retherswap.org/static/js/ |
531 KB 151 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
api.retherswap.org/socket.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
app.retherswap.org/locales/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.c090b36d.svg
app.retherswap.org/static/media/ |
408 KB 305 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
app.retherswap.org/locales/ |
3 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.png
app.retherswap.org/ |
7 KB 8 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-Medium.75db5319.woff2
app.retherswap.org/static/media/ |
103 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-Regular.dc131113.woff2
app.retherswap.org/static/media/ |
97 KB 97 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hypra_trans-logo.db163edf.png
app.retherswap.org/static/media/ |
103 KB 103 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
raw.githubusercontent.com/Retherswap/default-token-list/main/supported_chains/hypra/0xCf52025D37f68dEdA9ef8307Ba4474eCbf15C33c/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hypra.5e143fde.png
app.retherswap.org/static/media/ |
130 KB 131 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polygon_trans-logo.9fc6b246.png
app.retherswap.org/static/media/ |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnb_trans-logo.390506f1.png
app.retherswap.org/static/media/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usdr.6602ff26.png
app.retherswap.org/static/media/ |
127 KB 127 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-ExtraBold.37da9eec.woff2
app.retherswap.org/static/media/ |
104 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-SemiBold.007ad31a.woff2
app.retherswap.org/static/media/ |
103 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
latest
api.retherswap.org/api/v1/pair_transactions/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app_infos
api.retherswap.org/api/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
rpc.retherswap.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
rpc.retherswap.org/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.png
app.retherswap.org/ |
7 KB 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
api.retherswap.org/socket.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.retherswap.org
- URL
- https://api.retherswap.org/socket.io/?EIO=4&transport=polling&t=P5tkgFi
- Domain
- api.retherswap.org
- URL
- https://api.retherswap.org/api/v1/pair_transactions/latest
- Domain
- api.retherswap.org
- URL
- https://api.retherswap.org/api/v1/app_infos
- Domain
- rpc.retherswap.org
- URL
- https://rpc.retherswap.org/
- Domain
- api.retherswap.org
- URL
- https://api.retherswap.org/socket.io/?EIO=4&transport=polling&t=P5tkjBi
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Uniswap (Crypto Exchange) Generic Cloudflare (Online)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackJsonpname function| setImmediate function| clearImmediate object| _ethers object| TreemapSquared function| SVG object| Apex function| ApexCharts object| TradingView1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.app.retherswap.org/ | Name: __cf_mw_byp Value: 5x3j0xic9_18Ffg3GgNwt4Ir2hgOjXYVkFz6qyvyrTA-1724290599-0.0.1.1-/0.6538720413422834 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.retherswap.org
app.retherswap.org
raw.githubusercontent.com
rpc.retherswap.org
api.retherswap.org
rpc.retherswap.org
172.67.71.183
185.199.108.133
06eacacbb7a0923f5c9919239bca0d13892df94f24ef9ed69a1dc7b5b77c6092
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
275b4a9a9cbd1e3ff7bc86b36444cbfcf1db1e06f884344ee048a6bd7cb96953
30365d839a172028205bc00b4278f162491456a124b4f7c6f1980d22abaa28cc
307d980962214ffa01b106339edcb5d2e6ef3a9607b9b815bb7287d2c735c68f
40fa6f201c456c807e5938de236f8cf37e06cfe1b64dc840cc96cb98f1e344de
4238fbdcfabbade61e5ac30fe308ab1670545fcdbd3935a26a0717b43fd261fc
6c453dc9d55ef78f75b370ab8ba201501490f230926f0f53566781a68551d2ed
829b3c82154e17f0683deeb57815641e876af2caf7807451238d2764d028e911
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
89f5798b3979cc43de5cb8f99295e1f38f187dc1d84913b05308585a17586e80
90f1642bae115c9e3d62a5a40c9c9e980ba827d5f89a24ccbbd4fd79938e1b43
b188064d0c9091f9e82b8abfde4ad3720e49620082392efb5af72b0d0ee0294a
b47c05fd19869447a11a45337dda957cda7f6e92dbe24507ab6cbc2a7c973c94
b93d149b9a832dea9553f04edc778ac818ea1f1ab2fd53cf38fcab06bf1b576d
bd97ec2a7e6dd1963feb3447be6a7a1b6c3b5eec19fe5088f15c90491bfae0ef
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d6438ba9ebc271fd389f31d0c03b0f02b099ea3af559641e6c45b57a98424c55
ecd240c91c0f40e196cf2d8c79044d3541ea09c3e2c323ca264d4f5606e324c3
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016