covid19info.info
Open in
urlscan Pro
185.199.111.153
Malicious Activity!
Public Scan
Effective URL: https://covid19info.info/
Submission: On May 25 via manual from RS — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 15th 2022. Valid for: 3 months.
This is the only time covid19info.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Uniswap (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 185.199.111.153 185.199.111.153 | 54113 (FASTLY) (FASTLY) | |
3 | 2a00:1450:400... 2a00:1450:4001:801::200e | 15169 (GOOGLE) (GOOGLE) | |
9 | 2606:50c0:800... 2606:50c0:8000::154 | 54113 (FASTLY) (FASTLY) | |
2 | 76.76.21.21 76.76.21.21 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700::68... 2606:4700::6812:b46 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3037::ac43:a40b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a05:d014:275... 2a05:d014:275:cb02:b2b8:b4ca:8518:7335 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 54.156.8.81 54.156.8.81 | 14618 (AMAZON-AES) (AMAZON-AES) | |
31 | 9 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
covid19info.info |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
www.gemini.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-8-81.compute-1.amazonaws.com
mainnet.infura.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4155 |
24 KB |
8 |
covid19info.info
1 redirects
covid19info.info |
1 MB |
4 |
infura.io
mainnet.infura.io — Cisco Umbrella Rank: 20870 |
526 B |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
20 KB |
2 |
gemini.com
www.gemini.com — Cisco Umbrella Rank: 77701 |
3 KB |
2 |
coingecko.com
tokens.coingecko.com — Cisco Umbrella Rank: 205404 |
581 KB |
2 |
tryroll.com
app.tryroll.com — Cisco Umbrella Rank: 374420 |
10 KB |
2 |
umaproject.org
umaproject.org — Cisco Umbrella Rank: 710473 |
4 KB |
31 | 8 |
Domain | Requested by | |
---|---|---|
9 | raw.githubusercontent.com |
covid19info.info
|
8 | covid19info.info |
1 redirects
covid19info.info
|
4 | mainnet.infura.io |
covid19info.info
|
3 | www.google-analytics.com |
covid19info.info
|
2 | www.gemini.com |
covid19info.info
|
2 | tokens.coingecko.com |
covid19info.info
|
2 | app.tryroll.com |
covid19info.info
|
2 | umaproject.org |
covid19info.info
|
31 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
info.uniswap.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
covid19info.info R3 |
2022-04-15 - 2022-07-14 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.github.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-07 - 2023-04-07 |
a year | crt.sh |
umaproject.org R3 |
2022-04-08 - 2022-07-07 |
3 months | crt.sh |
tryroll.com Cloudflare Inc ECC CA-3 |
2022-03-29 - 2023-03-28 |
a year | crt.sh |
*.tokens.coingecko.com E1 |
2022-05-22 - 2022-08-20 |
3 months | crt.sh |
www.gemini.com GlobalSign Extended Validation CA - SHA256 - G3 |
2022-01-25 - 2023-02-26 |
a year | crt.sh |
*.infura.io Amazon |
2022-01-28 - 2023-02-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://covid19info.info/
Frame ID: 125BFA794C6845AB9E545C352DC7100C
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
Uniswap InterfacePage URL History Show full URLs
-
http://covid19info.info/
HTTP 301
https://covid19info.info/ Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Charts↗
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://covid19info.info/
HTTP 301
https://covid19info.info/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
covid19info.info/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.2efb9cd0.chunk.css
covid19info.info/static/css/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.6ab7ddf6.chunk.js
covid19info.info/static/js/ |
3 MB 692 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.8c9924eb.chunk.js
covid19info.info/static/js/ |
1 MB 206 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-roman.var.b65534c5.woff2
covid19info.info/static/media/ |
222 KB 223 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17.f67ca092.chunk.js
covid19info.info/static/js/ |
41 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.4a50b488.svg
covid19info.info/static/media/ |
8 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compound.tokenlist.json
raw.githubusercontent.com/compound-finance/token-list/master/ |
25 KB 4 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uma.tokenlist.json
umaproject.org/ |
7 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
set.tokenlist.json
raw.githubusercontent.com/SetProtocol/uniswap-tokenlist/main/ |
19 KB 4 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opyn-v1.tokenlist.json
raw.githubusercontent.com/opynfinance/opyn-tokenlist/master/ |
14 B 111 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tokens.json
app.tryroll.com/ |
15 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.json
tokens.coingecko.com/uniswap/ |
1 MB 290 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.json
www.gemini.com/uniswap/ |
8 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ba-sec-list.json
raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ |
8 KB 3 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ba-sec-list.json
raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ |
8 KB 2 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compound.tokenlist.json
raw.githubusercontent.com/compound-finance/token-list/master/ |
25 KB 4 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uma.tokenlist.json
umaproject.org/ |
7 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
set.tokenlist.json
raw.githubusercontent.com/SetProtocol/uniswap-tokenlist/main/ |
19 KB 4 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opyn-v1.tokenlist.json
raw.githubusercontent.com/opynfinance/opyn-tokenlist/master/ |
14 B 137 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tokens.json
app.tryroll.com/ |
15 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.json
tokens.coingecko.com/uniswap/ |
1 MB 291 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.json
www.gemini.com/uniswap/ |
8 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ba-sec-list.json
raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ |
8 KB 2 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
099fc58e0de9451d80b18d7c74caa7c1
mainnet.infura.io/v3/ |
90 B 263 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
099fc58e0de9451d80b18d7c74caa7c1
mainnet.infura.io/v3/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
099fc58e0de9451d80b18d7c74caa7c1
mainnet.infura.io/v3/ |
90 B 263 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
099fc58e0de9451d80b18d7c74caa7c1
mainnet.infura.io/v3/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Uniswap (Crypto Exchange)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| webpackJsonp@uniswap/interface object| regeneratorRuntime function| setImmediate function| clearImmediate object| scCGSHMRCache object| _ethers string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.tryroll.com
covid19info.info
mainnet.infura.io
raw.githubusercontent.com
tokens.coingecko.com
umaproject.org
www.gemini.com
www.google-analytics.com
185.199.111.153
2606:4700:3037::ac43:a40b
2606:4700::6812:b46
2606:50c0:8000::154
2a00:1450:4001:801::200e
2a05:d014:275:cb02:b2b8:b4ca:8518:7335
54.156.8.81
76.76.21.21
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6
359a5363d6da68ca1ce2f7ef109155cb450126cf16280288b066ceaf9e23c4f1
387d63745f93a215fb6303c455cbec92c1f2b69a7b14ebc7f7eb0fe056fcdc19
3b5326fba8e660c3e317a1323bd7336a09713c9444cb2b94f8bb09944a8fd9b9
40beebc2ca31708bb9f5ed9f368ce17788d2dc35b8d0483052af57888dd267f1
414648afaa14fe736635bd028b45a87bcb3ea8ba078fead51b5ef0f320b06997
5de030ef76d6ffd16a373be05fc227e2576d79ab75d53059ebd1ec1cfd37a314
70b6b98bad3a8e320db0051639b5d9103de2d14d662a16a4bdbb6d16b2caaccd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c651ab821ce5d08005443b6287a2922f431a92962b2a0018b4c5799a32bb438
91ba51abc68419a2a93c07c06f332dfc91125789ee799f0d936df0e29554af0f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2375505385b451d5950a3bc68722824f7d0a0f9d8018145b0a8930217c8f4c3
caaf327810f663d285a45ef78583a99ecf42b70b37baafbb352181bcafb838ff
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
d2d2d11234d0d74c0ed3e9727ef07ac8422cbd5b356296b0f87f679c9f74ce83
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
eab7ec96897229884c2ae4958ee4414afa00c9ae529e0674b90ab8ce9731950b
f34534c13f4659b8c81936b849eb0d3211ffc5d7de0d277fc2fe2328193bad89