uniswap-v2.tokenpocket.pro
Open in
urlscan Pro
36.250.245.35
Malicious Activity!
Public Scan
Submission: On December 23 via automatic, source openphish — Scanned from DE
Summary
This is the only time uniswap-v2.tokenpocket.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Uniswap (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 36.250.245.35 36.250.245.35 | 4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone) | |
3 | 2a00:1450:400... 2a00:1450:4001:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6812:b46 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 185.199.108.133 185.199.108.133 | 54113 (FASTLY) (FASTLY) | |
2 | 3.64.200.242 3.64.200.242 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 76.76.21.21 76.76.21.21 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 54.242.116.230 54.242.116.230 | 14618 (AMAZON-AES) (AMAZON-AES) | |
25 | 8 |
ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
uniswap-v2.tokenpocket.pro |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-133.github.com
raw.githubusercontent.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-200-242.eu-central-1.compute.amazonaws.com
defiprime.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-116-230.compute-1.amazonaws.com
mainnet.infura.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
tokenpocket.pro
uniswap-v2.tokenpocket.pro |
3 MB |
4 |
infura.io
mainnet.infura.io |
540 B |
3 |
google-analytics.com
www.google-analytics.com |
20 KB |
2 |
umaproject.org
umaproject.org |
4 KB |
2 |
defiprime.com
defiprime.com |
8 KB |
2 |
githubusercontent.com
raw.githubusercontent.com |
8 KB |
2 |
tryroll.com
app.tryroll.com |
10 KB |
0 |
coingecko.com
Failed
www.coingecko.com Failed |
|
25 | 8 |
Domain | Requested by | |
---|---|---|
8 | uniswap-v2.tokenpocket.pro |
uniswap-v2.tokenpocket.pro
|
4 | mainnet.infura.io |
uniswap-v2.tokenpocket.pro
|
3 | www.google-analytics.com |
uniswap-v2.tokenpocket.pro
www.google-analytics.com |
2 | umaproject.org |
uniswap-v2.tokenpocket.pro
|
2 | defiprime.com |
uniswap-v2.tokenpocket.pro
|
2 | raw.githubusercontent.com |
uniswap-v2.tokenpocket.pro
|
2 | app.tryroll.com |
uniswap-v2.tokenpocket.pro
|
0 | www.coingecko.com Failed |
uniswap-v2.tokenpocket.pro
|
25 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
uniswap.info |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.tryroll.com R3 |
2021-11-04 - 2022-02-02 |
3 months | crt.sh |
www.github.com DigiCert SHA2 High Assurance Server CA |
2020-05-06 - 2022-04-14 |
2 years | crt.sh |
*.defiprime.com R3 |
2021-11-02 - 2022-01-31 |
3 months | crt.sh |
umaproject.org R3 |
2021-11-25 - 2022-02-23 |
3 months | crt.sh |
*.infura.io Amazon |
2021-02-27 - 2022-03-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://uniswap-v2.tokenpocket.pro/
Frame ID: CD3375C3EDB01013CAE0D034035CEB5F
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Uniswap InterfaceDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Charts ↗
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
uniswap-v2.tokenpocket.pro/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.f04942fe.chunk.css
uniswap-v2.tokenpocket.pro/static/css/ |
5 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.292c8984.chunk.js
uniswap-v2.tokenpocket.pro/static/js/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.298eb568.chunk.js
uniswap-v2.tokenpocket.pro/static/js/ |
452 KB 453 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.json
uniswap-v2.tokenpocket.pro/locales/ |
117 B 570 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
v_0_0_0.json
www.coingecko.com/tokens_list/uniswap/defi_100/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tokens.json
app.tryroll.com/ |
15 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compound.tokenlist.json
raw.githubusercontent.com/compound-finance/token-list/master/ |
25 KB 4 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defiprime.tokenlist.json
defiprime.com/ |
18 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uma.tokenlist.json
umaproject.org/ |
7 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en-US.json
uniswap-v2.tokenpocket.pro/locales/ |
117 B 570 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 214 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
472c92d2f17f481588c92adc6629803b
mainnet.infura.io/v3/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
472c92d2f17f481588c92adc6629803b
mainnet.infura.io/v3/ |
90 B 270 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.742edb09.svg
uniswap-v2.tokenpocket.pro/static/media/ |
8 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Inter-roman.var.90e8f61d.woff2
uniswap-v2.tokenpocket.pro/static/media/ |
0 0 |
Font
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
v_0_0_0.json
www.coingecko.com/tokens_list/uniswap/defi_100/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tokens.json
app.tryroll.com/ |
15 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compound.tokenlist.json
raw.githubusercontent.com/compound-finance/token-list/master/ |
25 KB 4 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defiprime.tokenlist.json
defiprime.com/ |
18 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uma.tokenlist.json
umaproject.org/ |
7 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
472c92d2f17f481588c92adc6629803b
mainnet.infura.io/v3/ |
90 B 270 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
472c92d2f17f481588c92adc6629803b
mainnet.infura.io/v3/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.coingecko.com
- URL
- https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json
- Domain
- www.coingecko.com
- URL
- https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Uniswap (Crypto Exchange)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackJsonp@uniswap/interface object| regeneratorRuntime function| setImmediate function| clearImmediate object| scCGSHMRCache object| _ethers string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tokenpocket.pro/ | Name: _ga Value: GA1.2.1611997938.1640217725 |
|
.tokenpocket.pro/ | Name: _gid Value: GA1.2.1305051829.1640217725 |
|
.tokenpocket.pro/ | Name: _gat Value: 1 |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.tryroll.com
defiprime.com
mainnet.infura.io
raw.githubusercontent.com
umaproject.org
uniswap-v2.tokenpocket.pro
www.coingecko.com
www.google-analytics.com
www.coingecko.com
185.199.108.133
2606:4700::6812:b46
2a00:1450:4001:80f::200e
3.64.200.242
36.250.245.35
54.242.116.230
76.76.21.21
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6
30066b009850f55fff079b08685b2d75558a3d556dbda126dd32382745813fa4
414648afaa14fe736635bd028b45a87bcb3ea8ba078fead51b5ef0f320b06997
70b6b98bad3a8e320db0051639b5d9103de2d14d662a16a4bdbb6d16b2caaccd
7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
96ef62d626d75f01b01e6a2e94d6255b39df7e7779740165de5d45559c35927c
9ad5c3cd71f120e6f453795d3f169ac3e398b8abc57ca129afc069b3c07c1c0a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b400128f590c3712f199f612fa2587ed92533fc7c8df67072ab7884b8e66d4d2
b62a0de71a7fdeb9344ae840fda2dd06d129022758a94ec7eac00aa920484067
b6cb24164b57c3f2e1c83112a0b03e251d533d685670d9c52bcd703d17da67b5
c483324a4e9881deadeb8735ad86dbbecc5942b5b1be22973ce6dd6c0b7f73a2
f34534c13f4659b8c81936b849eb0d3211ffc5d7de0d277fc2fe2328193bad89
f470e65cfff7354215bc71a84c93126033981e665fc75fdc9137b78db3ea7bda