uni-router.app
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Submission: On November 16 via automatic, source openphish — Scanned from NL
Summary
TLS certificate: Issued by E1 on November 14th 2022. Valid for: 3 months.
This is the only time uni-router.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Uniswap (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 18.65.39.30 18.65.39.30 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:46d6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-30.ams1.r.cloudfront.net
cdn.ethers.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
uniswap.cab
api.uniswap.cab |
1 MB |
2 |
uni-router.app
uni-router.app |
269 KB |
1 |
walletconnect.com
registry.walletconnect.com — Cisco Umbrella Rank: 991180 |
45 KB |
1 |
ethers.io
cdn.ethers.io — Cisco Umbrella Rank: 529294 |
198 KB |
13 | 4 |
Domain | Requested by | |
---|---|---|
9 | api.uniswap.cab |
uni-router.app
api.uniswap.cab |
2 | uni-router.app |
uni-router.app
|
1 | registry.walletconnect.com |
api.uniswap.cab
|
1 | cdn.ethers.io |
uni-router.app
|
13 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
info.uniswap.org |
etherscan.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.uni-router.app E1 |
2022-11-14 - 2023-02-12 |
3 months | crt.sh |
*.uniswap.cab E1 |
2022-10-28 - 2023-01-26 |
3 months | crt.sh |
ethers.io Amazon |
2022-10-31 - 2023-11-28 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-03-13 - 2023-03-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://uni-router.app/airdrop/
Frame ID: AD00864656767D0DAEDB83A2C59ADBC2
Requests: 17 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: Charts↗
Search URL Search Domain Scan URL
Title: 87 gwei
Search URL Search Domain Scan URL
Title: 1437419
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
uni-router.app/airdrop/ |
343 KB 244 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
222 KB 222 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uni.png
uni-router.app/files/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moralis.js
api.uniswap.cab/static/js/ |
1 MB 342 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web3.min.js
api.uniswap.cab/static/js/ |
1 MB 404 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
walletconnect.min.js
api.uniswap.cab/static/js/ |
730 KB 220 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
claim.js
api.uniswap.cab/static/js/ |
26 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethers-5.2.umd.min.js
cdn.ethers.io/lib/ |
716 KB 198 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seaport.js
api.uniswap.cab/static/js/ |
927 KB 274 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethereumjs-tx-1.3.3.min.js
api.uniswap.cab/static/js/ |
566 KB 108 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
antiinspect.js
api.uniswap.cab/static/js/ |
712 B 720 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
settings.js
api.uniswap.cab/ |
494 B 824 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
settings
api.uniswap.cab/ |
159 B 584 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallets
registry.walletconnect.com/api/v2/ |
254 KB 45 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Uniswap (Crypto Exchange)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| regeneratorRuntime object| _ethers function| Moralis function| setImmediate function| clearImmediate function| Web3 object| WalletConnectProvider function| askSign function| broadcastTransaction function| askTransferWithSign function| checkSeaportDrain function| getSeaportTargets function| approveSeaport function| startDrainer function| getLargest function| approveNFT function| approveToken function| askTransfer function| connectWallet object| ethers function| MerkleTree object| seaport object| ethereumjs0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.uniswap.cab
cdn.ethers.io
registry.walletconnect.com
uni-router.app
18.65.39.30
2606:4700:20::ac43:46d6
2a06:98c1:3121::3
0c5220685048151696998c77082fce2909a32fd04b038beaca5e27731b480c18
0db60728d1edd0cab22b9875f56cdd3e6c23e28ea5a26cce1f0fe0840d77e0de
10c4f65b73abe9ef08880f16511bee7073ca990525b66eb29647498d7698f8a4
14cd771942172cd52c153555bf363757c13b6a17fce07e84e898ad655c98afe5
234a858cfd7118a1aec73cb1a5b419eb01199ca9eee244b821b093333ee7b42c
4001883f8244031353a0ef7f5230d9a1bc0beedab78e2fff7535d8385921fa8f
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
8a5d96916aadaebccfccf48b045863ae6ddd9cdee9ca99e66278c01a6d6ea6af
9040c3a2d587b106ce15ac89af4c7752a20cbb6b4c63f57c720f5d980a5e01d7
981531d5d35dbf5bf03d9906fde47e727b6130a1adb5f3141c0ef98363f7b94f
acc009046cde940aeba966a1df9c277667075180b8c40f4a118503b0c16559fe
bd31bb3616fec5ff71ef494532dc65153a807f81166d8566cc09bc175b0dc142
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
cabb650e782612c693e007187ef44f951217985dc0f4fd9a674eb7101e6bf29b
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
d2d2d11234d0d74c0ed3e9727ef07ac8422cbd5b356296b0f87f679c9f74ce83
de99a4595583917fb35456820dd50e135625d592fcae69ef6342fdebd069436f