# uniswapv2.bdagscan.xyz — SUSPICIOUS > PhishDestroy identifies uniswapv2.bdagscan.xyz as a brand-impersonation domain. Registered March 17, 2026 via HOSTINGER, it shows 0/95 VirusTotal detections. ## Summary PhishDestroy flagged uniswapv2.bdagscan.xyz under seed d0d073 as an active brand-impersonation scam targeting the Uniswap platform. The domain explicitly mimics Uniswap V2 branding (uniswapv2) while appending a deceptive subdomain (bdagscan.xyz) to create the illusion of an official analytics or scanning tool. This tactic is designed to trick users into connecting cryptocurrency wallets under the pretense of legitimate service, a common drainer-kit vector where stolen funds are immediately routed through privacy chains or mixers. No custom malware payloads were observed in sandbox analysis, suggesting reliance on social engineering rather than exploit kits. This domain exhibits several red flags confirmed by forensic review. Registration occurred on March 17, 2026, making it just days old at time of assessment. It resolves to IP 172.67.192.246, a shared address historically associated with short-lived, high-risk domains. The registrar is HOSTINGER operations, UAB—a legitimate provider often abused due to bulk registration capabilities and WHOIS privacy options. VirusTotal returned 0 detections out of 95 engines as of latest scan, indicating evasion of signature-based detection. No entry was found in Google Safe Browsing (GSB) database, and third-party blocklists showed zero listings across public feeds. These indicators suggest a newly deployed, low-profile attack infrastructure still under the radar. The domain remains active and is under ongoing investigation by PhishDestroy threat intelligence teams. Immediate response includes flagging the domain in PhishDestroy’s blocklists and notifying hosting provider HOSTINGER for takedown. Users are advised to avoid visiting uniswapv2.bdagscan.xyz entirely. Given the brand-impersonation nature and proximity to major DeFi platforms, the residual risk remains elevated until full deactivation. Users should verify official URLs via Uniswap’s verified channels and enable hardware wallet signing for high-value transactions to mitigate drainer-kit exposure. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Uniswap ## Domain Intelligence - Registered: 2026-03-17 21:49:36 - Registrar: HOSTINGER operations, UAB - IP: 172.67.192.246 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/ad375cca-dfe8-465c-904b-3c6aa5816bdd - PhishDestroy: https://phishdestroy.io/domain/uniswapv2.bdagscan.xyz/ - LLM endpoint: https://phishdestroy.io/domain/uniswapv2.bdagscan.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/uniswapv2.bdagscan.xyz/ Last updated: 2026-03-28