This is an FP.
Mind this however: Hardening Improvements
Protection
No website application firewall detected. Please install a cloud-based WAF to prevent website hacks and DDoS attacks.
Security Headers
Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors 'none'.
Missing security header to prevent Content Type sniffing.
Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src
(source: sucuri dot net)
Here they slightly differ in opinion, but not fundamentally,
see:
https://urlscan.io/result/7268460b-71ae-4f2e-a7bb-1917e179f11f/Re:
https://sitereport.netcraft.com/?url=http://beta.swaap.financeAlso consider:
https://urlscan.io/search/#domain:%22api.coingecko.com%22(server Netlify uses Snyk as a security-plug-in)
Also see:
https://urlscan.io/result/fe7f15df-e091-40c8-8864-d186500ca609/Phishing against Uniswap, but not reaching a final verdict: Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
So do as avast's Milos proposes.
polonus