mswap.bbd.sh Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mswap.bbd.sh/	3 KB 2 KB	650ms 589ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2099b0c9285fc7b610857f891e252a08f6c0e273b1614a1d6e2f74cd7e08d1df Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 882397c6c80466a0-AMS content-encoding br content-type text/html date Sat, 11 May 2024 16:37:19 GMT last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTgENyjYYUhblXNbQ6TY9CklBJ9p8BFVy0D%2BtlXt%2BmwX%2BsScfYHABHTqqnSXsyKeeJHs%2BatXutDC67N3nbU2e8%2F6r2otEgpFkcCLlwtbW46L9BC7rQdJ1wqIWNlN1gS0yP20VuW0KPf2Sj4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	4.f04942fe.chunk.css mswap.bbd.sh/static/css/	5 KB 1 KB	585ms 585ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/static/css/4.f04942fe.chunk.css Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:19 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-14d3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GUZQkGo9LxfxTupG3fY9OPB9NQ6PqWrxZIjo%2FfRnjI%2Bu3Z9iDiboa33Yy%2FTQSj0Yq226aD%2Fe2HDWruvrCorQw9Ybn9sl5S4LVX4u6VSCJFLhb3k18thzTWVWdGv97ebjP7tlcVYH%2F%2F%2FdaLE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 882397ca8d6e66a0-AMS alt-svc h3=":443"; ma=86400
GET H2	200	4.3a216566.chunk.js Show response mswap.bbd.sh/static/js/	1 MB 436 KB	1962ms 1962ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/static/js/4.3a216566.chunk.js Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf47cb3417636580384fe35a484a1b183bcea3e56b74dbe0c1aa4860882224fc Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:21 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-17a0bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZ0gMZFAyLZBi%2F6kc8iPuj04qPh8NUB%2BBGYn4ezZ1%2Fm1H2kmWCQOOaAzYsOqArNgjonHh%2FYMJRQAtOBPHeakmoBjvyKSOpaPVh1I9HD%2F8yoiOTrqsxHrFcj9ntYxOpnwnXOYikGUOyl6szk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 882397ca8d7566a0-AMS alt-svc h3=":443"; ma=86400
GET H2	200	main.b8cbba3a.chunk.js Show response mswap.bbd.sh/static/js/	348 KB 92 KB	1712ms 1712ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9714ebb32e37727cd1b10f4025b94f0d11d82bd489632e3f236d0425ad45f169 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:20 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-5701f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gKw3ZgCCFYGq%2B3VfglUjSZbfu7D8pfQ0SvFDsNPrnpGiLYU91E5E1jCay%2BBImPxmyTDPX1EPa8DCidEGjC87vt1LcghF48z0Lid9P7%2BLc0OWaV2oZS6p0LYMl1ydYHPv%2BHHjqQl1uzhboyM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 882397ca8d7b66a0-AMS alt-svc h3=":443"; ma=86400
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	82ms 23ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/4.3a216566.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 11 May 2024 16:07:49 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1772 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 11 May 2024 18:07:49 GMT
GET H3	200	en.json Show response mswap.bbd.sh/locales/	4 KB 2 KB	581ms 581ms	XHR application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/locales/en.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/4.3a216566.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661 Request headers Referer https://mswap.bbd.sh/ X-Requested-With XMLHttpRequest Accept-Language nl-NL,nl;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:22 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 28 Sep 2023 09:51:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65154cac-10e1" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nz%2Fy6Dj58rHIdfnCw3d%2FNmXfDYg1ShEh6zlTeSbIyDhxLNEft%2BUK3MDm7hzlQudK1uHOD3oLPcK9jmjxVt6w0Ax%2F92l35CULKRge2h1aETqC%2Bj2V6UOE45V5EF9sWMc%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 882397d96ef366ca-AMS alt-svc h3=":443"; ma=86400
GET H3	200	logo.5827780d.svg mswap.bbd.sh/static/media/	7 KB 3 KB	593ms 593ms	Image image/svg+xml	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mswap.bbd.sh/static/media/logo.5827780d.svg Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7c23707e191b848cf7636633fdc4a1f6782e950efc7f7e5d89f6876d93220ad Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:22 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-1b8c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZ8vUsGCmU2sSTeJk%2BfnZ5R4CUCvniECGRjHYd0cEH%2Fk5ZQJ4Ayt9j%2FS08AVnh7gKhusZZHoBEk%2F8qJKvt4wdiByDMUMflw1S1EtQzI80MOri7ioDir%2BjpQjzDsFa10%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 882397d96ef566ca-AMS alt-svc h3=":443"; ma=86400
GET H3	200	wordmark.b75565ae.svg mswap.bbd.sh/static/media/	107 KB 33 KB	1431ms 1431ms	Image image/svg+xml	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mswap.bbd.sh/static/media/wordmark.b75565ae.svg Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd7a6976bd35ec63c5b4d7da9863689ad8dc088906b0a92015a79d20aa93dc6c Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:22 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-1aa2b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uIJ7GTypRYu5riHy3bWDqhYmsUC2QnyvRLyc5qjEXak1szs6pN5c1aYYRpwLC2S0bApDn6xjfzFn9NgMUPg8UsdL2ousl2i%2BIovtmhzYddW91EPA0yZuvg0O2wfN3JE%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 882397d96ef666ca-AMS alt-svc h3=":443"; ma=86400
GET H3	404	en-US.json Show response mswap.bbd.sh/locales/	153 B 483 B	590ms 590ms	XHR text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/locales/en-US.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/4.3a216566.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10174434dbe479c08b32ce3b42b70e7c6336647d29e4393483158d590d35c325 Request headers Referer https://mswap.bbd.sh/ X-Requested-With XMLHttpRequest Accept-Language nl-NL,nl;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fokMRzrfTvhtyVnNqTJT%2B1D59XJhW2AlnLmP4ucO6DAAd1qlcwPlb5hweOQKzGiaSFAvCL0oFIrIo3QqCwfTbm7dQyqIMcj0W3dWmZfMynPuGV4jWY93vohNVZo7faI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 882397d96ef766ca-AMS alt-svc h3=":443"; ma=86400
GET		v_0_0_0.json www.coingecko.com/tokens_list/uniswap/defi_100/	0 0
GET H2	200	tokens.json Show response app.tryroll.com/	16 KB 5 KB	440ms 381ms	Fetch application/json	2606:4700::6812:b46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.tryroll.com/tokens.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d0c2be4e059bb158e7576b4f4ada95cc4ffc517bd427aa992535acbb5ab80cd2 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:21 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status MISS server cloudflare x-powered-by Express etag W/"3eb6-OAFBN9tVPwSG2RQGpeS8ljaPHHo" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Authorization cache-control public, max-age=14400 cf-ray 882397d9d9469f8d-AMS expires Sat, 11 May 2024 20:37:21 GMT
GET H2	200	compound.tokenlist.json Show response raw.githubusercontent.com/compound-finance/token-list/master/	25 KB 4 KB	169ms 131ms	Fetch text/plain	2606:50c0:8003::154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://raw.githubusercontent.com/compound-finance/token-list/master/compound.tokenlist.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 414648afaa14fe736635bd028b45a87bcb3ea8ba078fead51b5ef0f320b06997 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers x-fastly-request-id a6c9c6fd4bab3b862ae277e4cdb47218b50895a6 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Sat, 11 May 2024 16:37:21 GMT content-encoding gzip via 1.1 varnish x-cache MISS x-cache-hits 0 cross-origin-resource-policy cross-origin content-length 3844 x-xss-protection 1; mode=block x-served-by cache-ams21065-AMS x-github-request-id 3E3E:2BE62F:1BF555A:1D90511:663F9EC0 x-timer S1715445442.554402,VS0,VE116 etag W/"e0f4798cabc5703161b931b5d659e3f78169d6818f71ec1ffb7b58d0ff42feec" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Sat, 11 May 2024 16:42:21 GMT
GET H2	200	defiprime.tokenlist.json Show response defiprime.com/	22 KB 5 KB	157ms 76ms	Fetch application/json	2606:4700:3032::6815:50b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://defiprime.com/defiprime.tokenlist.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:50b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64efcbf0bcf051f7c50b131d27f6aeeb25df502a3d07d11acc4f4259f6e01075 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:21 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status DYNAMIC etag W/"71eba62dd22bd63240f25b886b8a0026" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kV5TNeFM3Zk2NcIRV6PWFl%2FneS6w%2Btori0y%2FxK1ZwXZYcUksz9RBWBIZsYFxRAA%2F1oOTt2weoISHLXU288PbgzoXtbusZQY2Qxdt7dXMYmYo%2BZ9QRcjzZqnltcqHQslma%2B3HSbkrk2RPdnw"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 882397d9fba29ff3-AMS alt-svc h3=":443"; ma=86400
GET		uma.tokenlist.json umaproject.org/	0 0
POST H2	403	099fc58e0de9451d80b18d7c74caa7c1 Show response mainnet.infura.io/v3/	90 B 261 B	100ms 100ms	Fetch text/plain	3.226.71.195 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.71.195 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-71-195.compute-1.amazonaws.com Software / Resource Hash 1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://mswap.bbd.sh/ Accept-Language nl-NL,nl;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 content-type application/json Response headers access-control-allow-origin https://mswap.bbd.sh date Sat, 11 May 2024 16:37:21 GMT x-content-type-options nosniff content-length 90 vary Origin, Accept-Encoding content-type text/plain; charset=utf-8
OPTIONS H2	200	099fc58e0de9451d80b18d7c74caa7c1 mainnet.infura.io/v3/	0 0	353ms 100ms	Preflight	3.226.71.195 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.71.195 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-71-195.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://mswap.bbd.sh Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers Content-Type access-control-allow-methods POST access-control-allow-origin https://mswap.bbd.sh access-control-max-age 86400 content-length 0 date Sat, 11 May 2024 16:37:21 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H3	200	Inter-roman.var.90e8f61d.woff2 mswap.bbd.sh/static/media/	221 KB 221 KB	1144ms 1143ms	Font font/woff2	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/static/media/Inter-roman.var.90e8f61d.woff2 Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/css/4.f04942fe.chunk.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8e5fc78cc13c39d7b6040a18239c1e50352520f8a205b179afaa48ff31e8549 Request headers Referer https://mswap.bbd.sh/static/css/4.f04942fe.chunk.css Origin https://mswap.bbd.sh Accept-Language nl-NL,nl;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:23 GMT cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "651a63d9-37334" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iJ2Nflx%2BvPI%2BHo2KKdZQPHJ7cr%2BxwRr%2Fp0Ne074B4PCbpd%2FnVgTnVgdnrxsu5fprLLq4tlpukMWxDv1Dy7NB6otd2b4fL8ZYPhyveWinYSWOjugMUcGqhgWq1Y8XTM%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 882397dd2a2e66ca-AMS alt-svc h3=":443"; ma=86400 content-length 226100
GET		v_0_0_0.json www.coingecko.com/tokens_list/uniswap/defi_100/	0 0
GET H2	200	tokens.json Show response app.tryroll.com/	16 KB 0	0ms 0ms	Fetch application/json	2606:4700::6812:b46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.tryroll.com/tokens.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d0c2be4e059bb158e7576b4f4ada95cc4ffc517bd427aa992535acbb5ab80cd2 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:21 GMT content-encoding gzip cf-cache-status MISS server cloudflare x-powered-by Express etag W/"3eb6-OAFBN9tVPwSG2RQGpeS8ljaPHHo" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Authorization cache-control public, max-age=14400 cf-ray 882397d9d9469f8d-AMS expires Sat, 11 May 2024 20:37:21 GMT
GET H2	200	compound.tokenlist.json Show response raw.githubusercontent.com/compound-finance/token-list/master/	25 KB 0	0ms 0ms	Fetch text/plain	2606:50c0:8003::154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://raw.githubusercontent.com/compound-finance/token-list/master/compound.tokenlist.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 414648afaa14fe736635bd028b45a87bcb3ea8ba078fead51b5ef0f320b06997 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers x-fastly-request-id a6c9c6fd4bab3b862ae277e4cdb47218b50895a6 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox content-encoding gzip x-content-type-options nosniff date Sat, 11 May 2024 16:37:21 GMT via 1.1 varnish x-cache-hits 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 3844 x-xss-protection 1; mode=block x-served-by cache-ams21065-AMS x-github-request-id 3E3E:2BE62F:1BF555A:1D90511:663F9EC0 x-timer S1715445442.554402,VS0,VE116 etag W/"e0f4798cabc5703161b931b5d659e3f78169d6818f71ec1ffb7b58d0ff42feec" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Sat, 11 May 2024 16:42:21 GMT
GET H2	200	defiprime.tokenlist.json Show response defiprime.com/	22 KB 279 B	33ms 32ms	Fetch application/json	2606:4700:3032::6815:50b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://defiprime.com/defiprime.tokenlist.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:50b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64efcbf0bcf051f7c50b131d27f6aeeb25df502a3d07d11acc4f4259f6e01075 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:22 GMT content-encoding br referrer-policy strict-origin-when-cross-origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-content-type-options nosniff etag W/"71eba62dd22bd63240f25b886b8a0026" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fR3ItpYhu81uiM0tIxBJZNaHf6Zkw93bADyI6BDmKni6W%2FOosVGIVvEAvnNYylNOrZMVxwCimEqsbMKccTruRJOrYW2zOlv6Gug7IAzTbBya6YzEJ2YkkCV%2Fl485Axyc06shfZzJIKOpqYeW"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 882397dd7fb59ff3-AMS alt-svc h3=":443"; ma=86400
GET		uma.tokenlist.json umaproject.org/	0 0
POST H2	403	099fc58e0de9451d80b18d7c74caa7c1 Show response mainnet.infura.io/v3/	90 B 261 B	100ms 100ms	Fetch text/plain	3.226.71.195 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.71.195 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-71-195.compute-1.amazonaws.com Software / Resource Hash 1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://mswap.bbd.sh/ Accept-Language nl-NL,nl;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 content-type application/json Response headers access-control-allow-origin https://mswap.bbd.sh date Sat, 11 May 2024 16:37:22 GMT x-content-type-options nosniff content-length 90 vary Origin, Accept-Encoding content-type text/plain; charset=utf-8
GET H3	200	favicon.png mswap.bbd.sh/	7 KB 7 KB	582ms 582ms	Other image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64dbdcf0bf0488a0036b872f3fb9acb85c6354a661abeb54f57f85caf6400737 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 11 May 2024 16:37:24 GMT cf-cache-status MISS last-modified Thu, 28 Sep 2023 09:51:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65154cac-1ba0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0aMltMmvbgpAX9ohLJd0tJ6A2dVJS7XHr%2BxnvAxZravn5eGtiT7%2F7cGEZQBgTekD%2BoBCOFDUxoFG8DP5LjQkpZWJLzpsseBrQOGMJeg2R7LzVxDTGBMPHLEK%2F%2FVV4DY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 882397e80b7d66ca-AMS alt-svc h3=":443"; ma=86400 content-length 7072

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.coingecko.com

URL

https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json

Domain

umaproject.org

URL

https://umaproject.org/uma.tokenlist.json

Domain

www.coingecko.com

URL

https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json

Domain

umaproject.org

URL

https://umaproject.org/uma.tokenlist.json

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uniswap (Crypto Exchange)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp@uniswap/interface object| regeneratorRuntime function| setImmediate function| clearImmediate object| scCGSHMRCache string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bbd.sh/	1970-01-21 06:06:45	Name: _ga Value: GA1.2.73485722.1715445442
			.bbd.sh/	1970-01-20 20:32:11	Name: _gid Value: GA1.2.249882371.1715445442

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://mswap.bbd.sh/#/swap Message: Access to fetch at 'https://umaproject.org/uma.tokenlist.json' from origin 'https://mswap.bbd.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://umaproject.org/uma.tokenlist.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mswap.bbd.sh/#/swap Message: Access to fetch at 'https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json' from origin 'https://mswap.bbd.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://mswap.bbd.sh/locales/en-US.json Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://mswap.bbd.sh/#/swap Message: Access to fetch at 'https://umaproject.org/uma.tokenlist.json' from origin 'https://mswap.bbd.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://umaproject.org/uma.tokenlist.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://mswap.bbd.sh/#/swap Message: Access to fetch at 'https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json' from origin 'https://mswap.bbd.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.tryroll.com
defiprime.com
mainnet.infura.io
mswap.bbd.sh
raw.githubusercontent.com
umaproject.org
www.coingecko.com
www.google-analytics.com
umaproject.org
www.coingecko.com
188.114.97.3
2606:4700:3032::6815:50b7
2606:4700::6812:b46
2606:50c0:8003::154
2a00:1450:4001:803::200e
2a06:98c1:3120::3
3.226.71.195
0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661
10174434dbe479c08b32ce3b42b70e7c6336647d29e4393483158d590d35c325
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6
2099b0c9285fc7b610857f891e252a08f6c0e273b1614a1d6e2f74cd7e08d1df
414648afaa14fe736635bd028b45a87bcb3ea8ba078fead51b5ef0f320b06997
64dbdcf0bf0488a0036b872f3fb9acb85c6354a661abeb54f57f85caf6400737
64efcbf0bcf051f7c50b131d27f6aeeb25df502a3d07d11acc4f4259f6e01075
7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430
9714ebb32e37727cd1b10f4025b94f0d11d82bd489632e3f236d0425ad45f169
a7c23707e191b848cf7636633fdc4a1f6782e950efc7f7e5d89f6876d93220ad
b8e5fc78cc13c39d7b6040a18239c1e50352520f8a205b179afaa48ff31e8549
bd7a6976bd35ec63c5b4d7da9863689ad8dc088906b0a92015a79d20aa93dc6c
cf47cb3417636580384fe35a484a1b183bcea3e56b74dbe0c1aa4860882224fc
d0c2be4e059bb158e7576b4f4ada95cc4ffc517bd427aa992535acbb5ab80cd2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd