mswap.bbd.sh Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mswap.bbd.sh/	3 KB 2 KB	650ms 591ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2099b0c9285fc7b610857f891e252a08f6c0e273b1614a1d6e2f74cd7e08d1df Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86fa52314a2d5c3d-AMS content-encoding br content-type text/html date Fri, 05 Apr 2024 14:45:18 GMT last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mf8IU3HGh1tk03yoVcgSxLRfnb6ZSf8Ev91h36sKhb5LIhzzuC4mWFhW%2FSalVUAZJJHLYn0Gc0yhwGNJlLkEccCVoKtMViok6mckS48zdgEB9jMOBMA6EF%2FFr24C1nCjmeHLFmHRra5tR%2Bs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	4.f04942fe.chunk.css mswap.bbd.sh/static/css/	5 KB 1 KB	593ms 593ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/static/css/4.f04942fe.chunk.css Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430 Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:18 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-14d3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KI5M%2FYliJRc30yYMH%2BmXUczlEItNh4dDOgDHUpZcWpez1EE1S6D2iKWpcCOcJa1jJzoBcDMwZGzqlX3bCXiaryoWxO03zr8hNbUcw3klDgSOXzyZ7DSg2WJF7qeVxN4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 86fa5235091c9f63-AMS alt-svc h3=":443"; ma=86400
GET H3	200	4.3a216566.chunk.js Show response mswap.bbd.sh/static/js/	1 MB 436 KB	1962ms 1961ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/static/js/4.3a216566.chunk.js Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf47cb3417636580384fe35a484a1b183bcea3e56b74dbe0c1aa4860882224fc Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:20 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-17a0bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXy66LLuc8n7cX54IjECG9CKlgJt%2B3tfTUZJFC6bQQVuZLahSodrcnTPX6OW7Ke9fLgWrWdCqjOCyDOhYeQYrcAJMj7FurmAe9OhkmFfGuf%2BaLx5eZbA%2F1yibodTC7o%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 86fa5235091e9f63-AMS alt-svc h3=":443"; ma=86400
GET H3	200	main.b8cbba3a.chunk.js Show response mswap.bbd.sh/static/js/	348 KB 92 KB	1688ms 1688ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9714ebb32e37727cd1b10f4025b94f0d11d82bd489632e3f236d0425ad45f169 Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:19 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-5701f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFrl%2B1LouSb1dZ%2BKx%2F7aeso6HjHsKjcCrrs3nmkCChM7Pem2IqXZiUwJZhRdLRmqBcel8Z8rvcj2HcF%2F4wdDoH7kZKupa%2BZOEO%2BO5sCND10ThDiXFdd60q%2BCAFM2Wow%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 86fa5235091f9f63-AMS alt-svc h3=":443"; ma=86400
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	66ms 18ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/4.3a216566.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 05 Apr 2024 13:38:42 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3998 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 05 Apr 2024 15:38:42 GMT
GET H3	200	en.json Show response mswap.bbd.sh/locales/	4 KB 2 KB	574ms 574ms	XHR application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/locales/en.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/4.3a216566.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661 Request headers Referer https://mswap.bbd.sh/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:21 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 28 Sep 2023 09:51:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65154cac-10e1" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dfU%2BTE%2F4xrucAAKFvACSoimmKYGyypHnlZyecmYjqSDkE0yPKJMHuvVc%2FZRCcmVUD4zS5LjXe0yjZbxhpTNFjSJtJavV32%2F3Ebgnz8VspC3kjiSiYwj0ROzwQL7RT5M%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 86fa5243f9139f63-AMS alt-svc h3=":443"; ma=86400
GET H3	200	logo.5827780d.svg mswap.bbd.sh/static/media/	7 KB 3 KB	587ms 587ms	Image image/svg+xml	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mswap.bbd.sh/static/media/logo.5827780d.svg Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7c23707e191b848cf7636633fdc4a1f6782e950efc7f7e5d89f6876d93220ad Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:21 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-1b8c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=71FVSYsWy2lNzieDdu8S%2FggLlnjBEx%2F2UE74%2BOpVoW%2BLr4vO60oDri7j54Mr3P9BZJV7MV4cFIlReGdmk4EBvoCgX6b2bRT8K78Q4%2Bw7MsgciTHYFx1VxgdtQv13SSs%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 86fa5243f9159f63-AMS alt-svc h3=":443"; ma=86400
GET H3	200	wordmark.b75565ae.svg mswap.bbd.sh/static/media/	107 KB 33 KB	1409ms 1409ms	Image image/svg+xml	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mswap.bbd.sh/static/media/wordmark.b75565ae.svg Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd7a6976bd35ec63c5b4d7da9863689ad8dc088906b0a92015a79d20aa93dc6c Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:22 GMT content-encoding br cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651a63d9-1aa2b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JLYH%2Bj6sO789PNTtXM5bJN2vZnxjh8C2JznK9tTUXEzJuJmsLEDqmvK6qaPB5YGdiS7eTEpIGNsoE8kB%2FOZk3APvkBZ3X5jc2%2FMPFy81ZGDXoizg3u%2FkIBUFmwfPK7g%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 86fa5243f9169f63-AMS alt-svc h3=":443"; ma=86400
GET H3	404	en-US.json Show response mswap.bbd.sh/locales/	153 B 489 B	580ms 579ms	XHR text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/locales/en-US.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/4.3a216566.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10174434dbe479c08b32ce3b42b70e7c6336647d29e4393483158d590d35c325 Request headers Referer https://mswap.bbd.sh/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:21 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWB9PVSEltwbc1gC3Xoreiq08BEQX18DwHlQO%2BNMIasAC4HhHgEvHd%2BP%2FBZ6ABuHqXn6XXLdVGDYaJDZUiwoRC3GFMmmCRdPmXSGcaT5qIz7Xtjpnl3HNwQ4kROCE3Y%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 86fa5243f9189f63-AMS alt-svc h3=":443"; ma=86400
GET		v_0_0_0.json www.coingecko.com/tokens_list/uniswap/defi_100/	0 0
GET H2	200	tokens.json Show response app.tryroll.com/	16 KB 5 KB	486ms 444ms	Fetch application/json	2606:4700::6812:b46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.tryroll.com/tokens.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d0c2be4e059bb158e7576b4f4ada95cc4ffc517bd427aa992535acbb5ab80cd2 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:21 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status MISS server cloudflare x-powered-by Express etag W/"3eb6-OAFBN9tVPwSG2RQGpeS8ljaPHHo" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Authorization cache-control public, max-age=14400 cf-ray 86fa5244481e9fc4-AMS expires Fri, 05 Apr 2024 18:45:21 GMT
GET H2	200	compound.tokenlist.json Show response raw.githubusercontent.com/compound-finance/token-list/master/	25 KB 4 KB	298ms 183ms	Fetch text/plain	2606:50c0:8001::154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://raw.githubusercontent.com/compound-finance/token-list/master/compound.tokenlist.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 414648afaa14fe736635bd028b45a87bcb3ea8ba078fead51b5ef0f320b06997 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers x-fastly-request-id d65d4883a175b3211220e39927eebde6f75b5c37 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 05 Apr 2024 14:45:20 GMT content-encoding gzip via 1.1 varnish x-cache MISS x-cache-hits 0 cross-origin-resource-policy cross-origin content-length 3844 x-xss-protection 1; mode=block x-served-by cache-mad2200090-MAD x-github-request-id A75A:35B2D7:3333EB1:3566437:66100E7B x-timer S1712328321.785395,VS0,VE125 etag W/"e0f4798cabc5703161b931b5d659e3f78169d6818f71ec1ffb7b58d0ff42feec" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Fri, 05 Apr 2024 14:50:20 GMT
GET H3	200	defiprime.tokenlist.json Show response defiprime.com/	22 KB 5 KB	147ms 103ms	Fetch application/json	172.67.153.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://defiprime.com/defiprime.tokenlist.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.153.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64efcbf0bcf051f7c50b131d27f6aeeb25df502a3d07d11acc4f4259f6e01075 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:20 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status DYNAMIC etag W/"71eba62dd22bd63240f25b886b8a0026" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFVOvNYtF2cocRQ%2BUnKzRN44btac9SLoaoeJksynNU1vi1L5xQMdiQBv1bk8IC%2FRdAw1%2BlJ3x%2BbNKn21n0xVmItgEcs4KBSzSnZkkahJQ6IROhUE3YITDIFFjBgEHOTv"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 86fa52444fe866bc-AMS alt-svc h3=":443"; ma=86400
GET		uma.tokenlist.json umaproject.org/	0 0
POST H2	403	099fc58e0de9451d80b18d7c74caa7c1 Show response mainnet.infura.io/v3/	90 B 261 B	100ms 99ms	Fetch text/plain	54.88.7.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.88.7.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-88-7-149.compute-1.amazonaws.com Software / Resource Hash 1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://mswap.bbd.sh/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 content-type application/json Response headers access-control-allow-origin https://mswap.bbd.sh date Fri, 05 Apr 2024 14:45:21 GMT x-content-type-options nosniff content-length 90 vary Origin, Accept-Encoding content-type text/plain; charset=utf-8
OPTIONS H2	200	099fc58e0de9451d80b18d7c74caa7c1 mainnet.infura.io/v3/	0 0	324ms 104ms	Preflight	54.88.7.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.88.7.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-88-7-149.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://mswap.bbd.sh Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers Content-Type access-control-allow-methods POST access-control-allow-origin https://mswap.bbd.sh access-control-max-age 86400 content-length 0 date Fri, 05 Apr 2024 14:45:20 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H3	200	Inter-roman.var.90e8f61d.woff2 mswap.bbd.sh/static/media/	221 KB 221 KB	1144ms 1144ms	Font font/woff2	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/static/media/Inter-roman.var.90e8f61d.woff2 Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/css/4.f04942fe.chunk.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8e5fc78cc13c39d7b6040a18239c1e50352520f8a205b179afaa48ff31e8549 Request headers Referer https://mswap.bbd.sh/static/css/4.f04942fe.chunk.css Origin https://mswap.bbd.sh accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:22 GMT cf-cache-status MISS last-modified Mon, 02 Oct 2023 06:31:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "651a63d9-37334" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xGlgAUmFHk6obQ593Biu0iLvTBtn3HshG7tyGL%2Bcre57ECp537MFKFKUye3VZIh%2BAeFwNd5aH7ldFOCBvoXqE3B%2BdJ%2FBdvoyyTqobyG%2B0geAP8mGQFXmyGLySL6L2WQ%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 86fa52479d7a9f63-AMS alt-svc h3=":443"; ma=86400 content-length 226100
GET		v_0_0_0.json www.coingecko.com/tokens_list/uniswap/defi_100/	0 0
GET H2	200	tokens.json Show response app.tryroll.com/	16 KB 5 KB	30ms 30ms	Fetch application/json	2606:4700::6812:b46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.tryroll.com/tokens.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:b46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d0c2be4e059bb158e7576b4f4ada95cc4ffc517bd427aa992535acbb5ab80cd2 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:21 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status HIT server cloudflare age 0 x-powered-by Express etag W/"3eb6-OAFBN9tVPwSG2RQGpeS8ljaPHHo" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers Authorization cache-control public, max-age=14400 cf-ray 86fa5247dc1c9fc4-AMS expires Fri, 05 Apr 2024 18:45:21 GMT
GET H2	200	compound.tokenlist.json Show response raw.githubusercontent.com/compound-finance/token-list/master/	25 KB 4 KB	55ms 55ms	Fetch text/plain	2606:50c0:8001::154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://raw.githubusercontent.com/compound-finance/token-list/master/compound.tokenlist.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 414648afaa14fe736635bd028b45a87bcb3ea8ba078fead51b5ef0f320b06997 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers x-fastly-request-id 61b7ecb359a8b875ff59b51177ace4aadf3a8275 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 05 Apr 2024 14:45:21 GMT content-encoding gzip via 1.1 varnish x-cache HIT x-cache-hits 1 cross-origin-resource-policy cross-origin content-length 3844 x-xss-protection 1; mode=block x-served-by cache-mad2200090-MAD x-github-request-id A75A:35B2D7:3333EB1:3566437:66100E7B x-timer S1712328321.276467,VS0,VE1 etag W/"e0f4798cabc5703161b931b5d659e3f78169d6818f71ec1ffb7b58d0ff42feec" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Fri, 05 Apr 2024 14:50:21 GMT
GET H3	200	defiprime.tokenlist.json Show response defiprime.com/	22 KB 5 KB	61ms 61ms	Fetch application/json	172.67.153.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://defiprime.com/defiprime.tokenlist.json Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.153.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64efcbf0bcf051f7c50b131d27f6aeeb25df502a3d07d11acc4f4259f6e01075 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:21 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-cache-status DYNAMIC etag W/"71eba62dd22bd63240f25b886b8a0026" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FFIPRzwY%2FZcQcwIFDQDUaZftMeNna5vSnbJuOFx9BVspY6wqEdacb0yHXWtKa33P8W3elcICHUU0UuuZ6GxD8AmgmK%2FgV8Lt5sUa25dyzAeWdNr0yKOGNVjc1xK0RQa"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 86fa5247dbe266bc-AMS alt-svc h3=":443"; ma=86400
GET		uma.tokenlist.json umaproject.org/	0 0
OPTIONS H2	200	099fc58e0de9451d80b18d7c74caa7c1 mainnet.infura.io/v3/	0 0	99ms 99ms	Preflight	54.88.7.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.88.7.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-88-7-149.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://mswap.bbd.sh Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers Content-Type access-control-allow-methods POST access-control-allow-origin https://mswap.bbd.sh access-control-max-age 86400 content-length 0 date Fri, 05 Apr 2024 14:45:21 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H2	403	099fc58e0de9451d80b18d7c74caa7c1 Show response mainnet.infura.io/v3/	90 B 261 B	101ms 100ms	Fetch text/plain	54.88.7.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Requested by Host: mswap.bbd.sh URL: https://mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.88.7.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-88-7-149.compute-1.amazonaws.com Software / Resource Hash 1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://mswap.bbd.sh/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 content-type application/json Response headers access-control-allow-origin https://mswap.bbd.sh date Fri, 05 Apr 2024 14:45:21 GMT x-content-type-options nosniff content-length 90 vary Origin, Accept-Encoding content-type text/plain; charset=utf-8
GET H3	200	favicon.png mswap.bbd.sh/	7 KB 7 KB	585ms 585ms	Other image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mswap.bbd.sh/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64dbdcf0bf0488a0036b872f3fb9acb85c6354a661abeb54f57f85caf6400737 Request headers accept-language nl-NL,nl;q=0.9 Referer https://mswap.bbd.sh/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 05 Apr 2024 14:45:23 GMT cf-cache-status MISS last-modified Thu, 28 Sep 2023 09:51:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65154cac-1ba0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPCJ%2FpqwC8WJMrASjCkFEBozxnPO%2BwpahqX15e08jSg0dzKo7MYPcMRu3o0KGdNTt4MMZmYcUfwDbHyP%2Bwl15C1HFDLiv0fPwpu9R14Uk9U5VUoxdKQRNG5B3zue07o%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86fa52525cbe9f63-AMS alt-svc h3=":443"; ma=86400 content-length 7072

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.coingecko.com

URL

https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json

Domain

umaproject.org

URL

https://umaproject.org/uma.tokenlist.json

Domain

www.coingecko.com

URL

https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json

Domain

umaproject.org

URL

https://umaproject.org/uma.tokenlist.json

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uniswap (Crypto Exchange)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp@uniswap/interface object| regeneratorRuntime function| setImmediate function| clearImmediate object| scCGSHMRCache string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bbd.sh/	1970-01-21 05:14:48	Name: _ga Value: GA1.2.557550335.1712328321
			.bbd.sh/	1970-01-20 19:40:14	Name: _gid Value: GA1.2.1155088323.1712328321

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://mswap.bbd.sh/#/swap Message: Access to fetch at 'https://umaproject.org/uma.tokenlist.json' from origin 'https://mswap.bbd.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://umaproject.org/uma.tokenlist.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mswap.bbd.sh/#/swap Message: Access to fetch at 'https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json' from origin 'https://mswap.bbd.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://mswap.bbd.sh/locales/en-US.json Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://mswap.bbd.sh/#/swap Message: Access to fetch at 'https://umaproject.org/uma.tokenlist.json' from origin 'https://mswap.bbd.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://umaproject.org/uma.tokenlist.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://mswap.bbd.sh/#/swap Message: Access to fetch at 'https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json' from origin 'https://mswap.bbd.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.tryroll.com
defiprime.com
mainnet.infura.io
mswap.bbd.sh
raw.githubusercontent.com
umaproject.org
www.coingecko.com
www.google-analytics.com
umaproject.org
www.coingecko.com
172.67.153.28
188.114.97.3
2606:4700::6812:b46
2606:50c0:8001::154
2a00:1450:4001:813::200e
2a06:98c1:3121::3
54.88.7.149
0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661
10174434dbe479c08b32ce3b42b70e7c6336647d29e4393483158d590d35c325
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6
2099b0c9285fc7b610857f891e252a08f6c0e273b1614a1d6e2f74cd7e08d1df
414648afaa14fe736635bd028b45a87bcb3ea8ba078fead51b5ef0f320b06997
64dbdcf0bf0488a0036b872f3fb9acb85c6354a661abeb54f57f85caf6400737
64efcbf0bcf051f7c50b131d27f6aeeb25df502a3d07d11acc4f4259f6e01075
7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430
9714ebb32e37727cd1b10f4025b94f0d11d82bd489632e3f236d0425ad45f169
a7c23707e191b848cf7636633fdc4a1f6782e950efc7f7e5d89f6876d93220ad
b8e5fc78cc13c39d7b6040a18239c1e50352520f8a205b179afaa48ff31e8549
bd7a6976bd35ec63c5b4d7da9863689ad8dc088906b0a92015a79d20aa93dc6c
cf47cb3417636580384fe35a484a1b183bcea3e56b74dbe0c1aa4860882224fc
d0c2be4e059bb158e7576b4f4ada95cc4ffc517bd427aa992535acbb5ab80cd2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd