Report - mswap.bbd.sh

Report Overview

Submitted URL
mswap.bbd.sh
IP
104.21.46.167
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-29 02:10:09
Access
public
Website Title
Uniswap Interface
Final URL
mswap.bbd.sh/#/swap
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
raw.githubusercontent.com	35802	2014-02-06	2014-03-01	2024-03-28	481 B	4.8 kB	185.199.110.133
umaproject.org	493298	2018-11-01	2019-07-08	2024-03-15	874 B	972 B	216.239.36.21
mainnet.infura.io	19321	2016-04-15	2016-08-23	2024-03-26	1.6 kB	1.0 kB	44.196.204.124
app.tryroll.com	305318	2017-12-17	2019-05-29	2024-03-22	424 B	5.6 kB	104.18.11.70
mswap.bbd.sh	unknown	2022-11-25	2023-10-03	2024-03-07	4.9 kB	2.0 MB	172.67.140.184
www.coingecko.com	46457	2014-03-26	2014-04-23	2024-03-13	916 B	1.0 kB	172.64.153.74
defiprime.com	62760	2019-04-14	2019-04-21	2024-03-11	874 B	47 kB	172.67.153.28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet
2024-03-03	medium	mswap.bbd.sh/	Crypto/Wallet

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	unknown	1.2 kB	2023-04-13	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 06:55:25 Last Seen2024-04-26 07:52:30 Times Seen601 Hash 8fa8e73c03ccc7442389e683956f520b 88bc476a7e72dbe8d1c8015c020743ed0db5b349 36f0055ed3688c8bde77f94d9b2cd3ea80a393087946c85541753447a2356ecf Loading...

	unknown	1.4 kB	2023-04-13	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 06:55:26 Last Seen2024-04-26 07:52:30 Times Seen605 Hash 3c6c44d510f1c570bc75408cd9d34acc 1f30e3eb128014facddd10367765a5b562741c17 4b3b599147e1ab82a96b220d5d1f1df37ec7babb04b707e58cbeaffc99506f16 Loading...

	unknown	12 kB	2023-04-15	2024-04-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-15 21:11:49 Last Seen2024-04-18 02:03:30 Times Seen60 Hash 358d8e6b6b453cc99754ba3e0d69ce2f 07b3bea26cf417fa2d318a867af5aba2454541ec 5afac08b1bfde992030db3829defa401b1d49847c2b844de8b598d041d48fa6e Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 17:29:25 Times Seen342136 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	mswap.bbd.sh/	2.5 kB	2024-01-29	2024-04-18
Pretty URL mswap.bbd.sh/ IP 172.67.140.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-29 03:07:02 Last Seen2024-04-18 02:03:30 Times Seen11 Hash b4bd80a688db40a980929c2c1d754f4e f04b73777ee537947a7b4d7f73967b08a3ee8af0 ab872cff28e922dc2d693d7c8a965ad3da2d9d7b85f81f069fa42df86fa45854 Loading...

	mswap.bbd.sh/static/js/4.3a216566.chunk.js	1.5 MB	2024-01-29	2024-04-18
Pretty URL mswap.bbd.sh/static/js/4.3a216566.chunk.js IP 172.67.140.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-29 03:07:02 Last Seen2024-04-18 02:03:30 Times Seen14 Hash 16bec56392611b271c711626152aa6a0 5775755e1e25e405443f719e93e33a0b9ec538f1 cf47cb3417636580384fe35a484a1b183bcea3e56b74dbe0c1aa4860882224fc Loading...

	mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js	356 kB	2024-01-29	2024-04-18
Pretty URL mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js IP 172.67.140.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-29 03:07:02 Last Seen2024-04-18 02:03:30 Times Seen22 Hash 36800e6cbeed90900c91730f4b0ebbab 1658b2f497741268db0d8e5d41584e254bf1362b 9714ebb32e37727cd1b10f4025b94f0d11d82bd489632e3f236d0425ad45f169 Loading...

	unknown	31 kB	2023-04-06	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-06 22:00:16 Last Seen2024-04-26 07:52:30 Times Seen594 Hash 210b269f4defa2ec028e1f3101e8a8e9 33f126e12c70b65c9d881c535693be1234ad76c1 72a857efb2b1acae4d6c595d8524ed1161b0fd72f26d580ea765cbf6e9bf6627 Loading...

	unknown	22 kB	2023-04-15	2024-04-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-15 21:11:49 Last Seen2024-04-18 02:03:30 Times Seen55 Hash 2561bb6fd9b5b3c2049da2e79d7c5b01 01f2cb0da90400b649379d90c2d33aca463d63f7 35c54443c6dab555389468aab2d1a9cd29d18f21e6bde752d46b25cf8652bcb6 Loading...

	mswap.bbd.sh/sandbox%20eval%20code	147 B	2023-04-11	2024-04-27
Pretty URL mswap.bbd.sh/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 17:29:26 Times Seen342638 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

HTTP Transactions (22)

URL IP Response Size

raw.githubusercontent.com/compound-finance/token-list/master/compound.tokenlist.json

185.199.110.133

200 OK

3.8 kB

URL GET HTTP/2
raw.githubusercontent.com/compound-finance/token-list/master/compound.tokenlist.json
IP
185.199.110.133:443
ASN
#54113 FASTLY

Requested by
https://mswap.bbd.sh/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
JSON text data
Size
3.8 kB (3844 bytes)
Hash
4fc8ff11a1aacaa8d673690ce171efa6
fba1d5afc24cd1cfb1130919fcb76e6592ef8340
414648afaa14fe736635bd028b45a87bcb3ea8ba078fead51b5ef0f320b06997

HTTP Headers

GET /compound-finance/token-list/master/compound.tokenlist.json HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"e0f4798cabc5703161b931b5d659e3f78169d6818f71ec1ffb7b58d0ff42feec"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 8522:0DA9:3DAE389:4061096:660622EA
content-encoding: gzip
accept-ranges: bytes
date: Fri, 29 Mar 2024 02:09:46 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1711678187.835806,VS0,VE117
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 0c9b734ff7dfee1e283007e10e01c1099c56bd70
expires: Fri, 29 Mar 2024 02:14:46 GMT
source-age: 0
content-length: 3844
X-Firefox-Spdy: h2

umaproject.org/uma.tokenlist.json

216.239.36.21

301 Moved Permanently

230 B

URL GET HTTP/2
umaproject.org/uma.tokenlist.json
IP
216.239.36.21:443
ASN
#15169 GOOGLE

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectumaproject.org
FingerprintDB:7C:59:B9:33:E0:2F:B4:CA:17:EC:CA:4E:83:9E:01:6A:72:AB:29
ValiditySat, 10 Feb 2024 06:36:57 GMT - Fri, 10 May 2024 07:23:27 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
230 B (230 bytes)
Hash
0ac39fafd9ca4fb18228162703c82f8a
2a0a5b26161ca2d772ec81a425af005e4e54e953
8b20b04e39e5e30d3cb2cc6f49e84043945f02e022921855afabae5394f86b03

HTTP Headers

GET /uma.tokenlist.json HTTP/1.1
Host: umaproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: http://uma.xyz/uma.tokenlist.json
date: Fri, 29 Mar 2024 02:09:46 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 230
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

44.196.204.124

200 OK

0 B

URL OPTIONS HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
44.196.204.124:443
ASN
#14618 AMAZON-AES

Requested by
https://mswap.bbd.sh/
Certificate
IssuerAmazon
Subject*.infura.io
FingerprintB2:26:99:27:1E:F7:F1:16:75:FF:75:DA:E9:8A:5E:7A:F1:CD:CC:72
ValidityWed, 29 Nov 2023 00:00:00 GMT - Fri, 27 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 02:09:47 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://mswap.bbd.sh
access-control-max-age: 86400
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

app.tryroll.com/tokens.json

104.18.11.70

200 OK

5.1 kB

URL GET HTTP/2
app.tryroll.com/tokens.json
IP
104.18.11.70:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerCloudflare, Inc.
Subjecttryroll.com
Fingerprint11:DC:79:B2:33:2B:71:1F:B2:A8:D8:DE:69:51:AD:2A:A3:CC:5A:B5
ValiditySat, 27 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
5.1 kB (5070 bytes)
Hash
cc6bc35b0b2f888383254cd2fd110139
81560aebe60b63f9fc7371c6929852c4d3021324
13c8389e2adcb1210e842938c4885421cb1ea7ca26722e2c8771638b18c37f97

HTTP Headers

GET /tokens.json HTTP/1.1
Host: app.tryroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 02:09:47 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"3eb6-OAFBN9tVPwSG2RQGpeS8ljaPHHo"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-expose-headers: Authorization
cf-cache-status: MISS
expires: Fri, 29 Mar 2024 06:09:47 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bc51dbb9675685-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

mswap.bbd.sh/locales/en.json

172.67.140.184

200 OK

8.7 kB

URL GET HTTP/3
mswap.bbd.sh/locales/en.json
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
JSON text data
Size
8.7 kB (8713 bytes)
Hash
faaefda5a3e789ef96ee2608371aa0b9
223bd0ffcb92db7f17916800331ebb46cb2d9655
0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /locales/en.json HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 02:09:47 GMT
content-type: application/json
last-modified: Thu, 28 Sep 2023 09:51:40 GMT
etag: W/"65154cac-10e1"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NIgkXzPEgjhA5PR%2F9X6Yk4Q%2BRqbv1%2Br11wACIktjiUkOhDovFgD3eXEDRxp6Xiy82w1iY%2BRqUpt%2FlfVVGy%2FXOmy7nIz00vYpcjoTRBRrGz%2Fce51UjhC8CmZvat2mM0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bc51db1e4456a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mswap.bbd.sh/static/media/Inter-roman.var.90e8f61d.woff2

172.67.140.184

200 OK

226 kB

URL GET HTTP/3
mswap.bbd.sh/static/media/Inter-roman.var.90e8f61d.woff2
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
Web Open Font Format (Version 2), TrueType, length 226100, version 1.0
Size
226 kB (226100 bytes)
Hash
90e8f61d26f65b5ff0acc45ddf6740ea
bed2bb6516b73ecd211de49b4c609729993544e5
b8e5fc78cc13c39d7b6040a18239c1e50352520f8a205b179afaa48ff31e8549

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/media/Inter-roman.var.90e8f61d.woff2 HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/static/css/4.f04942fe.chunk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 02:09:48 GMT
content-type: font/woff2
content-length: 226100
last-modified: Mon, 02 Oct 2023 06:31:53 GMT
etag: "651a63d9-37334"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCldVhhucanB0W7rbYLJXzbdiQjum8YoKgue9l2IEyDLUW7uhNXP%2BRqukHTXoeusLIPHpqowCapMATLQVSbQzCq5cjuE%2BJU9LY%2BaiCBlqC6WTrKh8Z2pMZVvvQdq3WM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bc51db1e4656a2-OSL
alt-svc: h3=":443"; ma=86400

mswap.bbd.sh/static/js/4.3a216566.chunk.js

172.67.140.184

200 OK

455 kB

URL GET HTTP/3
mswap.bbd.sh/static/js/4.3a216566.chunk.js
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
JavaScript source, ASCII text, with very long lines (65462)
Size
455 kB (454757 bytes)
Hash
16bec56392611b271c711626152aa6a0
5775755e1e25e405443f719e93e33a0b9ec538f1
cf47cb3417636580384fe35a484a1b183bcea3e56b74dbe0c1aa4860882224fc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/4.3a216566.chunk.js HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 02:09:45 GMT
content-type: application/javascript
last-modified: Mon, 02 Oct 2023 06:31:53 GMT
etag: W/"651a63d9-17a0bf"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSVyT5pRWEgRgXpRYwgrw6Xm%2B%2FJblNzUkVOl9gTjtjJEASHzhM1%2B6KG0%2BEJt57fIxWSXrKQFex8yixlt6K47ioEJhwqY%2Br8p5YabV268vnneXIHx6fsBwSoVV1d0rH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bc51c91fdd56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

umaproject.org/uma.tokenlist.json

216.239.36.21

301 Moved Permanently

230 B

URL GET HTTP/2
umaproject.org/uma.tokenlist.json
IP
216.239.36.21:443
ASN
#15169 GOOGLE

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectumaproject.org
FingerprintDB:7C:59:B9:33:E0:2F:B4:CA:17:EC:CA:4E:83:9E:01:6A:72:AB:29
ValiditySat, 10 Feb 2024 06:36:57 GMT - Fri, 10 May 2024 07:23:27 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
230 B (230 bytes)
Hash
0ac39fafd9ca4fb18228162703c82f8a
2a0a5b26161ca2d772ec81a425af005e4e54e953
8b20b04e39e5e30d3cb2cc6f49e84043945f02e022921855afabae5394f86b03

HTTP Headers

GET /uma.tokenlist.json HTTP/1.1
Host: umaproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
location: http://uma.xyz/uma.tokenlist.json
date: Fri, 29 Mar 2024 02:09:48 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 230
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

44.196.204.124

200 OK

0 B

URL OPTIONS HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
44.196.204.124:443
ASN
#14618 AMAZON-AES

Requested by
https://mswap.bbd.sh/
Certificate
IssuerAmazon
Subject*.infura.io
FingerprintB2:26:99:27:1E:F7:F1:16:75:FF:75:DA:E9:8A:5E:7A:F1:CD:CC:72
ValidityWed, 29 Nov 2023 00:00:00 GMT - Fri, 27 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 29 Mar 2024 02:09:49 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://mswap.bbd.sh
access-control-max-age: 86400
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

44.196.204.124

200 OK

90 B

URL OPTIONS HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
44.196.204.124:443
ASN
#14618 AMAZON-AES

Requested by
https://mswap.bbd.sh/
Certificate
IssuerAmazon
Subject*.infura.io
FingerprintB2:26:99:27:1E:F7:F1:16:75:FF:75:DA:E9:8A:5E:7A:F1:CD:CC:72
ValidityWed, 29 Nov 2023 00:00:00 GMT - Fri, 27 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
90 B (90 bytes)
Hash
77221fc14b85ed0fcbc3c23eac83d1a4
3da6f88380612c627ce3f144dd38f0e91c63a2bc
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6

HTTP Headers

POST /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mswap.bbd.sh/
content-type: application/json
Content-Length: 2086
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
date: Fri, 29 Mar 2024 02:09:49 GMT
content-type: text/plain; charset=utf-8
content-length: 90
access-control-allow-origin: https://mswap.bbd.sh
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
X-Firefox-Spdy: h2

mswap.bbd.sh/static/media/logo.5827780d.svg

172.67.140.184

200 OK

390 kB

URL GET HTTP/3
mswap.bbd.sh/static/media/logo.5827780d.svg
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
SVG Scalable Vector Graphics image
Size
390 kB (389649 bytes)
Hash
5827780d34d7c141d5e763fd7b596313
41ca30cbb42f457c7733896d2f71c073578bf833
a7c23707e191b848cf7636633fdc4a1f6782e950efc7f7e5d89f6876d93220ad

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/media/logo.5827780d.svg HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 02:09:47 GMT
content-type: image/svg+xml
last-modified: Mon, 02 Oct 2023 06:31:53 GMT
etag: W/"651a63d9-1b8c"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3MDc0OH8h0Wfnh6nS3n4UNNu%2B5sb5DLveQebkBMcN6Z2edo2Osw8pI3A475o%2FhA4HhhRUBfgEHSuVm0YV%2BYxlcVFL3MjWHQhmMb6VREAPJ7rgu1wIoK5gibmv6KjcrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bc51db0e3d56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js

172.67.140.184

200 OK

356 kB

URL GET HTTP/3
mswap.bbd.sh/static/js/main.b8cbba3a.chunk.js
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
356 kB (356383 bytes)
Hash
36800e6cbeed90900c91730f4b0ebbab
1658b2f497741268db0d8e5d41584e254bf1362b
9714ebb32e37727cd1b10f4025b94f0d11d82bd489632e3f236d0425ad45f169

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/main.b8cbba3a.chunk.js HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 02:09:45 GMT
content-type: application/javascript
last-modified: Mon, 02 Oct 2023 06:31:53 GMT
etag: W/"651a63d9-5701f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJPuLH8IkTGv6IXHiS%2BwlHeJ51n6jDESDG32yuTNPk2%2F9bqeOTs5f1Qbv6qdYv%2Fqjfu0TBajyJypnf6pdmpr%2F9sGQXO%2B%2F%2FubUNHvrtN7Wwacl9MA0nsU8MkxApovLh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bc51c91fde56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mswap.bbd.sh/

172.67.140.184

200 OK

3.3 kB

URL User Request GET HTTP/2
mswap.bbd.sh/
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
HTML document, ASCII text, with very long lines (3379), with no line terminators
Size
3.3 kB (3268 bytes)
Hash
b8f39f46790707a3c6ffcbc8de429860
64540587cf0a9e11f81854d42361483f97a27326
4412afb1664b1c8633e785d8ff292943037d9eea5d39b1e1018cd216c495e018

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET / HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 02:09:43 GMT
content-type: text/html
last-modified: Mon, 02 Oct 2023 06:31:53 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAQaWVsMXORmgewkTYtnPdYEBODU%2FatRq487gn%2BU6a78X%2FSZ3PRINGRZERDGRjhkhyImehD%2F4Ys4jnes76JwX9h1mZP4D7aM4oaw4hu4UOyiOoZglDA2JTz%2BgoZ8vpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bc51c47ae5b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mswap.bbd.sh/locales/en-US.json

172.67.140.184

404 Not Found

153 B

URL GET HTTP/3
mswap.bbd.sh/locales/en-US.json
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
HTML document, ASCII text, with no line terminators
Size
153 B (153 bytes)
Hash
2311107fc4a0cc05c1bf56cf25df6b90
f60e44c137b1c78e8b732aaf85e8d9efa0043140
518be356167fcc8b31e415bd6054a1214b010541c1f2a21d6839cb9bc95987b0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /locales/en-US.json HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 29 Mar 2024 02:09:47 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2B9TBXQcJ6ORl5IJedS%2BM7GekoI5mNvx%2FQzAyvns3HN4Yp6%2BtpcpO%2BV7NxsMW%2BcFgTtxxuHfqhxXN%2BpvZO4RnnP%2BZ1zCjLSHPyjCxFLErpG%2FSo%2BUF7Pv7ujmp%2FTbTgY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bc51dbae8756a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mswap.bbd.sh/images/512x512_App_Icon.png

172.67.140.184

200 OK

387 kB

URL GET HTTP/3
mswap.bbd.sh/images/512x512_App_Icon.png
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
387 kB (386611 bytes)
Hash
87e1ff3cd8b01195164e4a54807468a0
c00846cd185ce838814895d9db4e10cfa5339996
814824e1f29a34016526c9a1005799fafd1c0cfdd2a456e7485743a83b37b949

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/512x512_App_Icon.png HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 02:09:48 GMT
content-type: image/png
content-length: 386611
last-modified: Thu, 28 Sep 2023 09:47:59 GMT
etag: "65154bcf-5e633"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Gq9HijSllNOqfYyElJ3HXeqNc86xyZzo4mE8caRC3gWC17yo4R3nSOTYd8G1u9I0nlIRiEqYtEP1tchLuzGZgps3quApRMjgxcjxmOH%2BpW0zKPTAW3deyi%2B%2Fio5Png%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bc51e0e87556a2-OSL
alt-svc: h3=":443"; ma=86400

www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json

172.64.153.74

301 Moved Permanently

0 B

URL GET HTTP/2
www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json
IP
172.64.153.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerCloudflare, Inc.
Subjectcoingecko.com
Fingerprint27:82:CE:D2:3E:83:83:84:63:99:B9:83:7A:9F:BA:71:13:C0:9A:D1
ValidityTue, 20 Jun 2023 00:00:00 GMT - Wed, 19 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tokens_list/uniswap/defi_100/v_0_0_0.json HTTP/1.1
Host: www.coingecko.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 29 Mar 2024 02:09:48 GMT
content-type: text/html
location: https://www.coingecko.com/en/tokens_list/uniswap/defi_100/v_0_0_0.json
vary: Accept-Encoding
cache-control: no-cache
x-request-id: 89d031ed-7a46-4576-a5aa-716fb97f6e45
x-runtime: 0.001336
alternate-protocol: 443:npn-spdy/2
strict-transport-security: max-age=15724800; includeSubdomains
cf-cache-status: MISS
server: cloudflare
cf-ray: 86bc51e7cec1569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mswap.bbd.sh/static/media/wordmark.b75565ae.svg

172.67.140.184

200 OK

109 kB

URL GET HTTP/3
mswap.bbd.sh/static/media/wordmark.b75565ae.svg
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
SVG Scalable Vector Graphics image
Size
109 kB (109099 bytes)
Hash
b75565aead8e81b680926e35953d640e
4c3556f8c6fc2c91ea070852b6a09cff4cc37271
bd7a6976bd35ec63c5b4d7da9863689ad8dc088906b0a92015a79d20aa93dc6c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/media/wordmark.b75565ae.svg HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 02:09:48 GMT
content-type: image/svg+xml
last-modified: Mon, 02 Oct 2023 06:31:53 GMT
etag: W/"651a63d9-1aa2b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxA0yhB1KkasOMzUhZjh78KX%2BCjlcCRvRpJt2Msh08r7APRo1SwJvw2JCElB6A%2BdernHIneyRYrg%2F13EaIeJdTcV2odc7Frm5wms6xKawoX7oMc2ePB35RYSDZWXNJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bc51db0e3e56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json

172.64.153.74

301 Moved Permanently

0 B

URL GET HTTP/2
www.coingecko.com/tokens_list/uniswap/defi_100/v_0_0_0.json
IP
172.64.153.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerCloudflare, Inc.
Subjectcoingecko.com
Fingerprint27:82:CE:D2:3E:83:83:84:63:99:B9:83:7A:9F:BA:71:13:C0:9A:D1
ValidityTue, 20 Jun 2023 00:00:00 GMT - Wed, 19 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tokens_list/uniswap/defi_100/v_0_0_0.json HTTP/1.1
Host: www.coingecko.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 29 Mar 2024 02:09:47 GMT
content-type: text/html
location: https://www.coingecko.com/en/tokens_list/uniswap/defi_100/v_0_0_0.json
vary: Accept-Encoding
cache-control: no-cache
x-request-id: e9d2d000-0700-4726-afb9-726874cbb70d
x-runtime: 0.001236
alternate-protocol: 443:npn-spdy/2
strict-transport-security: max-age=15724800; includeSubdomains
cf-cache-status: MISS
server: cloudflare
cf-ray: 86bc51dbaad9569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

defiprime.com/defiprime.tokenlist.json

172.67.153.28

200 OK

23 kB

URL GET HTTP/2
defiprime.com/defiprime.tokenlist.json
IP
172.67.153.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerLet's Encrypt
Subjectdefiprime.com
FingerprintCC:61:6E:BD:45:CC:86:7A:00:53:50:31:19:B2:C1:84:84:E1:B5:24
ValidityThu, 14 Mar 2024 10:53:37 GMT - Wed, 12 Jun 2024 10:53:36 GMT

File type
JSON text data
Size
23 kB (22689 bytes)
Hash
408c232c0fa624820a3e6399aa323abb
77849dd5c116a270b28bd8bc5edde71272db461c
64efcbf0bcf051f7c50b131d27f6aeeb25df502a3d07d11acc4f4259f6e01075

HTTP Headers

GET /defiprime.tokenlist.json HTTP/1.1
Host: defiprime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 02:09:48 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"71eba62dd22bd63240f25b886b8a0026"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBALYCEmgkbtyrBQh0RrUrw%2F4T5eyXwEuLeEcmjWA4kr6CjIvIScZuoJ%2BSw5UDJHzvFB7CfHBF%2BkIk8Jfc%2F5jOvC3vKn4ihxUkr8VTKRV489gjkP4KFCv5aWvK4z2Ivf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86bc51e7d9ccb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mswap.bbd.sh/static/css/4.f04942fe.chunk.css

172.67.140.184

200 OK

5.3 kB

URL GET HTTP/3
mswap.bbd.sh/static/css/4.f04942fe.chunk.css
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
ASCII text, with very long lines (5466), with no line terminators
Size
5.3 kB (5331 bytes)
Hash
c34f60c47a0798760d80570d3c5c2dab
e45a917f3f46cd450dad1beb59dc7e574880eded
1860d3211952599fda855fe0f7d0c2d8b1fdcb18b0fa0a161ad0cc3fb06e191d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/css/4.f04942fe.chunk.css HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 02:09:44 GMT
content-type: text/css
last-modified: Mon, 02 Oct 2023 06:31:53 GMT
etag: W/"651a63d9-14d3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JUp25DrZebvml70Z43OEnGp15cLKzoZWNuEVFIlSlOpN%2FXgFtmKtiKs6zEcVOVRI1s3LUSgA9stE65I3bBwTDbjDghaYDcJXaNoPCGf3uJg5ZLngJqCPbd1fbHOLvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bc51c91fdc56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mswap.bbd.sh/favicon.png

172.67.140.184

200 OK

7.1 kB

URL GET HTTP/3
mswap.bbd.sh/favicon.png
IP
172.67.140.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerGoogle Trust Services LLC
Subjectbbd.sh
Fingerprint91:84:2E:37:B4:C1:CC:9B:2A:C8:C7:20:F4:E8:0F:3A:03:F9:24:00
ValidityFri, 15 Mar 2024 03:34:08 GMT - Thu, 13 Jun 2024 03:34:07 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
7.1 kB (7072 bytes)
Hash
2ccbf46af251bb847fd0b44e6a1f7d12
16104f9812f9c1b2e4202b6d1d9b5653c41a81c9
64dbdcf0bf0488a0036b872f3fb9acb85c6354a661abeb54f57f85caf6400737

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /favicon.png HTTP/1.1
Host: mswap.bbd.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mswap.bbd.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 02:09:48 GMT
content-type: image/png
content-length: 7072
last-modified: Thu, 28 Sep 2023 09:51:40 GMT
etag: "65154cac-1ba0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y5Zt99NLuW%2BJhP3vkH9MlY79bH7%2FWmg8%2FcfmfPta%2Fq3sScCPfIGEO8Qwoop9CnycCSRccvzxINnsuHEKAFxrQocxeMHVppTV2IAYDBIJiHQgesOKAIhEFMZ6c0vXOc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bc51e0e87756a2-OSL
alt-svc: h3=":443"; ma=86400

defiprime.com/defiprime.tokenlist.json

172.67.153.28

200 OK

23 kB

URL GET HTTP/2
defiprime.com/defiprime.tokenlist.json
IP
172.67.153.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mswap.bbd.sh/
Certificate
IssuerLet's Encrypt
Subjectdefiprime.com
FingerprintCC:61:6E:BD:45:CC:86:7A:00:53:50:31:19:B2:C1:84:84:E1:B5:24
ValidityThu, 14 Mar 2024 10:53:37 GMT - Wed, 12 Jun 2024 10:53:36 GMT

File type
JSON text data
Size
23 kB (22689 bytes)
Hash
408c232c0fa624820a3e6399aa323abb
77849dd5c116a270b28bd8bc5edde71272db461c
64efcbf0bcf051f7c50b131d27f6aeeb25df502a3d07d11acc4f4259f6e01075

HTTP Headers

GET /defiprime.tokenlist.json HTTP/1.1
Host: defiprime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mswap.bbd.sh/
Origin: https://mswap.bbd.sh
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 02:09:46 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"71eba62dd22bd63240f25b886b8a0026"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhWTUttv9BXQTZr7wUnZxrAb9Dm89F1m9%2Fea2UQhOA9bfu2KksbVmAtPq9b8EyvHCDuZ1rRHC3DYPEfbheLqAjVy48sPUNTo4myuo0%2BgJBjFxGJNgCI7CErf3Ve1lfvS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86bc51dbfdcdb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations