narswap.com
Open in
urlscan Pro
2606:4700:3032::ac43:c14f
Malicious Activity!
Public Scan
Effective URL: https://narswap.com/
Submission: On December 29 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on December 29th 2023. Valid for: 3 months.
This is the only time narswap.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Uniswap (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 9 | 2606:4700:303... 2606:4700:3032::ac43:c14f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:50c0:800... 2606:50c0:8001::154 | 54113 (FASTLY) (FASTLY) | |
4 | 2606:4700:20:... 2606:4700:20::681a:182 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
narswap.com
1 redirects
narswap.com |
857 KB |
4 |
lumio.io
testnet.lumio.io |
733 B |
2 |
githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4597 |
7 KB |
14 | 3 |
Domain | Requested by | |
---|---|---|
9 | narswap.com |
1 redirects
narswap.com
|
4 | testnet.lumio.io |
narswap.com
|
2 | raw.githubusercontent.com |
narswap.com
|
14 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
explorer.testnet.lumio.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
narswap.com GTS CA 1P5 |
2023-12-29 - 2024-03-28 |
3 months | crt.sh |
*.github.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-21 - 2024-03-20 |
a year | crt.sh |
testnet.lumio.io E1 |
2023-12-13 - 2024-03-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://narswap.com/
Frame ID: FCE3F62F1277DAEDFB13C4DE480C446E
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
SwapPage URL History Show full URLs
-
http://narswap.com/
HTTP 308
https://narswap.com/ Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: 592628
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://narswap.com/
HTTP 308
https://narswap.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
narswap.com/ Redirect Chain
|
769 B 859 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.549836b2.js
narswap.com/static/js/ |
2 MB 632 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e1df0bf8.css
narswap.com/static/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
en.json
narswap.com/locales/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
en-US.json
narswap.com/locales/ |
769 B 838 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compound-token-list.json
raw.githubusercontent.com/zOthix/compound-list/main/ |
23 KB 3 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.9c225bab5f05deb875ccf53568b51c94.svg
narswap.com/static/media/ |
44 KB 18 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compound-token-list.json
raw.githubusercontent.com/zOthix/compound-list/main/ |
23 KB 4 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Medium.293fd13dbca5a3e450ef.woff2
narswap.com/static/media/ |
103 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Regular.c8ba52b05a9ef10f4758.woff2
narswap.com/static/media/ |
97 KB 97 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
testnet.lumio.io/ |
46 B 368 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
testnet.lumio.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
testnet.lumio.io/ |
425 B 365 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
testnet.lumio.io/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Uniswap (Crypto Exchange)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunkname0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
narswap.com
raw.githubusercontent.com
testnet.lumio.io
2606:4700:20::681a:182
2606:4700:3032::ac43:c14f
2606:50c0:8001::154
08c76b4967b0a57ba6b6d81b404fdeb32371792bddf55a97502bd5011f4634c7
0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661
126421f7011f620794db54b2f2a5a38209002f752613f941c02578524e947955
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
67eb1d173bb865267c476fe2df6c37e1fd99c49465e059d029eb7028070f8e4f
890ad2c7e0be1cfa70cff7ae69e7ddc1f8b254f383dd954665b43e1e3b3e51a2
959d91f53b4823f7f04c60a98254e98f1c558dda8aa11b6d4739ca62d5ec3402
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
d3b13ab58672ac7dc060ee29bb3bb5a90a95d6af13d8a41ae11255600a556c0e
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
fb9015c800c5c7f723f6178e336e1fad87d46a3450a601bc7a2a590ddecbe13a