narswap.com Open in urlscan Pro
2606:4700:3032::ac43:c14f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://narswap.com/
Effective URL:
https://narswap.com/
Submission: On December 29 via api (December 29th 2023, 12:21:34 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3032::ac43:c14f, located in United States and belongs to CLOUDFLARENET, US. The main domain is narswap.com.
TLS certificate: Issued by GTS CA 1P5 on December 29th 2023. Valid for: 3 months.

This is the only time narswap.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Uniswap (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:303... 2606:4700:3032::ac43:c14f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:50c0:800... 2606:50c0:8001::154	54113 (FASTLY) (FASTLY)
4	2606:4700:20:... 2606:4700:20::681a:182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	4

9 2606:4700:3032::ac43:c14f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

narswap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8001::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:182 (United States)

ASN13335 (CLOUDFLARENET, US)

testnet.lumio.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	narswap.com 1 redirects narswap.com	857 KB
4	lumio.io testnet.lumio.io	733 B
2	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4597	7 KB
14	3

	Domain	Requested by
9	narswap.com	1 redirects narswap.com
4	testnet.lumio.io	narswap.com
2	raw.githubusercontent.com	narswap.com
14	3

This site contains links to these domains. Also see Links.

Domain
explorer.testnet.lumio.io

Subject Issuer	Validity	Valid
narswap.com GTS CA 1P5	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
testnet.lumio.io E1	`2023-12-13` - `2024-03-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://narswap.com/
Frame ID: FCE3F62F1277DAEDFB13C4DE480C446E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Swap

Page URL History Show full URLs

http://narswap.com/ HTTP 308
https://narswap.com/ Page URL

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

865 kB
Transfer

2437 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://explorer.testnet.lumio.io/block/592628
Title: 592628

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://narswap.com/ HTTP 308
https://narswap.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
narswap.com/
Redirect Chain

http://narswap.com/
https://narswap.com/

769 B
859 B

48ms
26ms

Document
text/html

2606:4700:3032::ac43:c14f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://narswap.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67eb1d173bb865267c476fe2df6c37e1fd99c49465e059d029eb7028070f8e4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 83d200cb3db268eb-FRA
content-encoding: br
content-type: text/html
date: Fri, 29 Dec 2023 12:21:29 GMT
last-modified: Fri, 29 Dec 2023 12:13:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRza9iSlfP5Bp2wOf5stL9PTLdj8fsBRdn4lZ05w7vVOuiNHFrl6x19VUk%2FoXW70WdcW4Q54Azqve%2BqvxDRuuFhEk2TKXtuwXOXpWMVe3xM6WVZehtJuqSWH8Eml6Q0yqjjmJ9LI6ma8JA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 83d200cadfc635eb-FRA
Connection: keep-alive
Content-Type: text/html
Date: Fri, 29 Dec 2023 12:21:29 GMT
Location: https://narswap.com
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKMNtQXak%2BoIk%2B%2Fp1kzttCiGBuIZkFAoIGQKD6EA0CIso8i%2FKkOzp2UIv88I0vTilCbOawcY9Z9fFURjmPuF%2BcpRQd3cg1YCqFnAYwVXlbjDcp5bTF45jxZK5SqLjcrxNEJV0Ofw7j210Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.549836b2.js Show response
narswap.com/static/js/ 2 MB
632 KB 43ms
42ms Script
application/javascript 2606:4700:3032::ac43:c14f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://narswap.com/static/js/main.549836b2.js
Requested by: Host: narswap.com
URL: https://narswap.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08c76b4967b0a57ba6b6d81b404fdeb32371792bddf55a97502bd5011f4634c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://narswap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 12:21:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 29 Dec 2023 12:13:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658eb7da-214de9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s52r7fVg0VXUDQIBxAdlfUU%2Fgo5WPrrtOkXmVS9DonBnIgo%2FLU9MPKiH1TF8UVdcu4%2BZEGthHfxtoBMhRhW7MQFgb9hGYP9hs9gpZdP%2BNXrkeXw2h1ljwAk62yrrSJ%2FhssFPdjIeVIeR4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83d200cb7dd268eb-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 12:21:29 GMT

GET
H2 200 main.e1df0bf8.css
narswap.com/static/css/ 5 KB
1 KB 129ms
129ms Stylesheet
text/css 2606:4700:3032::ac43:c14f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://narswap.com/static/css/main.e1df0bf8.css
Requested by: Host: narswap.com
URL: https://narswap.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b13ab58672ac7dc060ee29bb3bb5a90a95d6af13d8a41ae11255600a556c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://narswap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 12:21:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 29 Dec 2023 12:13:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658eb7da-15a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15S2owR7oUZYFe9YneoSu8U7HeK0nepcuw4AM5%2FoAGuh1%2Fx2BKCd17TlsnHdMp15XAne6SnWqATTprSV4vc9S42fudQf27qN4i74KkeG5zFGXqIxVl12BS%2BOTqRgqDVSprvfVdu8opa4mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83d200cb6dcf68eb-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 12:21:29 GMT

GET
H3 200 en.json Show response
narswap.com/locales/ 4 KB
2 KB 34ms
34ms XHR
application/json 2606:4700:3032::ac43:c14f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://narswap.com/locales/en.json
Requested by: Host: narswap.com
URL: https://narswap.com/static/js/main.549836b2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661

Request headers

Referer: https://narswap.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 12:21:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 29 Dec 2023 12:12:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658eb799-10e1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9J7ULDrIVP36Car%2FguD1rXDsBFhivBM91U80%2BKzL2cDTuP5MqSqd%2FQCGMWr%2BYAwRqsnHV0UNcAER0BkKlKRECTuJciGE4000a47lYLDoyhlsDMS2Trqd8bz0Y1JLeuEBNpOEU75cJLh4cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 83d200cd0ed19bc5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 en-US.json Show response
narswap.com/locales/ 769 B
838 B 20ms
20ms XHR
text/html 2606:4700:3032::ac43:c14f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://narswap.com/locales/en-US.json
Requested by: Host: narswap.com
URL: https://narswap.com/static/js/main.549836b2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67eb1d173bb865267c476fe2df6c37e1fd99c49465e059d029eb7028070f8e4f

Request headers

Referer: https://narswap.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 12:21:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 29 Dec 2023 12:13:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKPT2eRGXPp988RKGzTIKvSZym22ebksh6YpNFAjz2ficryfBCsK2PSZDHlEsiPT18LrHo3JhwxX2LW3tuGqkiqFisCqZ%2BlF9fsVJJRFk28um%2B%2BWqZ%2F83qkOJ%2F%2BMV5sPh6H7yeKmxS9XsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 83d200cd2eec9bc5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 compound-token-list.json Show response
raw.githubusercontent.com/zOthix/compound-list/main/ 23 KB
3 KB 204ms
181ms Fetch
text/plain 2606:50c0:8001::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/zOthix/compound-list/main/compound-token-list.json

Requested by

Host: narswap.com
URL: https://narswap.com/static/js/main.549836b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

959d91f53b4823f7f04c60a98254e98f1c558dda8aa11b6d4739ca62d5ec3402

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://narswap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 162178848a915562943a97a7c69ccd61117382f1
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 29 Dec 2023 12:21:29 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
cross-origin-resource-policy: cross-origin
content-length: 3464
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230077-FRA
x-github-request-id: 65BE:20DD90:104E096:1117C08:658EB819
x-timer: S1703852490.817750,VS0,VE160
etag: W/"1d8b47110ee8c8edada1779ad5a0b011863972f180677bf7b3fef74b7b692a66"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 29 Dec 2023 12:26:29 GMT

GET
H3 200 logo.9c225bab5f05deb875ccf53568b51c94.svg
narswap.com/static/media/ 44 KB
18 KB 27ms
27ms Image
image/svg+xml 2606:4700:3032::ac43:c14f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://narswap.com/static/media/logo.9c225bab5f05deb875ccf53568b51c94.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 126421f7011f620794db54b2f2a5a38209002f752613f941c02578524e947955

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://narswap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 12:21:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 29 Dec 2023 12:13:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658eb7da-aeb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgEtzLWiUDJQeYFI4LBFtBNGv11R4mcbEbpoIJ4H612f7GGEr66IC5dvO5wRVZefzqsbRNYhfEM%2FHbsgJLnjh7r3xiqtP%2FS%2FLr%2B7DQcaCJJRIdTnLTGVn7Zj9jsziKctJN6kLp6tD5a2Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83d200cd4f299bc5-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Dec 2024 12:21:29 GMT

GET
H2 200 compound-token-list.json Show response
raw.githubusercontent.com/zOthix/compound-list/main/ 23 KB
4 KB 170ms
170ms Fetch
text/plain 2606:50c0:8001::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/zOthix/compound-list/main/compound-token-list.json

Requested by

Host: narswap.com
URL: https://narswap.com/static/js/main.549836b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

959d91f53b4823f7f04c60a98254e98f1c558dda8aa11b6d4739ca62d5ec3402

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://narswap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: bd4e55f66cd1c1cbdf7c1abe5f173a90731a13b6
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 29 Dec 2023 12:21:29 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
cross-origin-resource-policy: cross-origin
content-length: 3464
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230077-FRA
x-github-request-id: 65BE:20DD90:104E096:1117C08:658EB819
x-timer: S1703852490.817723,VS0,VE160
etag: W/"1d8b47110ee8c8edada1779ad5a0b011863972f180677bf7b3fef74b7b692a66"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 29 Dec 2023 12:26:29 GMT

GET
H3 200 Inter-Medium.293fd13dbca5a3e450ef.woff2
narswap.com/static/media/ 103 KB
104 KB 22ms
22ms Font
font/woff2 2606:4700:3032::ac43:c14f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://narswap.com/static/media/Inter-Medium.293fd13dbca5a3e450ef.woff2
Requested by: Host: narswap.com
URL: https://narswap.com/static/css/main.e1df0bf8.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6

Request headers

Referer: https://narswap.com/static/css/main.e1df0bf8.css
Origin: https://narswap.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 12:21:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 105924
last-modified: Fri, 29 Dec 2023 12:13:14 GMT
server: cloudflare
etag: "658eb7da-19dc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7Ojlzy0II%2FukexfuvNP7lqYvvHXILoa29kj2G2BmIxTYsKUb2EWuKdWZ4teDUnmCyrWaGpegQHsmOpAUSGpoDeVPlMzKMvYOuJJwzBvPPgQsDm7K5doxcIdjhVwxwirDfh6whjNrsoiuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83d200cd7f589bc5-FRA
expires: Sat, 28 Dec 2024 12:21:29 GMT

GET
H3 200 Inter-Regular.c8ba52b05a9ef10f4758.woff2
narswap.com/static/media/ 97 KB
97 KB 40ms
40ms Font
font/woff2 2606:4700:3032::ac43:c14f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://narswap.com/static/media/Inter-Regular.c8ba52b05a9ef10f4758.woff2
Requested by: Host: narswap.com
URL: https://narswap.com/static/css/main.e1df0bf8.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c14f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://narswap.com/static/css/main.e1df0bf8.css
Origin: https://narswap.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 12:21:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 98868
last-modified: Fri, 29 Dec 2023 12:13:14 GMT
server: cloudflare
etag: "658eb7da-18234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikFLz9kYg0OcXXf7U1TVeREKAyHv%2F1HdZASZgBUi0w%2FDw3ZWxD4zHiiMYvJGG%2FC0QKy%2BIUb1y%2F6lrZ7RFW%2B8Bi7M1GTvX20coW%2FXQTu35SjpYi23nnc920IsZnf3lNr9R2zsPgRuBI8aUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83d200cd7f599bc5-FRA
expires: Sat, 28 Dec 2024 12:21:29 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 / Show response
testnet.lumio.io/ 46 B
368 B 62ms
62ms Fetch
application/json 2606:4700:20::681a:182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://testnet.lumio.io/

Requested by

Host: narswap.com
URL: https://narswap.com/static/js/main.549836b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

890ad2c7e0be1cfa70cff7ae69e7ddc1f8b254f383dd954665b43e1e3b3e51a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept: application/json
Referer: https://narswap.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Fri, 29 Dec 2023 12:21:30 GMT
strict-transport-security: max-age=15768000
x-proxyd-cache-status: MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4k9YyrnJe29QxpUo1dyfKduPgubTOOpb1UJ0v5LTutu40fNEshaPwET9corZw1PBdjMg4gBVyInDaKFkAKmSBtqKC0tys65aQitnYMahyXPg%2Bk2kO2%2Bn3eWZYrwv0gAjKleEjXyH7UtfkRY%2FvzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 83d200cedbf21ca3-FRA
content-length: 46

OPTIONS
H2 204 /
testnet.lumio.io/ 0
0 178ms
123ms Preflight 2606:4700:20::681a:182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://testnet.lumio.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://narswap.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83d200ce1b0d1ca3-FRA
date: Fri, 29 Dec 2023 12:21:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3boJs0PSXaPOGDlJbJ7plO1JAzqF7ijyBi%2F3UAWrZ8IGDHQ34npmW4cbOtdiEv9aJzd%2BWPAbGaEScjix%2FhCfcjWJLZtwPjaU9RoqckkhMH9e8SsWpnTsHsu1rs6%2BYi6QPgE4Ayoi9BoTBX3Rdo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 / Show response
testnet.lumio.io/ 425 B
365 B 56ms
56ms Fetch
application/json 2606:4700:20::681a:182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://testnet.lumio.io/

Requested by

Host: narswap.com
URL: https://narswap.com/static/js/main.549836b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb9015c800c5c7f723f6178e336e1fad87d46a3450a601bc7a2a590ddecbe13a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept: application/json
Referer: https://narswap.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Fri, 29 Dec 2023 12:21:30 GMT
strict-transport-security: max-age=15768000
x-proxyd-cache-status: MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xmeJDuB%2FLLlNTGwa2JRTXNiCFe7SGa3IxuPaE7m0zTKlVv%2BGPM9yzxKp5w2vyAxLxZmiDjQ8cudCWYg6rvVMGWqeMrN%2BlJVZEb5ZjX640QnmkpnVWkyCR6ED6bv2E5t8UEa8ytGtEQm9eq%2FlUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 83d200d09e261ca3-FRA

OPTIONS
H2 204 /
testnet.lumio.io/ 0
0 50ms
50ms Preflight 2606:4700:20::681a:182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://testnet.lumio.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://narswap.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83d200d04daa1ca3-FRA
date: Fri, 29 Dec 2023 12:21:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLw6rRt%2FGYdr3IEYrCy08dWAzr0f3zJN5%2BwyX%2BNa9596xSIOJZsrzZyrEtTiulpNR3Pj8IXst6UqF00B1Fsv2VjQWWDm%2BOUH5guJcP3JPrxvWjwd7jLfBQTgZCL12zy5QmDTCwREG6k%2FFZc6LIw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uniswap (Crypto Exchange)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunkname

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

narswap.com
raw.githubusercontent.com
testnet.lumio.io
2606:4700:20::681a:182
2606:4700:3032::ac43:c14f
2606:50c0:8001::154
08c76b4967b0a57ba6b6d81b404fdeb32371792bddf55a97502bd5011f4634c7
0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661
126421f7011f620794db54b2f2a5a38209002f752613f941c02578524e947955
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
67eb1d173bb865267c476fe2df6c37e1fd99c49465e059d029eb7028070f8e4f
890ad2c7e0be1cfa70cff7ae69e7ddc1f8b254f383dd954665b43e1e3b3e51a2
959d91f53b4823f7f04c60a98254e98f1c558dda8aa11b6d4739ca62d5ec3402
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
d3b13ab58672ac7dc060ee29bb3bb5a90a95d6af13d8a41ae11255600a556c0e
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
fb9015c800c5c7f723f6178e336e1fad87d46a3450a601bc7a2a590ddecbe13a

narswap.com Open in urlscan Pro 2606:4700:3032::ac43:c14f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

4 IPs

1 Countries

865 kBTransfer

2437 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

narswap.com Open in urlscan Pro
2606:4700:3032::ac43:c14f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

865 kB
Transfer

2437 kB
Size

0
Cookies

14 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!