app.arc.market Open in urlscan Pro
76.76.21.21 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.arc.market/
Effective URL:
https://app.arc.market/
Submission: On March 24 via api (March 24th 2023, 9:03:25 am UTC) from FI — Scanned from FI

Summary HTTP 35 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 35 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is app.arc.market.
TLS certificate: Issued by R3 on February 22nd 2023. Valid for: 3 months.

This is the only time app.arc.market was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 12	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	76.76.21.93 76.76.21.93	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.205.30.39 52.205.30.39	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:236... 2600:9000:236e:5c00:f:b5a:f80:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	11

12 76.76.21.21 (Walnut, United States) 1 redirects

ASN16509 (AMAZON-02, US)

app.arc.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.76.21.93 (Walnut, United States)

ASN16509 (AMAZON-02, US)

vercel.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:acf (United States)

ASN13335 (CLOUDFLARENET, US)

lunarcrush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.205.30.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-30-39.compute-1.amazonaws.com

api.arc.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:236e:5c00:f:b5a:f80:21 (United States)

ASN16509 (AMAZON-02, US)

d101uh3ctozg3i.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2a64 (United States)

ASN13335 (CLOUDFLARENET, US)

tokens.1inch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	arc.market 1 redirects app.arc.market api.arc.market	3 MB
4	lunarcrush.com lunarcrush.com	86 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2368	323 B
3	cloudfront.net d101uh3ctozg3i.cloudfront.net	2 KB
2	vercel.live vercel.live — Cisco Umbrella Rank: 127711	38 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	158 KB
1	1inch.io tokens.1inch.io — Cisco Umbrella Rank: 772404	3 KB
1	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 424	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
35	9

	Domain	Requested by
12	app.arc.market	1 redirects app.arc.market vercel.live
5	api.arc.market	app.arc.market
4	lunarcrush.com	app.arc.market
4	region1.google-analytics.com	www.googletagmanager.com
3	d101uh3ctozg3i.cloudfront.net	app.arc.market
2	vercel.live	app.arc.market
2	www.googletagmanager.com	app.arc.market www.googletagmanager.com
1	tokens.1inch.io	app.arc.market
1	play-lh.googleusercontent.com	app.arc.market
1	fonts.googleapis.com	app.arc.market
35	10

This site contains links to these domains. Also see Links.

Domain
arc.market

Subject Issuer	Validity	Valid
app.arc.market R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.vercel.live R3	`2023-02-28` - `2023-05-29`	3 months	crt.sh
www.lunarcrush.com E1	`2023-02-20` - `2023-05-21`	3 months	crt.sh
api.arc.market Amazon RSA 2048 M01	`2023-03-14` - `2024-04-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.arc.market/
Frame ID: C7D6CC635D5EBBDC93A2D9412AB7851D
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ARC | All of Crypto in just 3 clicks

Page URL History Show full URLs

http://app.arc.market/ HTTP 308
https://app.arc.market/ Page URL

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

35
Requests

97 %
HTTPS

70 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

2976 kB
Transfer

10866 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://arc.market/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.arc.market/ HTTP 308
https://app.arc.market/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.arc.market/
Redirect Chain

http://app.arc.market/
https://app.arc.market/

4 KB
2 KB

271ms
167ms

Document
text/html

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.arc.market/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fef78445f5897bf8b81095305573147350ca35bb0e6d52c147d4477b59082f12

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
age: 939171
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7acdbd7a63db2d7d-ARN
content-disposition: inline
content-encoding: br
content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
content-type: text/html; charset=utf-8
date: Fri, 24 Mar 2023 09:03:18 GMT
etag: W/"1c3d136b8608b643810a81e04bfab092"
permissions-policy: geolocation=(self), microphone=()
referrer-policy: strict-origin
server: Vercel
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
x-vercel-cache: HIT
x-vercel-id: arn1:arn1:arn1:arn1::s9htj-1679648598129-63620df46f6d
x-xss-protection: 1; mode=block

Redirect headers

Content-Type: text/plain
Location: https://app.arc.market/
Refresh: 0;url=https://app.arc.market/
server: Vercel

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 237ms
83ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500&display=swap

Requested by

Host: app.arc.market
URL: https://app.arc.market/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13924289edf21ada5479d8d827678783dd88ab74bc87aae70d784a6e4fa6618f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 09:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 09:03:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 09:03:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
80 KB 253ms
100ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CC4MCJ6MMG

Requested by

Host: app.arc.market
URL: https://app.arc.market/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b163ee49e4a5ed0eb4ced5f9b0143bfc50a3d00da442c6565f26cc68e6649191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Mar 2023 09:03:18 GMT

GET
H2 200 2.849a7a81.chunk.css
app.arc.market/static/css/ 2 KB
659 B 138ms
137ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.arc.market/static/css/2.849a7a81.chunk.css

Requested by

Host: app.arc.market
URL: https://app.arc.market/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d2a3fc9f5e7c469727491261130669835d0a2a62eb2c60ca371031ce3da6c6ad

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
content-encoding: br
x-content-type-options: nosniff
date: Fri, 24 Mar 2023 09:03:18 GMT
strict-transport-security: max-age=63072000
age: 943327
content-disposition: inline; filename="2.849a7a81.chunk.css"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: arn1:arn1::jm4fv-1679648598303-428b796c068c
etag: W/"329bd7b66f6112ba2a160c4eb1970054"
x-vercel-cache: HIT
x-frame-options: DENY
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
permissions-policy: geolocation=(self), microphone=()

GET
H2 200 main.ac34f1da.chunk.css
app.arc.market/static/css/ 710 KB
99 KB 55ms
54ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.arc.market/static/css/main.ac34f1da.chunk.css

Requested by

Host: app.arc.market
URL: https://app.arc.market/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fd1d003cbeb108930e060dcb3c780447c9b0b92002cbdf5bc1c958015b91eacd

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
content-encoding: br
x-content-type-options: nosniff
date: Fri, 24 Mar 2023 09:03:18 GMT
strict-transport-security: max-age=63072000
age: 943327
content-disposition: inline; filename="main.ac34f1da.chunk.css"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: arn1:arn1::s9htj-1679648598303-903be9cb6785
etag: W/"08ec86b515fd704f8d8c9282d4879659"
x-vercel-cache: HIT
x-frame-options: DENY
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
permissions-policy: geolocation=(self), microphone=()

GET
H2 200 2.989c89dd.chunk.js Show response
app.arc.market/static/js/ 8 MB
2 MB 63ms
62ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.arc.market/static/js/2.989c89dd.chunk.js

Requested by

Host: app.arc.market
URL: https://app.arc.market/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ac938edbd57363d05a42d629b8169c5012b1c4547cf90b5af48a55a8648727ea

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
content-encoding: br
x-content-type-options: nosniff
date: Fri, 24 Mar 2023 09:03:18 GMT
strict-transport-security: max-age=63072000
age: 943326
content-disposition: inline; filename="2.989c89dd.chunk.js"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: arn1:arn1::r7f4h-1679648598303-6b7da184b95b
etag: W/"68ada91e63078b918f5fd20b5a6f2729"
x-vercel-cache: HIT
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
permissions-policy: geolocation=(self), microphone=()

GET
H2 200 main.b6a9efe4.chunk.js Show response
app.arc.market/static/js/ 466 KB
130 KB 56ms
55ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.arc.market/static/js/main.b6a9efe4.chunk.js

Requested by

Host: app.arc.market
URL: https://app.arc.market/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9259aaa9e17627f8e368a62ad6ca4372e7b63de12978587d98a889d67c987f02

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
content-encoding: br
x-content-type-options: nosniff
date: Fri, 24 Mar 2023 09:03:18 GMT
strict-transport-security: max-age=63072000
age: 934476
content-disposition: inline; filename="main.b6a9efe4.chunk.js"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: arn1:arn1::cg426-1679648598303-72147e1aa7a9
etag: W/"2fa7e2b0a33789e91c886a0bda16658e"
x-vercel-cache: HIT
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
permissions-policy: geolocation=(self), microphone=()

GET
H2 200 feedback.js Show response
vercel.live/_next-live/feedback/ 56 KB
19 KB 181ms
67ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vercel.live/_next-live/feedback/feedback.js

Requested by

Host: app.arc.market
URL: https://app.arc.market/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4b38267ff0e262d4858e47dcca762ba8c0a3c77563dabe87eecf0211992f5065

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:18 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1:arn1::f69fx-1679648598654-5aecc10d63f1
age: 114865
x-matched-path: /_next-live/feedback/feedback.js
etag: W/"8cc6b5c636c449892503b59100ef9166"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60,stale-while-revalidate=600
content-disposition: inline; filename="feedback.js"
x-robots-tag: noindex

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 101ms
100ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L67489R3LS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CC4MCJ6MMG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de8637398766ce113deae5d89f10686455b8e6b3151864d832027a6b017e55b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78890
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Mar 2023 09:03:18 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 147ms
56ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CC4MCJ6MMG&gtm=45je33m0&_p=30142303&cid=1124915910.1679648599&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679648598&sct=1&seg=0&dl=https%3A%2F%2Fapp.arc.market%2F&dt=ARC%20%7C%20All%20of%20Crypto%20in%20just%203%20clicks&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CC4MCJ6MMG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:03:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.arc.market
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L67489R3LS&gtm=45je33m0&_p=30142303&cid=1124915910.1679648599&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679648598&sct=1&seg=0&dl=https%3A%2F%2Fapp.arc.market%2F&dt=ARC%20%7C%20All%20of%20Crypto%20in%20just%203%20clicks&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L67489R3LS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:03:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.arc.market
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 list
lunarcrush.com/api3/coins/ 0
0 163ms
60ms Preflight 2606:4700:10::6816:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lunarcrush.com/api3/coins/list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://app.arc.market
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
cf-ray: 7acdbd888a42d94f-HEL
content-length: 0
date: Fri, 24 Mar 2023 09:03:20 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 fng Show response
api.arc.market/ws/v2/ 165 B
986 B 613ms
257ms XHR
application/json 52.205.30.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.arc.market/ws/v2/fng

Requested by

Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.30.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-30-39.compute-1.amazonaws.com

Software

Resource Hash

70a56351c2754ddc0e930ee2fdd837d6c184494a508301124b8ec0e85f2c9d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-40d46fd420d34420333d53e2040d0122';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-9aea6798e336a17af3e25c1e5b5abe71';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:20 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-40d46fd420d34420333d53e2040d0122';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-9aea6798e336a17af3e25c1e5b5abe71';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 165
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
x-ratelimit-remaining: 4995
access-control-allow-credentials: true
x-ratelimit-reset: 10
x-ratelimit-limit: 5000

GET
H2 200 bg-dark.7ddea6a7.png
app.arc.market/static/media/ 347 KB
347 KB 55ms
55ms Image
image/png 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.arc.market/static/media/bg-dark.7ddea6a7.png

Requested by

Host: app.arc.market
URL: https://app.arc.market/static/css/main.ac34f1da.chunk.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f8a62791425b05b88de1382e2d5ccc9c20c0d80c7c846618ff2cb6c91838c6d6

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
date: Fri, 24 Mar 2023 09:03:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 943324
content-disposition: inline; filename="bg-dark.7ddea6a7.png"
content-length: 355182
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: arn1:arn1::fs7h4-1679648600292-90ae4bfd860c
etag: "abf0c0aa2a5d04a4767c5ca9945cb5d8"
x-vercel-cache: HIT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
permissions-policy: geolocation=(self), microphone=()
accept-ranges: bytes

GET
H2 200 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee Show response
d101uh3ctozg3i.cloudfront.net/cmc/ETH/ 3 KB
1 KB 241ms
71ms XHR
application/json 2600:9000:236e:5c00:f:b5a:f80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d101uh3ctozg3i.cloudfront.net/cmc/ETH/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Requested by: Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5c00:f:b5a:f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: dd0c0a7ea1b5619be3a58ff65abfe13d6982230cc53a6687c8aca93594d61765

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 06:54:31 GMT
content-encoding: br
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 7728
x-powered-by: Express
etag: W/"d0c-/uhV914Xle8CDxByL2m7DkITfYg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: qnje0zii9cGxKdhtgoqw3_uWinqbRgxNlvH4AhCMMyvn7rcLPAEKCQ==

GET
H2 200 ETH Show response
d101uh3ctozg3i.cloudfront.net/scr/ 3 B
334 B 243ms
73ms XHR
text/html 2600:9000:236e:5c00:f:b5a:f80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d101uh3ctozg3i.cloudfront.net/scr/ETH
Requested by: Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5c00:f:b5a:f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: e2f79e5b60330bba4c289962231b6ba2957d0b14e7deb3110417003c79dea635

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:45:35 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 80265
x-powered-by: Express
etag: W/"3-CNLpjmdUr5QUhISJMMy63f7+E9Y"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-length: 3
x-amz-cf-id: NC9BstuYqi2ENnu3gPcHnbre11GWtw9Ltfx_oE-J9Ff-XMA-y71m2g==

GET
H2 200 list Show response
lunarcrush.com/api3/coins/ 419 KB
85 KB 1244ms
1244ms XHR
application/json 2606:4700:10::6816:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lunarcrush.com/api3/coins/list
Requested by: Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4cff201c8b7f3f7089e88bf955f9d64921c983dc985824b46031a1224853d5

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer ghazgmkfvy4efzbs2vui3eq2sle8ea4wbrzl8nj9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-lunar-endpoint: /coins/list
cache-control: public, max-age:300, s-max-age:360, stale-while-revalidate=360
x-lunar-age: 146
cf-ray: 7acdbd88eb1cd94f-HEL

GET
H2 200 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee Show response
api.arc.market/ws/v2/tokenPrice/ETH/ 48 B
868 B 745ms
429ms XHR
application/json 52.205.30.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.arc.market/ws/v2/tokenPrice/ETH/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

Requested by

Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.30.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-30-39.compute-1.amazonaws.com

Software

Resource Hash

0448f76a486454a7b71d3a79b6886b18df62c84d6bfb77022df40e7f62e77788

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-5966d39874199b804d812b9868a4b5de';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-c189780c99fc2e0213fbedaa344d3a0f';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:20 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-5966d39874199b804d812b9868a4b5de';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-c189780c99fc2e0213fbedaa344d3a0f';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 48
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
x-ratelimit-remaining: 4995
access-control-allow-credentials: true
x-ratelimit-reset: 10
x-ratelimit-limit: 5000

GET
H2 200 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee Show response
api.arc.market/ws/v2/tokenPrice/ETH/ 46 B
866 B 746ms
431ms XHR
application/json 52.205.30.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.arc.market/ws/v2/tokenPrice/ETH/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

Requested by

Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.30.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-30-39.compute-1.amazonaws.com

Software

Resource Hash

56885d00e8b7e140a27c32454a7b8a392b37486e4bf1f062010594de0550a012

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-e8391b0320a6b0b975d43b6f9131ab92';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-c65c891cf23140d1c15c2642d0dbfbff';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:20 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-e8391b0320a6b0b975d43b6f9131ab92';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-c65c891cf23140d1c15c2642d0dbfbff';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 46
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
x-ratelimit-remaining: 4996
access-control-allow-credentials: true
x-ratelimit-reset: 25
x-ratelimit-limit: 5000

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 PjoJoG27miSglVBXoXrxBSLveV6e3EeBPpNY55aiUUBM9Q1RCETKCOqdOkX2ZydqVf0
play-lh.googleusercontent.com/ 42 KB
43 KB 241ms
80ms Image
image/jpeg 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/PjoJoG27miSglVBXoXrxBSLveV6e3EeBPpNY55aiUUBM9Q1RCETKCOqdOkX2ZydqVf0

Requested by

Host: app.arc.market
URL: https://app.arc.market/swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

39d78fc2e8f26aca8d00da924af93d30133d1f871bfa03a1b8a1dd9fc6a94ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 06:57:20 GMT
x-content-type-options: nosniff
age: 7560
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43441
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 24 Mar 2023 18:16:03 GMT

GET
H2 200 arc-logo.dc6e3809.png
app.arc.market/static/media/ 33 KB
33 KB 159ms
158ms Image
image/png 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.arc.market/static/media/arc-logo.dc6e3809.png

Requested by

Host: app.arc.market
URL: https://app.arc.market/swap

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0b789cf651d97abe836e702ca143b170bb2b99b706917e658e9b07b2daf82c79

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
date: Fri, 24 Mar 2023 09:03:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 943325
content-disposition: inline; filename="arc-logo.dc6e3809.png"
content-length: 33294
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: arn1:arn1::r7f4h-1679648600315-f7264c95e0c5
etag: "4d13e00362571afa4e0cedd872340ba0"
x-vercel-cache: HIT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
permissions-policy: geolocation=(self), microphone=()
accept-ranges: bytes

GET
H2 200 moon.a884b254.svg
app.arc.market/static/media/ 767 B
907 B 200ms
198ms Image
image/svg+xml 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.arc.market/static/media/moon.a884b254.svg

Requested by

Host: app.arc.market
URL: https://app.arc.market/swap

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b54056ad62fa35f6e8a235cf53e2a0e82995249b6b16865eac7deaef339bd118

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
date: Fri, 24 Mar 2023 09:03:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 943325
content-disposition: inline; filename="moon.a884b254.svg"
content-length: 767
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: arn1:arn1::vgxj2-1679648600315-06b748e7f697
etag: "043ef0fffbd6bedd32830695ed88ec8b"
x-vercel-cache: HIT
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
permissions-policy: geolocation=(self), microphone=()
accept-ranges: bytes

GET
H2 200 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee.png
tokens.1inch.io/ 3 KB
3 KB 155ms
55ms Image
image/webp 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tokens.1inch.io/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee.png
Requested by: Host: app.arc.market
URL: https://app.arc.market/swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0261e0a326a201b70636815b8d1712153416088e2e3428c7b9f7493be15b2a42

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:20 GMT
cf-cache-status: HIT
age: 346
cf-polished: origFmt=png, origSize=7382
x-powered-by: Express
x-envoy-upstream-service-time: 6
content-disposition: inline; filename="0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee.webp"
content-length: 2910
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Mar 2023 19:50:32 GMT
server: cloudflare
etag: W/"1cd6-1870adf7f40"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
cf-ray: 7acdbd88986f376c-HEL

GET
H2 200 chevron-down.65679449.svg
app.arc.market/static/media/ 217 B
374 B 198ms
198ms Image
image/svg+xml 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.arc.market/static/media/chevron-down.65679449.svg

Requested by

Host: app.arc.market
URL: https://app.arc.market/swap

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

51daddf4e03b50a523824385778f2ae26204963191a95b61917f9a048753309c

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
date: Fri, 24 Mar 2023 09:03:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 943325
content-disposition: inline; filename="chevron-down.65679449.svg"
content-length: 217
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: arn1:arn1::fs7h4-1679648600315-ffd2740acf09
etag: "28cdc747bf521dcd7077877fc556a9a9"
x-vercel-cache: HIT
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
permissions-policy: geolocation=(self), microphone=()
accept-ranges: bytes

GET
H2 200 refresh-icon.ee8e281a.svg
app.arc.market/static/media/ 755 B
984 B 200ms
200ms Image
image/svg+xml 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.arc.market/static/media/refresh-icon.ee8e281a.svg

Requested by

Host: app.arc.market
URL: https://app.arc.market/swap

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8c302782cd2e0dbf9da594f466553b16856fbc8723828111ab95d9ca55892608

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
date: Fri, 24 Mar 2023 09:03:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 943325
content-disposition: inline; filename="refresh-icon.ee8e281a.svg"
content-length: 755
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: arn1:arn1::6tsbt-1679648600350-e8ba3835a63c
etag: "e7229ae336618fa0ed1da940de322077"
x-vercel-cache: HIT
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
permissions-policy: geolocation=(self), microphone=()
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a1adef5a98638c3550e21993b3ee78504854e1bcf854bea656bf22c3af5490d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 939c0c679c0c6a6915ffdaed007fd767960f6d0cf9b38136e834ce1e93bbe807

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 322a04b6a58b1d7b8079c08af35190067979ffaf13cd12d2e8137b252e0a76e7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4602c08be5cb9a108f62c4e920b68472db9baf98022db0be7be1dbc3afaaeca

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK bf674eb7-fbb2-4f91-a95d-b7cb8595e580
https://app.arc.market/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.arc.market/bf674eb7-fbb2-4f91-a95d-b7cb8595e580
Requested by: Host: app.arc.market
URL: https://app.arc.market/swap
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab94f75dd2b5efc5e3b0b9dc17e3f92a8fd66ae66bb1d0a6918778ddefcf6322

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length: 1674
Content-Type: application/javascript

GET
H2 200 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee Show response
api.arc.market/ws/v2/tokenPrice/ETH/ 46 B
866 B 729ms
433ms XHR
application/json 52.205.30.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.arc.market/ws/v2/tokenPrice/ETH/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

Requested by

Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.30.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-30-39.compute-1.amazonaws.com

Software

Resource Hash

56885d00e8b7e140a27c32454a7b8a392b37486e4bf1f062010594de0550a012

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-3421463a7e8ab94ea5b62dead089f440';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-b71e3d76dafa33146f2688b44285a14c';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:20 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-3421463a7e8ab94ea5b62dead089f440';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-b71e3d76dafa33146f2688b44285a14c';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 46
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
x-ratelimit-remaining: 4996
access-control-allow-credentials: true
x-ratelimit-reset: 24
x-ratelimit-limit: 5000

GET
H2 200 feedback.js
vercel.live/_next-live/feedback/ 56 KB
19 KB 317ms
316ms Other
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vercel.live/_next-live/feedback/feedback.js

Requested by

Host: app.arc.market
URL: https://app.arc.market/swap

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4b38267ff0e262d4858e47dcca762ba8c0a3c77563dabe87eecf0211992f5065

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:20 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1:arn1::vtwpv-1679648600450-f728e384f432
age: 123753
x-matched-path: /_next-live/feedback/feedback.js
etag: W/"8cc6b5c636c449892503b59100ef9166"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60,stale-while-revalidate=600
content-disposition: inline; filename="feedback.js"
x-robots-tag: noindex

OPTIONS
H2 204 /
app.arc.market/ 0
0 180ms
179ms Fetch 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.arc.market/

Requested by

Host: vercel.live
URL: https://vercel.live/_next-live/feedback/feedback.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app.arc.market/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
date: Fri, 24 Mar 2023 09:03:20 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::p9dsg-1679648600335-7c5fd49dd6f2
x-content-type-options: nosniff
x-vercel-cache: BYPASS
x-frame-options: DENY
access-control-allow-methods: OPTIONS, GET, HEAD
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
permissions-policy: geolocation=(self), microphone=()
content-disposition: inline
x-xss-protection: 1; mode=block

GET
H2 200 global Show response
d101uh3ctozg3i.cloudfront.net/cmc/ 2 KB
902 B 70ms
70ms XHR
application/json 2600:9000:236e:5c00:f:b5a:f80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d101uh3ctozg3i.cloudfront.net/cmc/global
Requested by: Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5c00:f:b5a:f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 09718aa0dcf97f6cc0e2f82ce5b7da7d0b53ef20c99009b287894757b60f7ebc

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 05:59:44 GMT
content-encoding: br
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 11016
x-powered-by: Express
etag: W/"7a0-lEj4Wbg6ujKh2+LtJX4K41PA5uQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: hS4Z4XW4VHPxq4s1iD2e74RW5RR3OJqIubuMkrg9eRfHvfvc0MCuuQ==

GET
H2 200 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee Show response
api.arc.market/ws/v2/tokenPrice/ETH/ 48 B
866 B 421ms
421ms XHR
application/json 52.205.30.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.arc.market/ws/v2/tokenPrice/ETH/0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

Requested by

Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.30.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-30-39.compute-1.amazonaws.com

Software

Resource Hash

0448f76a486454a7b71d3a79b6886b18df62c84d6bfb77022df40e7f62e77788

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-df58c4784c7c06edb4c27e56eabb72c2';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-bcf9c586aae8332a47adcda11b921ab1';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:21 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self' 'nonce-df58c4784c7c06edb4c27e56eabb72c2';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' 'nonce-bcf9c586aae8332a47adcda11b921ab1';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 48
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
x-ratelimit-remaining: 4995
access-control-allow-credentials: true
x-ratelimit-reset: 9
x-ratelimit-limit: 5000

OPTIONS
H2 200 2
lunarcrush.com/api3/coins/ 0
0 69ms
69ms Preflight 2606:4700:10::6816:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lunarcrush.com/api3/coins/2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://app.arc.market
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
cf-ray: 7acdbd936ad6d94f-HEL
content-length: 0
date: Fri, 24 Mar 2023 09:03:22 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 402 2 Show response
lunarcrush.com/api3/coins/ 106 B
238 B 1003ms
1002ms XHR
application/json 2606:4700:10::6816:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lunarcrush.com/api3/coins/2
Requested by: Host: app.arc.market
URL: https://app.arc.market/static/js/2.989c89dd.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8773b7aa1590bcb9ca6151454479814a6606f120c733d7bdaefcb0687a8cfaa

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
Authorization: Bearer ghazgmkfvy4efzbs2vui3eq2sle8ea4wbrzl8nj9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 09:03:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-lunar-endpoint
cache-control: public, max-age:60, s-max-age:120, stale-while-revalidate=120
x-lunar-age: 0
cf-ray: 7acdbd93dbc7d94f-HEL

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CC4MCJ6MMG&gtm=45je33m0&_p=30142303&cid=1124915910.1679648599&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1679648598&sct=1&seg=0&dl=https%3A%2F%2Fapp.arc.market%2F&dt=ARC%20%7C%20All%20of%20Crypto%20in%20just%203%20clicks&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CC4MCJ6MMG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:03:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.arc.market
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 46ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L67489R3LS&gtm=45je33m0&_p=30142303&cid=1124915910.1679648599&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1679648598&sct=1&seg=0&dl=https%3A%2F%2Fapp.arc.market%2F&dt=ARC%20%7C%20All%20of%20Crypto%20in%20just%203%20clicks&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L67489R3LS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.arc.market/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 09:03:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.arc.market
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.arc.market/	1970-01-20 20:10:08	Name: _ga Value: GA1.1.1124915910.1679648599
.arc.market/	1970-01-20 20:10:08	Name: _ga_CC4MCJ6MMG Value: GS1.1.1679648598.1.1.1679648601.0.0.0
.arc.market/	1970-01-20 20:10:08	Name: _ga_L67489R3LS Value: GS1.1.1679648598.1.1.1679648601.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lunarcrush.com/api3/coins/2 Message: Failed to load resource: the server responded with a status of 402 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	worker-src blob:; default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.arc.market
app.arc.market
d101uh3ctozg3i.cloudfront.net
fonts.googleapis.com
lunarcrush.com
play-lh.googleusercontent.com
region1.google-analytics.com
tokens.1inch.io
vercel.live
www.googletagmanager.com
2001:4860:4802:34::36
2600:9000:236e:5c00:f:b5a:f80:21
2606:4700:10::6816:acf
2606:4700:4400::6812:2a64
2a00:1450:4001:801::2008
2a00:1450:4001:806::2016
2a00:1450:4001:80e::200a
52.205.30.39
76.76.21.21
76.76.21.93
0261e0a326a201b70636815b8d1712153416088e2e3428c7b9f7493be15b2a42
0448f76a486454a7b71d3a79b6886b18df62c84d6bfb77022df40e7f62e77788
09718aa0dcf97f6cc0e2f82ce5b7da7d0b53ef20c99009b287894757b60f7ebc
0a1adef5a98638c3550e21993b3ee78504854e1bcf854bea656bf22c3af5490d
0b789cf651d97abe836e702ca143b170bb2b99b706917e658e9b07b2daf82c79
13924289edf21ada5479d8d827678783dd88ab74bc87aae70d784a6e4fa6618f
322a04b6a58b1d7b8079c08af35190067979ffaf13cd12d2e8137b252e0a76e7
39d78fc2e8f26aca8d00da924af93d30133d1f871bfa03a1b8a1dd9fc6a94ccd
4b38267ff0e262d4858e47dcca762ba8c0a3c77563dabe87eecf0211992f5065
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
51daddf4e03b50a523824385778f2ae26204963191a95b61917f9a048753309c
56885d00e8b7e140a27c32454a7b8a392b37486e4bf1f062010594de0550a012
70a56351c2754ddc0e930ee2fdd837d6c184494a508301124b8ec0e85f2c9d9f
7f4cff201c8b7f3f7089e88bf955f9d64921c983dc985824b46031a1224853d5
8c302782cd2e0dbf9da594f466553b16856fbc8723828111ab95d9ca55892608
9259aaa9e17627f8e368a62ad6ca4372e7b63de12978587d98a889d67c987f02
939c0c679c0c6a6915ffdaed007fd767960f6d0cf9b38136e834ce1e93bbe807
ab94f75dd2b5efc5e3b0b9dc17e3f92a8fd66ae66bb1d0a6918778ddefcf6322
ac938edbd57363d05a42d629b8169c5012b1c4547cf90b5af48a55a8648727ea
b163ee49e4a5ed0eb4ced5f9b0143bfc50a3d00da442c6565f26cc68e6649191
b4602c08be5cb9a108f62c4e920b68472db9baf98022db0be7be1dbc3afaaeca
b54056ad62fa35f6e8a235cf53e2a0e82995249b6b16865eac7deaef339bd118
d2a3fc9f5e7c469727491261130669835d0a2a62eb2c60ca371031ce3da6c6ad
dd0c0a7ea1b5619be3a58ff65abfe13d6982230cc53a6687c8aca93594d61765
de8637398766ce113deae5d89f10686455b8e6b3151864d832027a6b017e55b8
e2f79e5b60330bba4c289962231b6ba2957d0b14e7deb3110417003c79dea635
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8773b7aa1590bcb9ca6151454479814a6606f120c733d7bdaefcb0687a8cfaa
f8a62791425b05b88de1382e2d5ccc9c20c0d80c7c846618ff2cb6c91838c6d6
fd1d003cbeb108930e060dcb3c780447c9b0b92002cbdf5bc1c958015b91eacd
fef78445f5897bf8b81095305573147350ca35bb0e6d52c147d4477b59082f12

app.arc.market Open in urlscan Pro 76.76.21.21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

97 %HTTPS

70 %IPv6

9 Domains

10 Subdomains

11 IPs

2 Countries

2976 kBTransfer

10866 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.arc.market Open in urlscan Pro
76.76.21.21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

97 %
HTTPS

70 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

2976 kB
Transfer

10866 kB
Size

3
Cookies

35 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!