arbether.finance Open in urlscan Pro
169.60.48.10 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://arbether.finance/
Effective URL:
https://arbether.finance/
Submission: On April 20 via api (April 20th 2023, 1:40:05 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 169.60.48.10, located in and belongs to SOFTLAYER, US. The main domain is arbether.finance.
TLS certificate: Issued by R3 on April 12th 2023. Valid for: 3 months.

This is the only time arbether.finance was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Uniswap (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 10	169.60.48.10 169.60.48.10	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
3	2606:50c0:800... 2606:50c0:8000::154	54113 (FASTLY) (FASTLY)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	3.208.184.228 3.208.184.228	14618 (AMAZON-AES) (AMAZON-AES)
20	6

10 169.60.48.10 (None, ) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: hs30.name.tools

arbether.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.208.184.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-184-228.compute-1.amazonaws.com

mainnet.infura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	arbether.finance 1 redirects arbether.finance	4 MB
4	infura.io mainnet.infura.io — Cisco Umbrella Rank: 24521	526 B
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	362 B
3	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 3635	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	77 KB
20	5

	Domain	Requested by
10	arbether.finance	1 redirects arbether.finance
4	mainnet.infura.io	arbether.finance
3	region1.google-analytics.com	www.googletagmanager.com
3	raw.githubusercontent.com	arbether.finance
1	www.googletagmanager.com	arbether.finance
20	5

This site contains links to these domains. Also see Links.

Domain
etherscan.io

Subject Issuer	Validity	Valid
arbether.finance R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.infura.io Amazon RSA 2048 M01	`2023-02-28` - `2024-01-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://arbether.finance/
Frame ID: E05471955215A3104FE3DC9BEB796E8B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ARBETH Swap Interfacelogo

Page URL History Show full URLs

http://arbether.finance/ HTTP 301
https://arbether.finance/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

4309 kB
Transfer

4487 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://etherscan.io/gastracker

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://arbether.finance/ HTTP 301
https://arbether.finance/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
arbether.finance/
Redirect Chain

http://arbether.finance/
https://arbether.finance/

5 KB
5 KB

391ms
130ms

Document
text/html

169.60.48.10
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://arbether.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.60.48.10 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: hs30.name.tools
Software: Apache /
Resource Hash: 006b4f63058c5c19788f825f5d68eec5a698a5e7d8ce0705d71423a63960652f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 5211
content-type: text/html
date: Thu, 20 Apr 2023 13:39:58 GMT
last-modified: Tue, 18 Apr 2023 02:53:56 GMT
server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 20 Apr 2023 13:39:58 GMT
Keep-Alive: timeout=20, max=100
Location: https://arbether.finance/
Server: Apache

GET
H2 200 Inter-roman.var.woff2
arbether.finance/fonts/ 222 KB
223 KB 130ms
130ms Font
font/woff2 169.60.48.10
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://arbether.finance/fonts/Inter-roman.var.woff2
Requested by: Host: arbether.finance
URL: https://arbether.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.60.48.10 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: hs30.name.tools
Software: Apache /
Resource Hash: d2d2d11234d0d74c0ed3e9727ef07ac8422cbd5b356296b0f87f679c9f74ce83

Request headers

Referer: https://arbether.finance/
Origin: https://arbether.finance
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:39:58 GMT
last-modified: Fri, 10 Jun 2022 12:57:14 GMT
server: Apache
accept-ranges: bytes
content-length: 227688
content-type: font/woff2

GET
H2 200 3.83e03661.chunk.css
arbether.finance/static/css/ 5 KB
5 KB 130ms
130ms Stylesheet
text/css 169.60.48.10
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://arbether.finance/static/css/3.83e03661.chunk.css
Requested by: Host: arbether.finance
URL: https://arbether.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.60.48.10 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: hs30.name.tools
Software: Apache /
Resource Hash: 37106a4fe323e5d617ad8e9b061be87d5baa3c1a15f5e3a3f2137e9f2a18c641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:39:58 GMT
last-modified: Tue, 18 Apr 2023 02:53:56 GMT
server: Apache
accept-ranges: bytes
content-length: 5331
content-type: text/css

GET
H2 200 3.1e308b9b.chunk.js Show response
arbether.finance/static/js/ 2 MB
2 MB 130ms
130ms Script
application/javascript 169.60.48.10
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://arbether.finance/static/js/3.1e308b9b.chunk.js
Requested by: Host: arbether.finance
URL: https://arbether.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.60.48.10 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: hs30.name.tools
Software: Apache /
Resource Hash: 3d6286fcaf59b0da6d7fdd5700f50b54e536587ea417604fefae90bb00cf4951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:39:58 GMT
last-modified: Tue, 18 Apr 2023 02:53:56 GMT
server: Apache
accept-ranges: bytes
content-length: 2483738
content-type: application/javascript

GET
H2 200 main.7a2bbc37.chunk.js Show response
arbether.finance/static/js/ 671 KB
671 KB 646ms
645ms Script
application/javascript 169.60.48.10
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://arbether.finance/static/js/main.7a2bbc37.chunk.js
Requested by: Host: arbether.finance
URL: https://arbether.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.60.48.10 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: hs30.name.tools
Software: Apache /
Resource Hash: 25c7f9da6d37417078d22914a2d81ac26981eeb330a32ca2461af7144ffd4725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:39:58 GMT
last-modified: Tue, 18 Apr 2023 02:53:56 GMT
server: Apache
accept-ranges: bytes
content-length: 686812
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 38ms
16ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDP9B6W4H8

Requested by

Host: arbether.finance
URL: https://arbether.finance/static/js/3.1e308b9b.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54614ce0132b87c77dca7aee3cee02f3ef0f1b185239cccb8babb80ebad9693d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:40:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 13:40:00 GMT

GET
H2 200 16.a7df63a1.chunk.js Show response
arbether.finance/static/js/ 40 KB
40 KB 131ms
130ms Script
application/javascript 169.60.48.10
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://arbether.finance/static/js/16.a7df63a1.chunk.js
Requested by: Host: arbether.finance
URL: https://arbether.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.60.48.10 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: hs30.name.tools
Software: Apache /
Resource Hash: 6821812182f1cdf57f40db926c0e6de8a2effc9a04ae8f116ba7dab221528e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:40:00 GMT
last-modified: Tue, 18 Apr 2023 02:53:56 GMT
server: Apache
accept-ranges: bytes
content-length: 41149
content-type: application/javascript

GET
H2 200 6.eadbd1b7.chunk.js Show response
arbether.finance/static/js/ 118 KB
118 KB 130ms
130ms Script
application/javascript 169.60.48.10
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://arbether.finance/static/js/6.eadbd1b7.chunk.js
Requested by: Host: arbether.finance
URL: https://arbether.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.60.48.10 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: hs30.name.tools
Software: Apache /
Resource Hash: 4039bd35c0feaf9bafeca6d49eddd370957b3729ef1317ec9c3790749ca7a879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:40:00 GMT
last-modified: Tue, 18 Apr 2023 02:53:56 GMT
server: Apache
accept-ranges: bytes
content-length: 120869
content-type: application/javascript

GET
H2 200 8.f10461aa.chunk.js Show response
arbether.finance/static/js/ 6 KB
6 KB 130ms
129ms Script
application/javascript 169.60.48.10
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://arbether.finance/static/js/8.f10461aa.chunk.js
Requested by: Host: arbether.finance
URL: https://arbether.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.60.48.10 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: hs30.name.tools
Software: Apache /
Resource Hash: 4ee0157a0c1a112652b9b803d81c491c80cf8a74f595c24b78b146c54249a8f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:40:00 GMT
last-modified: Tue, 18 Apr 2023 02:53:56 GMT
server: Apache
accept-ranges: bytes
content-length: 6429
content-type: application/javascript

GET
H2 200 background.png
arbether.finance/images/ 727 KB
727 KB 130ms
130ms Image
image/png 169.60.48.10
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arbether.finance/images/background.png
Requested by: Host: arbether.finance
URL: https://arbether.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.60.48.10 -, , ASN36351 (SOFTLAYER, US),
Reverse DNS: hs30.name.tools
Software: Apache /
Resource Hash: a112c71852452c0c5e6ff24112a4aacae4117a8a7c3d3261d7b9e314e5d30d97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:40:00 GMT
last-modified: Sat, 08 Apr 2023 07:06:26 GMT
server: Apache
accept-ranges: bytes
content-length: 743977
content-type: image/png

GET
H2 200 ba-sec-list.json Show response
raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ 9 KB
3 KB 128ms
112ms Fetch
text/plain 2606:50c0:8000::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ba-sec-list.json

Requested by

Host: arbether.finance
URL: https://arbether.finance/static/js/main.7a2bbc37.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d386b47788b8a9b4a2c05ece2ea499f938bb03391c271fdb0b5b8a36b6aa099d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-fastly-request-id: 9bf8358f2a23b740a1f889f3c69438c82104e45e
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 13:40:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
content-length: 2513
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220020-HHN
x-github-request-id: FDAC:7C33:BC878:116604:644140B0
x-timer: S1681998000.266317,VS0,VE106
etag: W/"cd2dc15eb651e55c6ea6a8afe8994f65144c05370cc94561dc54b0bc0e83772c"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 20 Apr 2023 13:45:00 GMT

GET
H2 200 ba-sec-list.json Show response
raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ 9 KB
3 KB 128ms
114ms Fetch
text/plain 2606:50c0:8000::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ba-sec-list.json

Requested by

Host: arbether.finance
URL: https://arbether.finance/static/js/main.7a2bbc37.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d386b47788b8a9b4a2c05ece2ea499f938bb03391c271fdb0b5b8a36b6aa099d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-fastly-request-id: 17cefe5f5a742c61a935fd595ccb460a5b0c44ac
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 13:40:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
content-length: 2513
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220020-HHN
x-github-request-id: FDAC:7C33:BC878:116604:644140B0
x-timer: S1681998000.266419,VS0,VE106
etag: W/"cd2dc15eb651e55c6ea6a8afe8994f65144c05370cc94561dc54b0bc0e83772c"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 20 Apr 2023 13:45:00 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 652dfd986bf937c8d2e459d25114ed12551d8dde4f8e6dbedd199670d672352a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ba-sec-list.json Show response
raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ 9 KB
3 KB 53ms
53ms Fetch
text/plain 2606:50c0:8000::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ba-sec-list.json

Requested by

Host: arbether.finance
URL: https://arbether.finance/static/js/main.7a2bbc37.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d386b47788b8a9b4a2c05ece2ea499f938bb03391c271fdb0b5b8a36b6aa099d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-fastly-request-id: 8ac6b63eaf8bec0bb8cd8d5cff3663bb005fcc1f
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 13:40:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
content-length: 2513
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220020-HHN
x-github-request-id: FDAC:7C33:BC878:116604:644140B0
x-timer: S1681998000.326956,VS0,VE46
etag: W/"cd2dc15eb651e55c6ea6a8afe8994f65144c05370cc94561dc54b0bc0e83772c"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 20 Apr 2023 13:45:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 50ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KDP9B6W4H8&gtm=45je34c0&_p=1935776317&cid=1029856000.1681998000&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681998000&sct=1&seg=0&dl=https%3A%2F%2Farbether.finance%2F&dt=ARBETH%20Swap%20Interface&en=timing_complete&_fv=1&_nsi=1&_ss=1&_ee=1&ep.storage=none&ep.storeGac=false&ep.name=FCP&epn.value=957&ep.event_category=Web%20Vitals&ep.event_label=v2-1681998000251-8081771793293
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDP9B6W4H8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 13:40:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arbether.finance
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KDP9B6W4H8&gtm=45je34c0&_p=1935776317&cid=1029856000.1681998000&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dp=%2F&sid=1681998000&sct=1&seg=1&dl=https%3A%2F%2Farbether.finance%2F&dt=ARBETH%20Swap%20Interface&en=page_view&_ee=1&ep.storage=none&ep.storeGac=false&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDP9B6W4H8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 13:40:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arbether.finance
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KDP9B6W4H8&gtm=45je34c0&_p=1935776317&cid=1029856000.1681998000&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1681998000&sct=1&seg=1&dl=https%3A%2F%2Farbether.finance%2F&dt=ARBETH%20Swap%20Interface&en=scroll&ep.storage=none&ep.storeGac=false&epn.percent_scrolled=90&_et=48
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDP9B6W4H8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arbether.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 13:40:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arbether.finance
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 403 099fc58e0de9451d80b18d7c74caa7c1 Show response
mainnet.infura.io/v3/ 90 B
263 B 96ms
96ms Fetch
text/plain 3.208.184.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

Requested by

Host: arbether.finance
URL: https://arbether.finance/static/js/main.7a2bbc37.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.184.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-184-228.compute-1.amazonaws.com

Software

Resource Hash

1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://arbether.finance/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://arbether.finance
date: Thu, 20 Apr 2023 13:40:00 GMT
x-content-type-options: nosniff
content-length: 90
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 099fc58e0de9451d80b18d7c74caa7c1
mainnet.infura.io/v3/ 0
0 313ms
97ms Preflight 3.208.184.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.184.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-184-228.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://arbether.finance
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://arbether.finance
access-control-max-age: 86400
content-length: 0
date: Thu, 20 Apr 2023 13:40:00 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 403 099fc58e0de9451d80b18d7c74caa7c1 Show response
mainnet.infura.io/v3/ 90 B
263 B 97ms
96ms Fetch
text/plain 3.208.184.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

Requested by

Host: arbether.finance
URL: https://arbether.finance/static/js/main.7a2bbc37.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.184.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-184-228.compute-1.amazonaws.com

Software

Resource Hash

1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://arbether.finance/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://arbether.finance
date: Thu, 20 Apr 2023 13:40:01 GMT
x-content-type-options: nosniff
content-length: 90
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 099fc58e0de9451d80b18d7c74caa7c1
mainnet.infura.io/v3/ 0
0 96ms
96ms Preflight 3.208.184.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.184.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-184-228.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://arbether.finance
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://arbether.finance
access-control-max-age: 86400
content-length: 0
date: Thu, 20 Apr 2023 13:40:00 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uniswap (Crypto Exchange)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.arbether.finance/	1970-01-20 20:49:18	Name: _ga Value: GA1.1.1029856000.1681998000
			.arbether.finance/	1970-01-20 20:49:18	Name: _ga_KDP9B6W4H8 Value: GS1.1.1681998000.1.1.1681998000.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arbether.finance
mainnet.infura.io
raw.githubusercontent.com
region1.google-analytics.com
www.googletagmanager.com
169.60.48.10
2001:4860:4802:34::36
2606:50c0:8000::154
2a00:1450:4001:802::2008
3.208.184.228
006b4f63058c5c19788f825f5d68eec5a698a5e7d8ce0705d71423a63960652f
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6
25c7f9da6d37417078d22914a2d81ac26981eeb330a32ca2461af7144ffd4725
37106a4fe323e5d617ad8e9b061be87d5baa3c1a15f5e3a3f2137e9f2a18c641
3d6286fcaf59b0da6d7fdd5700f50b54e536587ea417604fefae90bb00cf4951
4039bd35c0feaf9bafeca6d49eddd370957b3729ef1317ec9c3790749ca7a879
4ee0157a0c1a112652b9b803d81c491c80cf8a74f595c24b78b146c54249a8f1
54614ce0132b87c77dca7aee3cee02f3ef0f1b185239cccb8babb80ebad9693d
652dfd986bf937c8d2e459d25114ed12551d8dde4f8e6dbedd199670d672352a
6821812182f1cdf57f40db926c0e6de8a2effc9a04ae8f116ba7dab221528e0a
a112c71852452c0c5e6ff24112a4aacae4117a8a7c3d3261d7b9e314e5d30d97
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
d2d2d11234d0d74c0ed3e9727ef07ac8422cbd5b356296b0f87f679c9f74ce83
d386b47788b8a9b4a2c05ece2ea499f938bb03391c271fdb0b5b8a36b6aa099d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

arbether.finance Open in urlscan Pro 169.60.48.10 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

4309 kBTransfer

4487 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

arbether.finance Open in urlscan Pro
169.60.48.10 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

4309 kB
Transfer

4487 kB
Size

2
Cookies

20 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!