urlscan.io logo urlscan.io
SecurityTrails logo

xrp-fund.org Open in urlscan Pro
178.210.87.58  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xrp-fund.org/
Effective URL: https://xrp-fund.org/
Submission: On April 12 via manual
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 178.210.87.58, located in Russian Federation and belongs to RU-CENTER, RU. The main domain is xrp-fund.org.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on April 10th 2021. Valid for: 6 months.
This is the only time xrp-fund.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 13 178.210.87.58 48287 (RU-CENTER)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.139.128.8 20446 (HIGHWINDS3)
2 185.129.100.100 57724 (DDOS-GUARD)
1 151.101.112.193 54113 (FASTLY)
1 2600:9000:218... 16509 (AMAZON-02)
1 52.59.167.155 16509 (AMAZON-02)
22 8
13    178.210.87.58 (Russian Federation)

ASN48287 (RU-CENTER, RU)
PTR: lite614302.nichost.ru
xrp-fund.org
2    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    151.139.128.8 (United States)

ASN20446 (HIGHWINDS3, US)
pro.fontawesome.com
2    185.129.100.100 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
check.ddos-guard.net
1    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2600:9000:2182:b200:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
1    52.59.167.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-167-155.eu-central-1.compute.amazonaws.com
ceoeth.matomo.cloud
Domain Requested by
13 xrp-fund.org 1 redirects xrp-fund.org
3 pro.fontawesome.com xrp-fund.org
pro.fontawesome.com
2 check.ddos-guard.net xrp-fund.org
2 unpkg.com xrp-fund.org
1 ceoeth.matomo.cloud cdn.matomo.cloud
1 cdn.matomo.cloud xrp-fund.org
1 i.imgur.com xrp-fund.org
22 7

This site contains no links.

Subject Issuer Validity Valid
xrp-fund.org
Encryption Everywhere DV TLS CA - G1		 2021-04-10 -
2021-10-06		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-02 -
2021-08-02		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.ddos-guard.net
Sectigo RSA Domain Validation Secure Server CA		 2019-07-03 -
2021-07-02		 2 years crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
cdn.matomo.cloud
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.matomo.cloud
R3		 2021-04-12 -
2021-07-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xrp-fund.org/
Frame ID: 4C146A3D33F96C1BC1D7D049D93357F4
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xrp-fund.org/ HTTP 301
    https://xrp-fund.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

773 kB
Transfer

1545 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xrp-fund.org/ HTTP 301
    https://xrp-fund.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xrp-fund.org/
Redirect Chain
  • http://xrp-fund.org/
  • https://xrp-fund.org/
25 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c3334b82eebc70a2f34466cda9ed8859a4895592472b4fd6830c03022b0722af

Request headers

:method
GET
:authority
xrp-fund.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.18.0 (Ubuntu)
date
Mon, 12 Apr 2021 23:18:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 12 Apr 2021 23:18:44 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
318
Connection
keep-alive
Location
https://xrp-fund.org/
aos.css
unpkg.com/aos@2.3.1/dist/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
9314470
vary
Accept-Encoding
cf-request-id
0969fa6950000005bf27ad6000000001
last-modified
Thu, 17 May 2018 22:11:13 GMT
server
cloudflare
etag
W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
9c017b16d92f90b838e8256af674bcb6
cache-control
public, max-age=31536000
cf-ray
63f02ceeea5a05bf-FRA
all.css
pro.fontawesome.com/releases/v5.10.0/css/ 		153 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Origin
https://xrp-fund.org
Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2019 15:21:55 GMT
etag
"aa1272633e7e552395d147a499bad186"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1618269524.cds158.fr8.hn,1618269524.cds225.fr8.c
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
access-control-allow-methods
GET
accept-ranges
bytes
content-length
30107
app.css
xrp-fund.org/dist/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xrp-fund.org/dist/css/app.css
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=utf-8
app.css
xrp-fund.org/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xrp-fund.org/css/app.css
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d0097a7985b09d917f0c53c9f8d1e0f2c93f306e291416c93e9460b112f611a3

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
gzip
last-modified
Sat, 10 Apr 2021 10:19:07 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"60717b9b-676b"
vary
Accept-Encoding
content-type
text/css
check.js
check.ddos-guard.net/ 		152 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://check.ddos-guard.net/check.js
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.100 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
017753b655d2c94f7cb0fcf45db5c2fda057aaa4e8e4653963ef251519ad0b3b

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
ddos-guard
etag
22xDUUvIfGpPnVA0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
private, s-maxage=0, max-age=31536000
content-type
application/javascript
content-length
152
expires
Tue, 12 Apr 2022 23:18:44 GMT
logo.png
xrp-fund.org/images/content/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xrp-fund.org/images/content/logo.png
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7a1202d817d51f33d93ea003ba5555f0607903360f81349060811d976363a3fe

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
last-modified
Sat, 10 Apr 2021 10:19:07 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"60717b9b-8525"
content-length
34085
content-type
image/png
person.jpeg
xrp-fund.org/images/content/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xrp-fund.org/images/content/person.jpeg
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3722e664ee6f3aa843e4280f251e59d1473706574ecdb8c1423c21f11976896e

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
last-modified
Sat, 10 Apr 2021 10:19:07 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"60717b9b-1986"
content-length
6534
content-type
image/jpeg
coin.png
xrp-fund.org/images/content/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xrp-fund.org/images/content/coin.png
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
47d49ac48c48a8901a581edf4f8d9a309527d3bd56f6b525d1592cd5d046cf2e

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
last-modified
Sat, 10 Apr 2021 10:19:07 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"60717b9b-b04d"
content-length
45133
content-type
image/png
usd-ico.svg
xrp-fund.org/images/content/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xrp-fund.org/images/content/usd-ico.svg
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
68bd7884e1c3b43ee3bd7d93aba68513f24b1273558962b69cbe672644fd215a

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
gzip
last-modified
Sat, 10 Apr 2021 10:19:07 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"60717b9b-8d9"
vary
Accept-Encoding
content-type
image/svg+xml
PSaZJAQ.jpg
i.imgur.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/PSaZJAQ.jpg
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8c101c127cbaca7029d3d578fa9c7bfe53a879d7ae5a34b8ad57af7c80bae896
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
x-content-type-options
nosniff
age
292718
x-cache
MISS, HIT
content-length
15214
x-served-by
cache-bwi5120-BWI, cache-hhn4082-HHN
last-modified
Fri, 09 Apr 2021 14:00:06 GMT
server
cat factory 1.0
x-timer
S1618269524.380030,VS0,VE1
etag
"f7ac24fffac4d35b0e7444789119781a"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 1
aos.js
unpkg.com/aos@2.3.1/dist/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
4806626
vary
Accept-Encoding
cf-request-id
0969fa697e000005bf6d290000000001
last-modified
Thu, 17 May 2018 22:11:13 GMT
server
cloudflare
etag
W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
59968eea5933b4b373339cae778b6946
cache-control
public, max-age=31536000
cf-ray
63f02cef3aa605bf-FRA
jquery-1.11.1.min.js
xrp-fund.org/static/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xrp-fund.org/static/jquery-1.11.1.min.js
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
gzip
last-modified
Sat, 10 Apr 2021 10:19:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"60717b9c-1762a"
vary
Accept-Encoding
content-type
application/javascript
toast.min.js
xrp-fund.org/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xrp-fund.org/static/toast.min.js
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
475461dbaecdabf79083b4374920d5cbf7f9d2334c1e2b991416db0bb3227006

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
gzip
last-modified
Sat, 10 Apr 2021 10:19:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"60717b9c-882"
vary
Accept-Encoding
content-type
application/javascript
app.js
xrp-fund.org/js/ 		614 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xrp-fund.org/js/app.js
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
40c03d9eb381232262270f6266e81db9affdd08bb8bd56bd9d6551e6b3c45a21

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
gzip
last-modified
Sat, 10 Apr 2021 10:19:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"60717b9c-99903"
vary
Accept-Encoding
content-type
application/javascript
matomo.js
cdn.matomo.cloud/ceoeth.matomo.cloud/ 		125 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/ceoeth.matomo.cloud/matomo.js
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:b200:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8305ff999b656765973cf7c0dfd59f2fc048db655adc9b3a4b996c1bc02e743b

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 12 Apr 2021 23:18:45 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 09:57:53 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
W/"ed84e925965176e13f3b834c28e9c8be"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
cache-control
max-age=691200
x-amz-cf-id
K-2sD4qvKHrqs44nSYpfHSM3rMrTJGwUHYR68WypY5qXs8705O5rYA==
truncated
/ 		501 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e681315667a7e8214de4505ba89694f7dfb051de8161a6ba95191fb5eac7f96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
OpenSans-Regular.1b0809.ttf
xrp-fund.org/fonts/ 		95 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xrp-fund.org/fonts/OpenSans-Regular.1b0809.ttf
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/css/app.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Request headers

Origin
https://xrp-fund.org
Referer
https://xrp-fund.org/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
last-modified
Sat, 10 Apr 2021 10:19:08 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"17aa4-5bf9b9c611f00"
content-length
96932
content-type
application/font-sfnt
fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 		120 KB
120 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37

Request headers

Origin
https://xrp-fund.org
Referer
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
last-modified
Mon, 29 Jul 2019 15:23:53 GMT
etag
"88fd444847dc842d15e229df26571b03"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
accept-ranges
bytes
content-length
123004
x-hw
1618269524.cds158.fr8.hn,1618269524.cds236.fr8.c
fa-regular-400.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 		149 KB
149 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-regular-400.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867

Request headers

Origin
https://xrp-fund.org
Referer
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
last-modified
Mon, 29 Jul 2019 15:23:08 GMT
etag
"d4e531cbdfed1cd2094595d8779f28a4"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
accept-ranges
bytes
content-length
152164
x-hw
1618269524.cds158.fr8.hn,1618269524.cds210.fr8.c
22xDUUvIfGpPnVA0
xrp-fund.org/.well-known/ddos-guard/id/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xrp-fund.org/.well-known/ddos-guard/id/22xDUUvIfGpPnVA0
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.210.87.58 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
lite614302.nichost.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80c64fc4cc0a490aed8ae2637dd65b2ffadf682eefe1c3ec75560247273088b3

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:44 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=utf-8
22xDUUvIfGpPnVA0
check.ddos-guard.net/set/id/ 		68 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://check.ddos-guard.net/set/id/22xDUUvIfGpPnVA0
Requested by
Host: xrp-fund.org
URL: https://xrp-fund.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.100 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 23:18:44 GMT
server
ddos-guard
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache
content-type
image/png
content-length
68
expires
Thu, 01 Jan 1970 00:00:00 GMT
matomo.php
ceoeth.matomo.cloud/ 		0
314 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ceoeth.matomo.cloud/matomo.php?action_name=Ripple%20Giveaway&idsite=2&rec=1&r=727870&h=1&m=18&s=44&url=https%3A%2F%2Fxrp-fund.org%2F&_id=6dd0a9a6d637a369&_idn=1&_refts=0&send_image=0&cookie=1&res=1600x1200&pv_id=od9j8c&pf_net=131.13499991595745&pf_srv=62.785000540316105&pf_tfr=0.8649993687868118
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/ceoeth.matomo.cloud/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.167.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-167-155.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xrp-fund.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
https://xrp-fund.org
Date
Mon, 12 Apr 2021 23:18:44 GMT
Cache-Control
max-age=691200
Access-Control-Allow-Credentials
true
Server
Apache
Vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
Expires
Tue, 20 Apr 2021 23:18:44 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _paq object| AOS object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| $ function| jQuery function| Toast function| CopyToClipboard object| scrollElem function| randomString function| randomStringHashBTC number| divCounter function| randomInteger function| randomIntegerBTC function| getRandomArbitrary function| getRundomMnogitel function| GenerateAddress function| GenerateHash function| genDiv number| rand

2 Cookies

Domain/Path Name / Value
xrp-fund.org/ Name: _pk_ses.2.bc9b
Value: 1
xrp-fund.org/ Name: _pk_id.2.bc9b
Value: 6dd0a9a6d637a369.1618269524.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.matomo.cloud
ceoeth.matomo.cloud
check.ddos-guard.net
i.imgur.com
pro.fontawesome.com
unpkg.com
xrp-fund.org
151.101.112.193
151.139.128.8
178.210.87.58
185.129.100.100
2600:9000:2182:b200:c:7d55:b3c0:93a1
2606:4700::6810:7daf
52.59.167.155
017753b655d2c94f7cb0fcf45db5c2fda057aaa4e8e4653963ef251519ad0b3b
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
3722e664ee6f3aa843e4280f251e59d1473706574ecdb8c1423c21f11976896e
40c03d9eb381232262270f6266e81db9affdd08bb8bd56bd9d6551e6b3c45a21
475461dbaecdabf79083b4374920d5cbf7f9d2334c1e2b991416db0bb3227006
47d49ac48c48a8901a581edf4f8d9a309527d3bd56f6b525d1592cd5d046cf2e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
68bd7884e1c3b43ee3bd7d93aba68513f24b1273558962b69cbe672644fd215a
7a1202d817d51f33d93ea003ba5555f0607903360f81349060811d976363a3fe
80c64fc4cc0a490aed8ae2637dd65b2ffadf682eefe1c3ec75560247273088b3
8305ff999b656765973cf7c0dfd59f2fc048db655adc9b3a4b996c1bc02e743b
8c101c127cbaca7029d3d578fa9c7bfe53a879d7ae5a34b8ad57af7c80bae896
8e681315667a7e8214de4505ba89694f7dfb051de8161a6ba95191fb5eac7f96
c3334b82eebc70a2f34466cda9ed8859a4895592472b4fd6830c03022b0722af
d0097a7985b09d917f0c53c9f8d1e0f2c93f306e291416c93e9460b112f611a3
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710