xmr-tw.org
Open in
urlscan Pro
104.24.99.108
Public Scan
Effective URL: https://xmr-tw.org/
Submission Tags: phishing malicious Search All
Submission: On May 09 via api from GB
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on April 14th 2019. Valid for: 6 months.
This is the only time xmr-tw.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.24.98.108 104.24.98.108 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
10 | 104.24.99.108 104.24.99.108 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2620:0:862:ed... 2620:0:862:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA - Wikimedia Foundation Inc.) | |
3 | 2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 87.98.154.146 87.98.154.146 | 16276 (OVH) (OVH) | |
2 | 2a00:1450:400... 2a00:1450:4001:81c::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
23 | 9 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
xmr-tw.org |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
xmr-tw.org |
ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US)
upload.wikimedia.org |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
xmr-tw.org
1 redirects
xmr-tw.org |
614 KB |
3 |
facebook.com
staticxx.facebook.com www.facebook.com |
|
2 |
google-analytics.com
www.google-analytics.com |
17 KB |
2 |
facebook.net
connect.facebook.net |
60 KB |
2 |
wikimedia.org
upload.wikimedia.org |
11 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
29 KB |
1 |
monero.how
www.monero.how |
|
1 |
googletagmanager.com
www.googletagmanager.com |
24 KB |
23 | 8 |
Domain | Requested by | |
---|---|---|
11 | xmr-tw.org |
1 redirects
xmr-tw.org
|
2 | www.facebook.com |
connect.facebook.net
|
2 | www.google-analytics.com |
www.googletagmanager.com
xmr-tw.org |
2 | connect.facebook.net |
xmr-tw.org
connect.facebook.net |
2 | upload.wikimedia.org |
xmr-tw.org
|
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | www.monero.how |
xmr-tw.org
|
1 | ajax.googleapis.com |
xmr-tw.org
|
1 | fonts.googleapis.com |
xmr-tw.org
|
1 | www.googletagmanager.com |
xmr-tw.org
|
23 | 10 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni167022.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-04-14 - 2019-10-21 |
6 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-04-16 - 2019-07-09 |
3 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-04-16 - 2019-07-09 |
3 months | crt.sh |
*.wikipedia.org GlobalSign Organization Validation CA - SHA256 - G2 |
2018-11-08 - 2019-11-22 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-03-08 - 2019-06-06 |
3 months | crt.sh |
aponte.ch Let's Encrypt Authority X3 |
2019-04-15 - 2019-07-14 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://xmr-tw.org/
Frame ID: 4B57DC32EA64FEEEADE49953BAA6E595
Requests: 19 HTTP requests in this frame
Frame:
https://www.monero.how/widget
Frame ID: BD84F57577FE69867A59DBE499F3C81C
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: C75F6D2DBF27AF337614668CFAE1143A
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=348572471919049&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df23d7d25b1fb03c%26domain%3Dxmr-tw.org%26origin%3Dhttps%253A%252F%252Fxmr-tw.org%252Ff38cb96ec77c7c4%26relation%3Dparent.parent&container_width=253&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2FMoneroTaiwan%2F&locale=zh_TW&sdk=joey&show_facepile=true&small_header=true&width=250
Frame ID: 6C5E9CDC8268247FE547415AF4F5BC69
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v3.2/plugins/group.php?app_id=348572471919049&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df1f66fa365edce8%26domain%3Dxmr-tw.org%26origin%3Dhttps%253A%252F%252Fxmr-tw.org%252Ff38cb96ec77c7c4%26relation%3Dparent.parent&container_width=253&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2FMoneroTaiwan%2F&locale=zh_TW&sdk=joey&show_metadata=false&show_social_context=false&width=250
Frame ID: 8CBA60DEC0830C7BFF8C73CB35899FB4
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://xmr-tw.org/
HTTP 301
https://xmr-tw.org/ Page URL
Detected technologies
Varnish (Cache Tools) ExpandDetected patterns
- headers via /.*Varnish/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
29 Outgoing links
These are links going to different origins than the main page.
Title: https://monerobase.com/article/monero_devmeeting_2018-12-16
Search URL Search Domain Scan URL
Title: 正在進行
Search URL Search Domain Scan URL
Title: https://monerobase.com/article/monero_devmeeting_2018-10-14
Search URL Search Domain Scan URL
Title: 使用手冊/教學文件
Search URL Search Domain Scan URL
Title: 在先前的討論中看到
Search URL Search Domain Scan URL
Title: 描述了一個可能的攻擊假設
Search URL Search Domain Scan URL
Title: 這個 pull request 中
Search URL Search Domain Scan URL
Title: https://getmonero.org/2018/09/25/a-post-mortum-of-the-burning-bug.html
Search URL Search Domain Scan URL
Title: 在 HackerOne 上有完整的報告
Search URL Search Domain Scan URL
Title: 最早是在 GitHub 上被提出
Search URL Search Domain Scan URL
Title: 這份 PR 中被 moneromooo 修正
Search URL Search Domain Scan URL
Title: 完整報告關於如何利用此漏洞
Search URL Search Domain Scan URL
Title: 在此份PR中修正
Search URL Search Domain Scan URL
Title: 在此查看
Search URL Search Domain Scan URL
Title: https://getmonero.org/2018/09/05/a-post-mortum-of-the-multiple-counting-bug-2018-09-05.html
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: XMR.to 區塊瀏覽器
Search URL Search Domain Scan URL
Title: XMRchain 區塊瀏覽器
Search URL Search Domain Scan URL
Title: Monerohash 區塊瀏覽器
Search URL Search Domain Scan URL
Title: MorphToken
Search URL Search Domain Scan URL
Title: XMR.TO
Search URL Search Domain Scan URL
Title: LocalMonero
Search URL Search Domain Scan URL
Title: 礦池算力分佈
Search URL Search Domain Scan URL
Title: 全球節點分佈
Search URL Search Domain Scan URL
Title: 創用 CC 姓名標示 4.0 國際 授權條款
Search URL Search Domain Scan URL
Title: Hexo
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://xmr-tw.org/
HTTP 301
https://xmr-tw.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
xmr-tw.org/ Redirect Chain
|
48 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
63 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
858 B 475 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
xmr-tw.org/css/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logowspace.png
xmr-tw.org/images/site/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v0.14.png
xmr-tw.org/2019/02/21/monero-0-14-0-release/ |
359 KB 360 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
officiallinkwallet.png
xmr-tw.org/images/site/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Get_it_on_Google_play.svg
upload.wikimedia.org/wikipedia/commons/c/cd/ |
22 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Download_on_the_App_Store_Badge.svg
upload.wikimedia.org/wikipedia/commons/3/3c/ |
12 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brave.png
xmr-tw.org/images/site/ |
101 KB 102 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/zh_TW/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.css
xmr-tw.org/fancybox/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fancybox.pack.js
xmr-tw.org/fancybox/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
xmr-tw.org/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget
www.monero.how/ Frame BD84 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/zh_TW/ |
195 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff
xmr-tw.org/css/fonts/ |
43 KB 44 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame C75F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.php
www.facebook.com/v3.2/plugins/ Frame 6C5E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
group.php
www.facebook.com/v3.2/plugins/ Frame 8CBA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| gtag object| dataLayer object| FB object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.monero.how/ | Name: _gid Value: GA1.2.444057970.1557387612 |
|
.xmr-tw.org/ | Name: _gat_gtag_UA_101869289_1 Value: 1 |
|
.monero.how/ | Name: _ga Value: GA1.2.423950206.1557387612 |
|
.xmr-tw.org/ | Name: _gid Value: GA1.2.1657880946.1557387612 |
|
www.monero.how/ | Name: SERVERID68970 Value: 264063 |
|
.xmr-tw.org/ | Name: _ga Value: GA1.2.856232318.1557387612 |
|
.monero.how/ | Name: _gat Value: 1 |
|
.xmr-tw.org/ | Name: __cfduid Value: d4ffef071b20cfc74dadfbe33ade5bcbf1557387611 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
connect.facebook.net
fonts.googleapis.com
staticxx.facebook.com
upload.wikimedia.org
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.monero.how
xmr-tw.org
104.24.98.108
104.24.99.108
2620:0:862:ed1a::2:b
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
87.98.154.146
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
342e43478b3e532b2c8d3768226d317ff98944266db4a752590134296392a39d
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
5512f400cac3fbb1fdfbb02989ed098f88a2af5a6e4ba3d88a039bc421ea7ffe
5cd2e2c0392c1bff91cbee932a6d15df14865f0c9207ebb20d05dea6a308ba1d
75d01da796f8ce165fe36ec42699091ddca7d25756c27f1cb30c4e273bd739b8
7ee1ea7ac6214999bd922bc02205ce3f84194aa35a2dfc71633c6e8ea21ac205
82af2a0ae337f1d9f253987bc2ef24e798e381e20a934dd6772580ddd6872db1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a60d07411ac999836d05339fa52a118891730b2eb226dfb73bac780edf2f4c06
a6d9f503d9030b62ea2aee549f75589793fb752dc0605f6eb3477b24270a9fae
bb2e222d7a3a63c35abebf3dbdd32056cfa4411244ef37ed778d795f0c21a96b
c7a26afa5331a4f7e0f5ef7d02a6162fcc9eb9f9e8a3364ec2f9b4eb4007c767
d2b01dac3625162a23ecd2ee91313d708d2a74ad67cc61c6ead55d718659c3a9
e67289b40b3f1e12b3fdc56f01306fa5522a9c702b5b17ee535b31711b466f36
f4d3a8762c831c1da6c3bade717791734dc686fa6dae2e1813d5c672d7b09798