trastvalets.shop
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Submission Tags: @ecarlesi threat #phishing #trustwallet Search All
Submission: On September 23 via api from NO — Scanned from NL
Summary
This is the only time trastvalets.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Trustwallet (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
trastvalets.shop
trastvalets.shop |
593 KB |
1 |
crashlytics.ru
api.crashlytics.ru — Cisco Umbrella Rank: 748881 |
705 B |
0 |
trustwalletapp.com
Failed
analytics.trustwalletapp.com Failed |
|
23 | 3 |
Domain | Requested by | |
---|---|---|
21 | trastvalets.shop |
trastvalets.shop
|
1 | api.crashlytics.ru |
trastvalets.shop
|
0 | analytics.trustwalletapp.com Failed |
trastvalets.shop
|
23 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
trustwallet.com |
appgallery.huawei.com |
facebook.com |
github.com |
instagram.com |
twitter.com |
reddit.com |
t.me |
apps.apple.com |
community.trustwallet.com |
support.trustwallet.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
crashlytics.ru GTS CA 1P5 |
2023-08-11 - 2023-11-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://trastvalets.shop/
Frame ID: CC2ECE23D46F6D5C33427E7D8357F19C
Requests: 23 HTTP requests in this frame
17 Outgoing links
These are links going to different origins than the main page.
Title: Assets
Search URL Search Domain Scan URL
Title: Staking
Search URL Search Domain Scan URL
Title: Earn+11% APR
Search URL Search Domain Scan URL
Title: NFTs
Search URL Search Domain Scan URL
Title: DApp Browser
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Crypto Wallet for iOS
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
trastvalets.shop/ |
29 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
plausible.js
analytics.trustwalletapp.com/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IBMPlexSans-Regular.woff2
trastvalets.shop/b2530e58478c29984873e1df36b6b627/assets/fonts/IBMPlexSans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IBMPlexSans-Bold.woff2
trastvalets.shop/b2530e58478c29984873e1df36b6b627/assets/fonts/IBMPlexSans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IBMPlexSans-Medium.woff2
trastvalets.shop/b2530e58478c29984873e1df36b6b627/assets/fonts/IBMPlexSans/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
trastvalets.shop/b2530e58478c29984873e1df36b6b627/css/ |
231 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
platform.js
trastvalets.shop/b2530e58478c29984873e1df36b6b627/js/ |
15 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
features-2.svg
trastvalets.shop/b2530e58478c29984873e1df36b6b627/fonts/ |
2 KB 2 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3steps.svg
trastvalets.shop/b2530e58478c29984873e1df36b6b627/fonts/ |
54 KB 17 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
socials.svg
trastvalets.shop/b2530e58478c29984873e1df36b6b627/fonts/ |
9 KB 4 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trust_logotype.svg
trastvalets.shop/b2530e58478c29984873e1df36b6b627/fonts/ |
14 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flags.png
trastvalets.shop/b2530e58478c29984873e1df36b6b627/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download_buttons.svg
trastvalets.shop/b2530e58478c29984873e1df36b6b627/fonts/ |
53 KB 18 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.svg
trastvalets.shop/b2530e58478c29984873e1df36b6b627/fonts/ |
257 B 984 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IBMPlexSans-Medium.woff2
trastvalets.shop/b2530e58478c29984873e1df36b6b627/fonts/ |
58 KB 59 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IBMPlexSans-Bold.woff2
trastvalets.shop/b2530e58478c29984873e1df36b6b627/fonts/ |
55 KB 56 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IBMPlexSans-Regular.woff2
trastvalets.shop/b2530e58478c29984873e1df36b6b627/fonts/ |
55 KB 56 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_trustwallet_app.png
trastvalets.shop/b2530e58478c29984873e1df36b6b627/images/ |
132 KB 133 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_cards.png
trastvalets.shop/b2530e58478c29984873e1df36b6b627/images/ |
53 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_dex.png
trastvalets.shop/b2530e58478c29984873e1df36b6b627/images/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_security.png
trastvalets.shop/b2530e58478c29984873e1df36b6b627/images/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dapp_preview.png
trastvalets.shop/b2530e58478c29984873e1df36b6b627/images/ |
56 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
api.crashlytics.ru/tracking/ |
137 B 705 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- analytics.trustwalletapp.com
- URL
- https://analytics.trustwalletapp.com/js/plausible.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Trustwallet (Crypto)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| UAParser4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
trastvalets.shop/ | Name: flow Value: 11844 |
|
trastvalets.shop/ | Name: PHPSESSID Value: n5j3grbnbsnp5dgqggtsvfu5ub |
|
trastvalets.shop/ | Name: channel_id Value: 811 |
|
trastvalets.shop/ | Name: PHPPREFS Value: full |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.trustwalletapp.com
api.crashlytics.ru
trastvalets.shop
analytics.trustwalletapp.com
188.114.97.3
2a06:98c1:3120::3
067ccd7b3a3dce864ebf5dfe88ea76adcbdb292818e10254b33894685b5a6458
0b253e3337a768af72eb21f987e342de347b9aaf5e02fae1ba8d30f942e8f81a
0eb4b343b36aa2ef18a0ccb84c6b4e6acdbd42565740f356216548523777879f
35c504390954b64fd21322b2f6ddae2888165a6c3c0dddb2db390b6dba9670ba
3d1aada0e521a463abf690949f377d02bd5049ed143a37ca54b150dc4fc4277a
42a2f82b8f4a2ae21bf08916bd5b3e8958e47c1fa77f90420d0c7c3ab4e6c071
44ae63e697e7944429e66ea663a056804c506523d5d204a1592540a21b00ec8f
48004b6fa37cde74df6e95aa734026c03162f34f7ea8f215b744d3232ceaf919
61ea304b4cef90b7cbdeb0ca437f90128bd4e52323e19a86e7ea6a50d568d1c8
7e0fcff6654ef33ffca2dbff6a26b2a94612321c39cda664e1f7116769f6b70f
8087e096f948b0f632c3ba9e562b097e049da8c16a459f6598ec9d11be1618c8
9574464982d6510b24574af8dd38b7283f78bc0067771a2f200d2e0a3252f02d
988dafc13c20f44ce185cb96374f53d9a459acb733fc44e19cc1a2e17bbcbfb2
c4d8388921fdcf9c9a7117b16cdb6c212ed663d927a558408c4de3a7f608a1d5
cb21216c0adb781a45b691799566222a0bd8711769d21557a282a1b59a34d963
d033e1cd7b23a6ed209a9c6a324357130232f8dcea448521503ab336c5ec6b59
d875556135e6cd96c417240f22d3744feede77b33fa93287c553193fed04233e
f312756d71db246f713e69ed002bf806bbf4a0578b119a999b75f5c1e05b102c
f530a6aa98e16cbfef28b40d54371d3fa675b162d003f56acf2738b5bfd86115