prodownloadtrust.top

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3033::ac43:d0c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is prodownloadtrust.top.
TLS certificate: Issued by GTS CA 1P5 on July 11th 2023. Valid for: 3 months.

This is the only time prodownloadtrust.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: imToken (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3033::ac43:d0c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	1

1 2606:4700:3032::6815:246 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

downloadtrustpro.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::ac43:d0c6 (United States)

ASN13335 (CLOUDFLARENET, US)

prodownloadtrust.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	prodownloadtrust.top prodownloadtrust.top	112 KB
1	downloadtrustpro.top 1 redirects downloadtrustpro.top	442 B
5	2

	Domain	Requested by
5	prodownloadtrust.top	prodownloadtrust.top
1	downloadtrustpro.top	1 redirects
5	2

This site contains no links.

Subject Issuer	Validity	Valid
prodownloadtrust.top GTS CA 1P5	`2023-07-11` - `2023-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://prodownloadtrust.top/
Frame ID: 1FD552C2A1A8CA028CDDF19FBF68FAAA
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trust Wallet

Page URL History Show full URLs

https://downloadtrustpro.top/ HTTP 301
https://prodownloadtrust.top/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

112 kB
Transfer

223 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://downloadtrustpro.top/ HTTP 301
https://prodownloadtrust.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response prodownloadtrust.top/ Redirect Chain https://downloadtrustpro.top/ https://prodownloadtrust.top/	2 KB 1 KB	496ms 323ms	Document text/html	2606:4700:3033::ac43:d0c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prodownloadtrust.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d0c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a1e6323fc994f3e43dbbb13bf430c552e265df3762cfacae890ccab43f887508` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e58891329612c22-FRA content-encoding br content-type text/html date Wed, 12 Jul 2023 10:17:16 GMT last-modified Wed, 12 Jul 2023 02:35:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyew3CKz3JzITK%2BZP%2FyZso%2BG%2B94LkVtdcUcslaF1wVkT6q4RgbAhX2kZ7R2KkO8CmcWhHBeA95mJ46wYci33mM6XxFWOOL5K%2FRbcdjzaiqPvcrA8RJ2dc6cM%2FtAo56rl5gfWGZh5GDwRJk5HmylcgER5WA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e58890fffde360f-FRA content-type text/html date Wed, 12 Jul 2023 10:17:15 GMT location https://prodownloadtrust.top/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxznRTyvgjjp1KJo9FZpQoJVl7ptG%2Be2jevgpcT8IKe03E65JCTHnXSx9Jz2ixM9MqTwuBmRvJmYex1olAW3mWCMI%2FG18kHVOE%2F9dNf6YH20svBEhfEcllybisk4FsWRPcPF9b6KyUJdRwIXwSwpHXaiPw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	index.css prodownloadtrust.top/css/	2 KB 988 B	339ms 337ms	Stylesheet text/css	2606:4700:3033::ac43:d0c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prodownloadtrust.top/css/index.css Requested by Host: prodownloadtrust.top URL: https://prodownloadtrust.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d0c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `41817bd8fdd01e848c1fb87073bf000663bb2f244ca7ed9c50d95e96b6a9cd0b` Request headers accept-language de-DE,de;q=0.9 Referer https://prodownloadtrust.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 10:17:16 GMT content-encoding br cf-cache-status MISS last-modified Sat, 05 Nov 2022 05:21:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6365f2ec-638" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS6i1rZqWS%2FYRswzlKwXM0HHoaw2kWbx5ZYQ9q4OH4WWaUjnImOWnqEbCA4ernSgi6C7Y%2BpnxwuPZ2nHf927NNXqy52uhBMtf0EHb2tY91An1OjGR0q5IIdY0iGmdXjFBQBd9U7iSyfEA6D4ZAyvw10q2A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7e5889153bed2c22-FRA alt-svc h3=":443"; ma=86400 expires Wed, 12 Jul 2023 22:17:16 GMT
GET H2	200	vue.global.prod.js Show response prodownloadtrust.top/js/v3.2.8/	122 KB 47 KB	638ms 638ms	Script application/javascript	2606:4700:3033::ac43:d0c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prodownloadtrust.top/js/v3.2.8/vue.global.prod.js Requested by Host: prodownloadtrust.top URL: https://prodownloadtrust.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d0c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a37281f2fb4ea26ffbb995902b0fb79392a059af1080504484bb7422a4a9fddf` Request headers accept-language de-DE,de;q=0.9 Referer https://prodownloadtrust.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 10:17:16 GMT content-encoding br cf-cache-status MISS last-modified Fri, 03 Sep 2021 03:26:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"613195d8-1e82b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4oOFep3zlsBKsUtCVjdHU%2BPTbQS7sghef1uCgslr%2B48NNbR%2FGWE2ijNAj587AyujjprxjdnCybCIjOAExN8XxOwy948buENDA1HijHYvF%2BttrgVzwhZGcD7dWre%2FqktgyVkUoHZ%2BIfDTnnkm6aR%2Bbxw6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7e5889153bee2c22-FRA alt-svc h3=":443"; ma=86400 expires Wed, 12 Jul 2023 22:17:16 GMT
GET H3	200	home_dapps.png prodownloadtrust.top/images/	45 KB 46 KB	635ms 632ms	Image image/png	2606:4700:3033::ac43:d0c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://prodownloadtrust.top/images/home_dapps.png?v=2 Requested by Host: prodownloadtrust.top URL: https://prodownloadtrust.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:d0c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e075e1cdad6e176e330ac0f927da14388ba5ad54cc0888b39dd54051b9987e61` Request headers accept-language de-DE,de;q=0.9 Referer https://prodownloadtrust.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 10:17:17 GMT cf-cache-status MISS last-modified Tue, 28 Mar 2023 16:29:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "642315e4-b462" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfJcjlvHVRxpmuAW2fBgHN%2BNtA8lYlYFr4wKhqH3X9VXayKxu57Wmjhz%2FYP5E1%2FKfMxZeetcKimlOQvPuCyj2C0DxbAXDkZztTLLFniL3dsvowZQ0GrhHDdI7xgGcgvY1AHGujNUsWxNpq9XQhqyyPb5tQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7e5889176b523815-FRA alt-svc h3=":443"; ma=86400 content-length 46178 expires Fri, 11 Aug 2023 10:17:16 GMT
GET H3	200	download_buttons.svg prodownloadtrust.top/images/	53 KB 17 KB	638ms 637ms	Image image/svg+xml	2606:4700:3033::ac43:d0c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://prodownloadtrust.top/images/download_buttons.svg Requested by Host: prodownloadtrust.top URL: https://prodownloadtrust.top/css/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:d0c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3d1aada0e521a463abf690949f377d02bd5049ed143a37ca54b150dc4fc4277a` Request headers accept-language de-DE,de;q=0.9 Referer https://prodownloadtrust.top/css/index.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 10:17:17 GMT content-encoding br cf-cache-status MISS last-modified Thu, 03 Nov 2022 02:55:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63632db4-d3c5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ra%2BoyrMNFFze2YO5M5gA%2B4SHNNNCaInrrKc%2Bj3EUCecX6oeI7a1YVKACzUUiIwC1IlhefFcwfbJ0d8lffe8mUQmVdNVuQvgywM%2FR7XLtickAriOtGn5e8jHLfrz0A8E0lJKpphGdkpoOd2qPXQK84fl3DQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7e588919af513815-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: imToken (Crypto)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| Vue

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

downloadtrustpro.top
prodownloadtrust.top
2606:4700:3032::6815:246
2606:4700:3033::ac43:d0c6
3d1aada0e521a463abf690949f377d02bd5049ed143a37ca54b150dc4fc4277a
41817bd8fdd01e848c1fb87073bf000663bb2f244ca7ed9c50d95e96b6a9cd0b
a1e6323fc994f3e43dbbb13bf430c552e265df3762cfacae890ccab43f887508
a37281f2fb4ea26ffbb995902b0fb79392a059af1080504484bb7422a4a9fddf
e075e1cdad6e176e330ac0f927da14388ba5ad54cc0888b39dd54051b9987e61

prodownloadtrust.top Open in urlscan Pro 2606:4700:3033::ac43:d0c6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

112 kBTransfer

223 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

prodownloadtrust.top Open in urlscan Pro
2606:4700:3033::ac43:d0c6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

112 kB
Transfer

223 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!