download-trustwallet.com
Open in
urlscan Pro
103.125.85.61
Malicious Activity!
Public Scan
Submission: On June 01 via manual from NL — Scanned from NL
Summary
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.
This is the only time download-trustwallet.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Trustwallet (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 103.125.85.61 103.125.85.61 | 132825 (MYTEK-AS-...) (MYTEK-AS-AP Defense Australia Network) | |
18 | 2 |
ASN132825 (MYTEK-AS-AP Defense Australia Network, AU)
download-trustwallet.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
download-trustwallet.com
1 redirects
download-trustwallet.com |
679 KB |
0 |
trustwalletapp.com
Failed
analytics.trustwalletapp.com Failed |
|
18 | 2 |
Domain | Requested by | |
---|---|---|
18 | download-trustwallet.com |
1 redirects
download-trustwallet.com
|
0 | analytics.trustwalletapp.com Failed |
download-trustwallet.com
|
18 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
z8k6.net |
play.google.com |
appgallery.huawei.com |
facebook.com |
github.com |
instagram.com |
twitter.com |
reddit.com |
t.me |
community.trustwallet.com |
support.trustwallet.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
download-trustwallet.com R3 |
2022-01-27 - 2022-04-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://download-trustwallet.com/zh_CN/
Frame ID: 3172C15FC1815D636CA6F12FE4E7E78F
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
最好的加密货币钱包 | 以太坊钱包 | ERC20 钱包 | Trust WalletPage URL History Show full URLs
-
https://download-trustwallet.com/zh_CN
HTTP 301
https://download-trustwallet.com/zh_CN/ Page URL
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 社区
Search URL Search Domain Scan URL
Title: 帮助中心
Search URL Search Domain Scan URL
Title: 技术支持
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://download-trustwallet.com/zh_CN
HTTP 301
https://download-trustwallet.com/zh_CN/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
download-trustwallet.com/zh_CN/ Redirect Chain
|
32 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
plausible.js
analytics.trustwalletapp.com/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IBMPlexSans-Regular.woff2
download-trustwallet.com/assets/fonts/IBMPlexSans/ |
55 KB 55 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IBMPlexSans-Bold.woff2
download-trustwallet.com/assets/fonts/IBMPlexSans/ |
55 KB 55 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IBMPlexSans-Medium.woff2
download-trustwallet.com/assets/fonts/IBMPlexSans/ |
58 KB 59 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
download-trustwallet.com/css/ |
231 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
download-trustwallet.com/assets/js/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trust_logotype.svg
download-trustwallet.com/assets/images/ |
14 KB 15 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
download_buttons.svg
download-trustwallet.com/assets/images/ |
53 KB 53 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
features-2.svg
download-trustwallet.com/assets/images/ |
2 KB 2 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3steps.svg
download-trustwallet.com/assets/images/ |
54 KB 55 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.svg
download-trustwallet.com/assets/images/ |
257 B 468 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_trustwallet_app.png
download-trustwallet.com/assets/images/ |
132 KB 133 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_cards.png
download-trustwallet.com/assets/images/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_dex.png
download-trustwallet.com/assets/images/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_security.png
download-trustwallet.com/assets/images/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dapp_preview.png
download-trustwallet.com/assets/images/ |
56 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socials.svg
download-trustwallet.com/assets/images/ |
9 KB 9 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- analytics.trustwalletapp.com
- URL
- https://analytics.trustwalletapp.com/js/plausible.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Trustwallet (Crypto)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| UAParser0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.trustwalletapp.com
download-trustwallet.com
analytics.trustwalletapp.com
103.125.85.61
0b253e3337a768af72eb21f987e342de347b9aaf5e02fae1ba8d30f942e8f81a
0eb4b343b36aa2ef18a0ccb84c6b4e6acdbd42565740f356216548523777879f
3d1aada0e521a463abf690949f377d02bd5049ed143a37ca54b150dc4fc4277a
5ca0ddeebd56b085a9b98d2fe15414ec4843921d5c1703a65ff4b3d5a52f90d6
61ea304b4cef90b7cbdeb0ca437f90128bd4e52323e19a86e7ea6a50d568d1c8
7e0fcff6654ef33ffca2dbff6a26b2a94612321c39cda664e1f7116769f6b70f
8087e096f948b0f632c3ba9e562b097e049da8c16a459f6598ec9d11be1618c8
8899b62d74d06f482f132b600d49c9a51cf13a3d830ac35d158f8cce65079c20
9574464982d6510b24574af8dd38b7283f78bc0067771a2f200d2e0a3252f02d
a61c089861e3cd5bb3a48cf80da84cbe10bd65b5ef6a9276fa43f4e8599876cf
b7c4b21a7ee8834aeae6de5843ee4702970f33c3f8a23bfd9cb460b3ffde0d84
c4b4cf14b092c55a0dc99fd3f580fd37d6127469b890fe1bf04d0119d75fb841
c4d8388921fdcf9c9a7117b16cdb6c212ed663d927a558408c4de3a7f608a1d5
cb3edb46bea3b56e9d8c45ab79a3bda07d989071b5006c7168e33f5204e95dd5
d033e1cd7b23a6ed209a9c6a324357130232f8dcea448521503ab336c5ec6b59
dd6cd52bf15d2f5bf7519cd3d876ae2d37306e77d1a95a63e867e6c95ab9c49e
f312756d71db246f713e69ed002bf806bbf4a0578b119a999b75f5c1e05b102c