download-trustwallet.com Open in urlscan Pro
103.125.85.61 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://download-trustwallet.com/zh_CN/
Submission: On June 01 via manual (June 1st 2022, 3:23:48 pm UTC) from NL — Scanned from NL

Summary HTTP 18 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 103.125.85.61, located in Malaysia and belongs to MYTEK-AS-AP Defense Australia Network, AU. The main domain is download-trustwallet.com.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.

This is the only time download-trustwallet.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Trustwallet (Crypto)

Domain & IP information

	IP Address		AS Autonomous System
1 18	103.125.85.61 103.125.85.61		132825 (MYTEK-AS-...) (MYTEK-AS-AP Defense Australia Network)
18	2

18 103.125.85.61 (Malaysia) 1 redirects

ASN132825 (MYTEK-AS-AP Defense Australia Network, AU)

download-trustwallet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	download-trustwallet.com 1 redirects download-trustwallet.com	679 KB
0	trustwalletapp.com Failed analytics.trustwalletapp.com Failed
18	2

	Domain	Requested by
18	download-trustwallet.com	1 redirects download-trustwallet.com
0	analytics.trustwalletapp.com Failed	download-trustwallet.com
18	2

This site contains links to these domains. Also see Links.

Domain
z8k6.net
play.google.com
appgallery.huawei.com
facebook.com
github.com
instagram.com
twitter.com
reddit.com
t.me
community.trustwallet.com
support.trustwallet.com

Subject Issuer	Validity	Valid
download-trustwallet.com R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://download-trustwallet.com/zh_CN/
Frame ID: 3172C15FC1815D636CA6F12FE4E7E78F
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

最好的加密货币钱包 | 以太坊钱包 | ERC20 钱包 | Trust Wallet

Page URL History Show full URLs

https://download-trustwallet.com/zh_CN HTTP 301
https://download-trustwallet.com/zh_CN/ Page URL

Page Statistics

18
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

679 kB
Transfer

897 kB
Size

0
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://z8k6.net/56uah

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.wallet.crypto.trustapp&referrer=utm_source%3Dwebsite

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C103425801

Search URL Search Domain Scan URL

URL: https://facebook.com/trustwalletapp

Search URL Search Domain Scan URL

URL: https://github.com/trustwallet

Search URL Search Domain Scan URL

URL: https://instagram.com/trustwallet

Search URL Search Domain Scan URL

URL: https://twitter.com/trustwallet

Search URL Search Domain Scan URL

URL: https://reddit.com/r/trustapp

Search URL Search Domain Scan URL

URL: https://t.me/trust_announcements

Search URL Search Domain Scan URL

URL: https://community.trustwallet.com/
Title: 社区

Search URL Search Domain Scan URL

URL: https://community.trustwallet.com/c/helpcenter
Title: 帮助中心

Search URL Search Domain Scan URL

URL: https://support.trustwallet.com/
Title: 技术支持

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://download-trustwallet.com/zh_CN HTTP 301
https://download-trustwallet.com/zh_CN/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
download-trustwallet.com/zh_CN/
Redirect Chain

https://download-trustwallet.com/zh_CN
https://download-trustwallet.com/zh_CN/

32 KB
7 KB

273ms
273ms

Document
text/html

103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to

Full URL: https://download-trustwallet.com/zh_CN/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software: nginx / Express
Resource Hash: 5ca0ddeebd56b085a9b98d2fe15414ec4843921d5c1703a65ff4b3d5a52f90d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 01 Jun 2022 15:23:36 GMT
etag: W/"7fc1-lL10CdNBOoZrVcje2YcnfWzbutw"
server: nginx
vary: Accept-Encoding
x-cache: MISS
x-powered-by: Express

Redirect headers

cache-control: no-cache
content-length: 177
content-security-policy: default-src 'none'
content-type: text/html; charset=UTF-8
date: Wed, 01 Jun 2022 15:23:35 GMT
location: /zh_CN/
server: nginx
x-cache: MISS
x-content-type-options: nosniff
x-powered-by: Express

GET plausible.js
analytics.trustwalletapp.com/js/ 0
0

GET
H2 200 IBMPlexSans-Regular.woff2
download-trustwallet.com/assets/fonts/IBMPlexSans/ 55 KB
55 KB 544ms
543ms Font
font/woff2 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to

Full URL

https://download-trustwallet.com/assets/fonts/IBMPlexSans/IBMPlexSans-Regular.woff2

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

dd6cd52bf15d2f5bf7519cd3d876ae2d37306e77d1a95a63e867e6c95ab9c49e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://download-trustwallet.com/zh_CN/
Origin: https://download-trustwallet.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:36 GMT
last-modified: Wed, 22 Dec 2021 06:37:24 GMT
server: nginx
x-powered-by: Express
etag: W/"db78-17de0dbd8a0"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: max-age=43200
accept-ranges: bytes
content-length: 56184
expires: Thu, 02 Jun 2022 03:23:36 GMT

GET
H2 200 IBMPlexSans-Bold.woff2
download-trustwallet.com/assets/fonts/IBMPlexSans/ 55 KB
55 KB 816ms
815ms Font
font/woff2 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to

Full URL

https://download-trustwallet.com/assets/fonts/IBMPlexSans/IBMPlexSans-Bold.woff2

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

8899b62d74d06f482f132b600d49c9a51cf13a3d830ac35d158f8cce65079c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://download-trustwallet.com/zh_CN/
Origin: https://download-trustwallet.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:36 GMT
last-modified: Wed, 22 Dec 2021 06:37:24 GMT
server: nginx
x-powered-by: Express
etag: W/"db30-17de0dbd8a0"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: max-age=43200
accept-ranges: bytes
content-length: 56112
expires: Thu, 02 Jun 2022 03:23:36 GMT

GET
H2 200 IBMPlexSans-Medium.woff2
download-trustwallet.com/assets/fonts/IBMPlexSans/ 58 KB
59 KB 817ms
816ms Font
font/woff2 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to

Full URL

https://download-trustwallet.com/assets/fonts/IBMPlexSans/IBMPlexSans-Medium.woff2

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

a61c089861e3cd5bb3a48cf80da84cbe10bd65b5ef6a9276fa43f4e8599876cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://download-trustwallet.com/zh_CN/
Origin: https://download-trustwallet.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:36 GMT
last-modified: Wed, 22 Dec 2021 06:37:24 GMT
server: nginx
x-powered-by: Express
etag: W/"e958-17de0dbd8a0"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: max-age=43200
accept-ranges: bytes
content-length: 59736
expires: Thu, 02 Jun 2022 03:23:36 GMT

GET
H2 200 main.css
download-trustwallet.com/css/ 231 KB
45 KB 818ms
817ms Stylesheet
text/css 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to

Full URL

https://download-trustwallet.com/css/main.css

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

b7c4b21a7ee8834aeae6de5843ee4702970f33c3f8a23bfd9cb460b3ffde0d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:36 GMT
content-encoding: gzip
etag: W/"39d6b-17de128f6d0"
last-modified: Wed, 22 Dec 2021 08:01:38 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Thu, 02 Jun 2022 03:23:36 GMT

GET
H2 200 platform.js Show response
download-trustwallet.com/assets/js/ 19 KB
7 KB 818ms
818ms Script
application/javascript 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to

Full URL

https://download-trustwallet.com/assets/js/platform.js

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

c4b4cf14b092c55a0dc99fd3f580fd37d6127469b890fe1bf04d0119d75fb841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:36 GMT
content-encoding: gzip
etag: W/"4a6a-17de0dbd8a0"
last-modified: Wed, 22 Dec 2021 06:37:24 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Thu, 02 Jun 2022 03:23:36 GMT

GET
H2 200 trust_logotype.svg
download-trustwallet.com/assets/images/ 14 KB
15 KB 273ms
272ms Image
image/svg+xml 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download-trustwallet.com/assets/images/trust_logotype.svg
Requested by: Host: download-trustwallet.com
URL: https://download-trustwallet.com/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software: nginx / Express
Resource Hash: 61ea304b4cef90b7cbdeb0ca437f90128bd4e52323e19a86e7ea6a50d568d1c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Wed, 22 Dec 2021 06:37:24 GMT
server: nginx
x-powered-by: Express
etag: W/"391d-17de0dbd8a0"
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0, no-cache
accept-ranges: bytes
content-length: 14621

GET
H2 200 download_buttons.svg
download-trustwallet.com/assets/images/ 53 KB
53 KB 274ms
273ms Image
image/svg+xml 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download-trustwallet.com/assets/images/download_buttons.svg
Requested by: Host: download-trustwallet.com
URL: https://download-trustwallet.com/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software: nginx / Express
Resource Hash: 3d1aada0e521a463abf690949f377d02bd5049ed143a37ca54b150dc4fc4277a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Wed, 22 Dec 2021 06:37:24 GMT
server: nginx
x-powered-by: Express
etag: W/"d3c5-17de0dbd8a0"
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0, no-cache
accept-ranges: bytes
content-length: 54213

GET
H2 200 features-2.svg
download-trustwallet.com/assets/images/ 2 KB
2 KB 271ms
271ms Other
image/svg+xml 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to

Full URL: https://download-trustwallet.com/assets/images/features-2.svg
Requested by: Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software: nginx / Express
Resource Hash: f312756d71db246f713e69ed002bf806bbf4a0578b119a999b75f5c1e05b102c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Tue, 21 Dec 2021 09:54:35 GMT
server: nginx
x-powered-by: Express
etag: W/"856-17ddc6a0378"
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0, no-cache
accept-ranges: bytes
content-length: 2134

GET
H2 200 3steps.svg
download-trustwallet.com/assets/images/ 54 KB
55 KB 272ms
272ms Other
image/svg+xml 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to

Full URL: https://download-trustwallet.com/assets/images/3steps.svg
Requested by: Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software: nginx / Express
Resource Hash: 8087e096f948b0f632c3ba9e562b097e049da8c16a459f6598ec9d11be1618c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Tue, 21 Dec 2021 10:13:05 GMT
server: nginx
x-powered-by: Express
etag: W/"d958-17ddc7af368"
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0, no-cache
accept-ranges: bytes
content-length: 55640

GET
H2 200 check.svg
download-trustwallet.com/assets/images/ 257 B
468 B 276ms
276ms Image
image/svg+xml 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download-trustwallet.com/assets/images/check.svg
Requested by: Host: download-trustwallet.com
URL: https://download-trustwallet.com/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software: nginx / Express
Resource Hash: 0eb4b343b36aa2ef18a0ccb84c6b4e6acdbd42565740f356216548523777879f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Tue, 21 Dec 2021 09:56:26 GMT
server: nginx
x-powered-by: Express
etag: W/"101-17ddc6bb510"
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0, no-cache
accept-ranges: bytes
content-length: 257

GET
H2 200 home_trustwallet_app.png
download-trustwallet.com/assets/images/ 132 KB
133 KB 506ms
505ms Image
image/png 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-trustwallet.com/assets/images/home_trustwallet_app.png

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

9574464982d6510b24574af8dd38b7283f78bc0067771a2f200d2e0a3252f02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Tue, 21 Dec 2021 09:54:35 GMT
server: nginx
x-powered-by: Express
etag: W/"211c9-17ddc6a0378"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 135625
expires: Thu, 02 Jun 2022 03:23:37 GMT

GET
H2 200 home_cards.png
download-trustwallet.com/assets/images/ 53 KB
53 KB 507ms
507ms Image
image/png 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-trustwallet.com/assets/images/home_cards.png

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

0b253e3337a768af72eb21f987e342de347b9aaf5e02fae1ba8d30f942e8f81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Tue, 21 Dec 2021 09:54:35 GMT
server: nginx
x-powered-by: Express
etag: W/"d331-17ddc6a0378"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 54065
expires: Thu, 02 Jun 2022 03:23:37 GMT

GET
H2 200 home_dex.png
download-trustwallet.com/assets/images/ 37 KB
37 KB 507ms
507ms Image
image/png 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-trustwallet.com/assets/images/home_dex.png

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

d033e1cd7b23a6ed209a9c6a324357130232f8dcea448521503ab336c5ec6b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Tue, 21 Dec 2021 09:54:35 GMT
server: nginx
x-powered-by: Express
etag: W/"9267-17ddc6a0378"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 37479
expires: Thu, 02 Jun 2022 03:23:37 GMT

GET
H2 200 home_security.png
download-trustwallet.com/assets/images/ 37 KB
37 KB 507ms
507ms Image
image/png 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-trustwallet.com/assets/images/home_security.png

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

7e0fcff6654ef33ffca2dbff6a26b2a94612321c39cda664e1f7116769f6b70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Tue, 21 Dec 2021 09:54:35 GMT
server: nginx
x-powered-by: Express
etag: W/"92e0-17ddc6a0378"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 37600
expires: Thu, 02 Jun 2022 03:23:37 GMT

GET
H2 200 dapp_preview.png
download-trustwallet.com/assets/images/ 56 KB
56 KB 530ms
529ms Image
image/png 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-trustwallet.com/assets/images/dapp_preview.png

Requested by

Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),

Reverse DNS

Software

nginx / Express

Resource Hash

c4d8388921fdcf9c9a7117b16cdb6c212ed663d927a558408c4de3a7f608a1d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Tue, 21 Dec 2021 10:13:05 GMT
server: nginx
x-powered-by: Express
etag: W/"e00f-17ddc7af368"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=43200
accept-ranges: bytes
content-length: 57359
expires: Thu, 02 Jun 2022 03:23:37 GMT

GET
H2 200 socials.svg
download-trustwallet.com/assets/images/ 9 KB
9 KB 534ms
534ms Other
image/svg+xml 103.125.85.61
MYTEK-AS-AP Defen...

General

Check archive.org

Show headers Download Go to

Full URL: https://download-trustwallet.com/assets/images/socials.svg
Requested by: Host: download-trustwallet.com
URL: https://download-trustwallet.com/zh_CN/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.125.85.61 , Malaysia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software: nginx / Express
Resource Hash: cb3edb46bea3b56e9d8c45ab79a3bda07d989071b5006c7168e33f5204e95dd5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://download-trustwallet.com/zh_CN/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:23:37 GMT
last-modified: Wed, 22 Dec 2021 06:37:24 GMT
server: nginx
x-powered-by: Express
etag: W/"234b-17de0dbd8a0"
x-cache: MISS
content-type: image/svg+xml
cache-control: public, max-age=0, no-cache
accept-ranges: bytes
content-length: 9035

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.trustwalletapp.com
URL: https://analytics.trustwalletapp.com/js/plausible.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Trustwallet (Crypto)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://analytics.trustwalletapp.com/js/plausible.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.trustwalletapp.com
download-trustwallet.com
analytics.trustwalletapp.com
103.125.85.61
0b253e3337a768af72eb21f987e342de347b9aaf5e02fae1ba8d30f942e8f81a
0eb4b343b36aa2ef18a0ccb84c6b4e6acdbd42565740f356216548523777879f
3d1aada0e521a463abf690949f377d02bd5049ed143a37ca54b150dc4fc4277a
5ca0ddeebd56b085a9b98d2fe15414ec4843921d5c1703a65ff4b3d5a52f90d6
61ea304b4cef90b7cbdeb0ca437f90128bd4e52323e19a86e7ea6a50d568d1c8
7e0fcff6654ef33ffca2dbff6a26b2a94612321c39cda664e1f7116769f6b70f
8087e096f948b0f632c3ba9e562b097e049da8c16a459f6598ec9d11be1618c8
8899b62d74d06f482f132b600d49c9a51cf13a3d830ac35d158f8cce65079c20
9574464982d6510b24574af8dd38b7283f78bc0067771a2f200d2e0a3252f02d
a61c089861e3cd5bb3a48cf80da84cbe10bd65b5ef6a9276fa43f4e8599876cf
b7c4b21a7ee8834aeae6de5843ee4702970f33c3f8a23bfd9cb460b3ffde0d84
c4b4cf14b092c55a0dc99fd3f580fd37d6127469b890fe1bf04d0119d75fb841
c4d8388921fdcf9c9a7117b16cdb6c212ed663d927a558408c4de3a7f608a1d5
cb3edb46bea3b56e9d8c45ab79a3bda07d989071b5006c7168e33f5204e95dd5
d033e1cd7b23a6ed209a9c6a324357130232f8dcea448521503ab336c5ec6b59
dd6cd52bf15d2f5bf7519cd3d876ae2d37306e77d1a95a63e867e6c95ab9c49e
f312756d71db246f713e69ed002bf806bbf4a0578b119a999b75f5c1e05b102c

download-trustwallet.com Open in urlscan Pro 103.125.85.61 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

679 kBTransfer

897 kBSize

0 Cookies

12 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

download-trustwallet.com Open in urlscan Pro
103.125.85.61 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

679 kB
Transfer

897 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!