www.restorebasetrust.com
Open in
urlscan Pro
199.188.201.126
Malicious Activity!
Public Scan
Submission: On June 14 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 14th 2021. Valid for: a year.
This is the only time www.restorebasetrust.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Trustwallet (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 199.188.201.126 199.188.201.126 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
20 | 1 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server281-5.web-hosting.com
www.restorebasetrust.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
restorebasetrust.com
www.restorebasetrust.com |
494 KB |
20 | 1 |
Domain | Requested by | |
---|---|---|
20 | www.restorebasetrust.com |
www.restorebasetrust.com
|
20 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
trustwallet.com |
apps.apple.com |
play.google.com |
appgallery.huawei.com |
facebook.com |
github.com |
instagram.com |
twitter.com |
reddit.com |
t.me |
community.trustwallet.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
restorebasetrust.com Sectigo RSA Domain Validation Secure Server CA |
2021-06-14 - 2022-06-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.restorebasetrust.com/
Frame ID: E477A4AB64D12AC762BB4CF65393927E
Requests: 20 HTTP requests in this frame
Screenshot
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Page Statistics
61 Outgoing links
These are links going to different origins than the main page.
Title: Assets
Search URL Search Domain Scan URL
Title: Staking
Search URL Search Domain Scan URL
Title: Earn+130% APR
Search URL Search Domain Scan URL
Title: NFTs
Search URL Search Domain Scan URL
Title: DApp Browser
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Download Now
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Stablecoins
Search URL Search Domain Scan URL
Title: Beta
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: DApp Journey
Search URL Search Domain Scan URL
Title: Press Kit
Search URL Search Domain Scan URL
Title: Submit DApp
Search URL Search Domain Scan URL
Title: Terms Of Service
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Buy Bitcoin with a credit card
Search URL Search Domain Scan URL
Title: Buy Ethereum
Search URL Search Domain Scan URL
Title: Buy BNB
Search URL Search Domain Scan URL
Title: Buy Litecoin
Search URL Search Domain Scan URL
Title: Buy TRON
Search URL Search Domain Scan URL
Title: Buy XRP
Search URL Search Domain Scan URL
Title: Buy Bitcoin Cash
Search URL Search Domain Scan URL
Title: Earn Bitcoin
Search URL Search Domain Scan URL
Title: Earn Ethereum
Search URL Search Domain Scan URL
Title: Earn Binance Coin
Search URL Search Domain Scan URL
Title: Earn Cake
Search URL Search Domain Scan URL
Title: Bitcoin (BTC)
Search URL Search Domain Scan URL
Title: Ethereum (ETH)
Search URL Search Domain Scan URL
Title: Binance Coin (BNB)
Search URL Search Domain Scan URL
Title: Litecoin (LTC)
Search URL Search Domain Scan URL
Title: Ripple (XRP)
Search URL Search Domain Scan URL
Title: Polkadot (DOT)
Search URL Search Domain Scan URL
Title: Stellar (XLM)
Search URL Search Domain Scan URL
Title: Dogecoin (DOGE)
Search URL Search Domain Scan URL
Title: Smartchain (BNB)
Search URL Search Domain Scan URL
Title: Dash (DASH)
Search URL Search Domain Scan URL
Title: TRON (TRX)
Search URL Search Domain Scan URL
Title: Tezos (XTZ)
Search URL Search Domain Scan URL
Title: Cosmos (ATOM)
Search URL Search Domain Scan URL
Title: Kava (KAVA)
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.restorebasetrust.com/ |
25 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IBMPlexSans-Regular.woff2
www.restorebasetrust.com/assets/fonts/IBMPlexSans/ |
55 KB 55 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IBMPlexSans-Bold.woff2
www.restorebasetrust.com/assets/fonts/IBMPlexSans/ |
55 KB 55 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IBMPlexSans-Medium.woff2
www.restorebasetrust.com/assets/fonts/IBMPlexSans/ |
58 KB 59 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.restorebasetrust.com/css/ |
231 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
www.restorebasetrust.com/assets/js/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm5445.html
www.restorebasetrust.com/www.googletagmanager.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.restorebasetrust.com/www.google-analytics.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
features-2.svg
www.restorebasetrust.com/assets/images/ |
2 KB 1021 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3steps.svg
www.restorebasetrust.com/assets/images/ |
54 KB 16 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socials.svg
www.restorebasetrust.com/assets/images/ |
9 KB 4 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trust_logotype.svg
www.restorebasetrust.com/assets/images/ |
14 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flags.png
www.restorebasetrust.com/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
download_buttons.svg
www.restorebasetrust.com/assets/images/ |
53 KB 17 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.svg
www.restorebasetrust.com/assets/images/ |
257 B 470 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_trustwallet_app.png
www.restorebasetrust.com/assets/images/ |
51 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_cards.png
www.restorebasetrust.com/assets/images/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_dex.png
www.restorebasetrust.com/assets/images/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_security.png
www.restorebasetrust.com/assets/images/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dapp_preview.png
www.restorebasetrust.com/assets/images/ |
56 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Trustwallet (Crypto)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer string| GoogleAnalyticsObject function| ga function| UAParser0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.restorebasetrust.com
199.188.201.126
0b253e3337a768af72eb21f987e342de347b9aaf5e02fae1ba8d30f942e8f81a
0eb4b343b36aa2ef18a0ccb84c6b4e6acdbd42565740f356216548523777879f
12d590090795bfd224a3c88bde2829ab1bfcf4d40faf3435a9ff4df246164f32
3d1aada0e521a463abf690949f377d02bd5049ed143a37ca54b150dc4fc4277a
48004b6fa37cde74df6e95aa734026c03162f34f7ea8f215b744d3232ceaf919
61ea304b4cef90b7cbdeb0ca437f90128bd4e52323e19a86e7ea6a50d568d1c8
7e0fcff6654ef33ffca2dbff6a26b2a94612321c39cda664e1f7116769f6b70f
8087e096f948b0f632c3ba9e562b097e049da8c16a459f6598ec9d11be1618c8
8899b62d74d06f482f132b600d49c9a51cf13a3d830ac35d158f8cce65079c20
a61c089861e3cd5bb3a48cf80da84cbe10bd65b5ef6a9276fa43f4e8599876cf
b6e8c97182b7a41b57801b371c95d812d298ba5c4297b7a92247285179a74c3a
c4b4cf14b092c55a0dc99fd3f580fd37d6127469b890fe1bf04d0119d75fb841
c4d8388921fdcf9c9a7117b16cdb6c212ed663d927a558408c4de3a7f608a1d5
d033e1cd7b23a6ed209a9c6a324357130232f8dcea448521503ab336c5ec6b59
d875556135e6cd96c417240f22d3744feede77b33fa93287c553193fed04233e
dd6cd52bf15d2f5bf7519cd3d876ae2d37306e77d1a95a63e867e6c95ab9c49e
f30f1ff81c4484f598ca37193eea2419de79ff5ce5b82f0b1cf46b6b7c5cd433
f312756d71db246f713e69ed002bf806bbf4a0578b119a999b75f5c1e05b102c