ScanMalware.com

Security Scan Report: webassetsapp.ghost.io

Redirected to: https://5aa6563b.trezo-d82.pages.dev/

Submitted: Dec 20, 2025, 12:07:10 PMCompleted: Dec 20, 2025, 12:07:38 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main domain is 5aa6563b.trezo-d82.pages.dev and was registered NaN years ago.

Submitted URL: https://webassetsapp.ghost.io/suite-app/

Effective URL: https://5aa6563b.trezo-d82.pages.dev/Redirected

The Cisco Umbrella rank of the primary domain is #42,708 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

7
Risk Score

Phishing page impersonating Trezor Suite; high risk of credential theft.

Risk Factors
Brand impersonation of Trezor Suite on a non‑official domain
Credential‑harvesting form requesting mnemonic seed phrase
Unusual domain (pages.dev) used to mimic a reputable hardware‑wallet service
Domain age information unavailable

Details

Page Title

Trezor Suite

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

documentation technical

(50%)

Domain Information

Within the British Indian Ocean Territory country-code top-level domain (.io), 'webassetsapp.ghost.io' is registered with subdomain 'webassetsapp'. The registrable portion 'ghost' spans 5 characters containing one vowel alongside four consonants. Splitting it apart reveals one word: ghost. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://webassetsapp.ghost.io/suite-app/

Page Load Overview

1.34s
Total Load Time
17
HTTP Requests
3
Domains
295 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:254 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical50% confidence
Type: static
Method: ml+structural

All Detected Categories

documentation technical
50%
cryptocurrency blockchain
36%
technology software
31%
adult content
26%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5172.66.44.213United States
AS13335CLOUDFLARENET
3151.101.65.229United States
AS54113FASTLY
3151.101.129.229United States
AS54113FASTLY
3146.75.123.7Frankfurt am Main, Hesse, Germany
AS54113FASTLY
3172.66.47.43United States
AS13335CLOUDFLARENET
175--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10782FE50A8105E3A2D236DA647DCDF1CC11BD0D689EB199E3EDF118E07C2BC91BB6B46

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:EQ1fGtTTQBsDofbjK9Xw1vjdj90fgfMMk:BCTQzbeBwVhPk

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:18935:NDW+UOZaNRgvQMtIIV0JCkTgQBoAKS2UIAiAUUArwiIaFwMdJEgpM0gKABZQSiyZGiJAGCTJBgBqZCFMpGoAHgCa3UIoEhQA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fee6e69203fffff7
Perceptual Hash:e657d1082cd9db26
Difference Hash:020e0e2667090b0d
Wavelet Hash:f0e6e08201f1f1f7
Color Hash:#ac535a

Other Hashes

Crop Resistant:020e0e2667090b0d,91b2a2ab70b2b20c

Scan History

Scan history not available

Unable to load historical scan data