vivoqianbaoappguanfangxiazai.com.cn
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of vivoqianbaoappguanfangxiazai.com.cn
This website appears to present itself as the official download page for a Chinese-language digital wallet application called "VIVO钱包" (VIVO Wallet). Based on the page title, metadata, and on-page text, it claims to offer digital asset storage, transfers, account management, and cryptocurrency-related wallet functions, with prominent download and registration prompts aimed at users seeking a wallet app.
The domain name includes Chinese words meaning "official download," which suggests it is targeting users looking for an official app source. However, the operator is not clearly identified in the provided scan data, and the site appears to be hosted on generic third-party infrastructure rather than an obviously attributable corporate environment. The content and branding indicate a finance or cryptocurrency-themed service, but the available data does not establish a verified relationship with any known official VIVO brand entity.
Safety Assessment for vivoqianbaoappguanfangxiazai.com.cn
Multiple independent security signals indicate elevated risk at the time of this scan. The domain was flagged by 14 out of 91 security engines, and several web-classification providers categorized it as phishing or fraud-related. In addition, the page strongly presents itself as an "official download" source for a wallet application, which may increase the likelihood of credential theft, fraudulent app distribution, or other social-engineering activity if the branding is not legitimate.
A malware scan also reported one flagged script file on the site, which adds to the concern, although the scan did not provide a named malware family. At the same time, several blacklist databases were clean at the time of this scan, so the risk picture appears to come more from multi-engine phishing detections and page behavior than from broad blacklist saturation. The very low trust score, lack of ranking, unclear domain age, and finance-themed download flow further increase caution.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was reachable over HTTPS with a valid Let's Encrypt certificate expiring on 2026-07-22, and it appears to be served by nginx from an IP hosted by Starbow Ltd in Hong Kong. DNSSEC is not enabled, and the domain uses share-dns.com / share-dns.net nameservers. The registrar is listed as Web Commerce Communications Limited.
From a security perspective, the main technical concern is that one scanned JavaScript file (nb.js) was flagged as malicious by the malware scan, while the site itself is associated with substantial phishing detections from security engines. Although the TLS certificate is valid, that only indicates encrypted transport and should not be treated as proof of legitimacy.
Share your experience with this website. Was it safe? Did you encounter any issues?