Report Overview
Visitedpublic
2026-06-20 12:23:13
Tags
Submit Tags
URL
enlacesantander.mx2335.cfd/LOGBET_ENS/enlace.php?dse_operationName=login&dse_nextEventName=start&dse_processorState=initial&nowCheckingCookies=1624361310949
Finishing URL
enlacesantander.mx2335.cfd/LOGBET_ENS/enlace.php?dse_operationName=login&dse_nextEventName=start&dse_processorState=initial&nowCheckingCookies=1624361310949
IP / ASN
74.48.28.153
Title
Bienvenido
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
2
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
enlacesantander.mx2335.cfd 27 alert(s) on this Host | unknown | 2026-06-19 | 2026-06-20 | 2026-06-20 | 16 kB | 1.0 MB | 74.48.28.153 |     |
api.telegram.org | 206724 | 2003-12-15 | 2015-06-25 | 2026-06-15 | 632 B | 390 B |  149.154.166.110 |  |
Apache HTTP Server:2.4.41 (Web servers)
Apache is a free and open-source cross-platform web server software.Bootstrap (UI frameworks)
Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.jQuery:3.6.0 (JavaScript libraries)
jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.Ubuntu (Operating systems)
Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.Nginx:1.30.1 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Related reports
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | enlacesantander.mx2335.cfd/LOGBET_ENS/enlace.php?dse_operationName=login&dse_nextEventName=start&dse_processorState=initial&nowCheckingCookies=1624361310949 | malware | Detects file containing Telegram Bot API |
| DNS4EU | enlacesantander.mx2335.cfd | malicious | Sinkholed |
JavaScript (21)
No JavaScripts
HTTP Transactions (26)
| URL | IP | Response | Size |
|---|