Report Overview
Visitedpublic
2026-02-22 14:45:30
Tags
Submit Tags
URL
yieldscan.fi
Finishing URL
yieldscan.fi/solana
IP / ASN
91.108.98.196
Title
YieldScan | Multi-Chain Protocol Interface
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
3
Threat Detection Systems
3
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
cdn.tailwindcss.com | 117330 | 2017-07-20 | 2018-07-09 | 2026-02-16 | 1.6 kB | 1.6 MB |  104.26.3.143 |   |
unpkg.com | 1093 | 2016-01-06 | 2016-01-07 | 2026-02-15 | 1.7 kB | 931 kB | 104.18.0.22 |  |
fonts.gstatic.com | unknown | 2008-02-11 | 2014-04-02 | 2026-02-15 | 1.6 kB | 108 kB |  216.58.207.227 | |
api.ipify.org | 8166 | 2014-01-05 | 2014-10-06 | 2026-02-16 | 437 B | 271 B | 104.26.13.205 | |
cdn.jsdelivr.net | 1678 | 2012-05-16 | 2012-09-30 | 2026-02-15 | 3.9 kB | 942 kB | 151.101.65.229 | |
yieldscan.fi 6 alert(s) on this Host | unknown | 2026-02-20 | 2026-02-22 | 2026-02-22 | 3.7 kB | 1.2 MB | 77.37.83.120 |      |
api.telegram.org | 206724 | 2003-12-15 | 2015-06-25 | 2026-02-20 | 1.1 kB | 1.3 kB |  149.154.166.110 |  |
cdnjs.cloudflare.com | 1222 | 2009-02-17 | 2012-05-23 | 2026-02-15 | 904 B | 399 kB | 104.17.25.14 | |
fonts.googleapis.com | 313 | 2005-01-25 | 2012-05-23 | 2026-02-15 | 1.0 kB | 32 kB | 142.251.142.234 | |
via.placeholder.com | 229550 | 2002-05-05 | 2017-06-01 | 2026-02-18 | 443 B | 0 B | 0.0.0.0 | |
api.dexscreener.com | 2085659 | 2021-06-11 | 2022-05-19 | 2026-02-21 | 492 B | 41 kB | 104.18.38.143 | |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Vercel (PaaS)
Vercel is a cloud platform for static frontends and serverless functions.Fly.io (PaaS)
Fly is a platform for running full stack apps and databases.Hostinger CDN (CDN)
Hostinger Content Delivery Network (CDN).PHP:8.3.27 (Programming languages)
PHP is a general-purpose scripting language used for web development.Hostinger (Hosting)
Hostinger is an employee-owned Web hosting provider and internet domain registrar.Unpkg (CDN)
Unpkg is a content delivery network for everything on npm.Tailwind CSS (UI frameworks)
Tailwind is a utility-first CSS framework.cdnjs (CDN)
cdnjs is a free distributed JS library delivery service.Nginx:1.18.0 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Cloudflare Bot Management (Security)
Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 104.26.13.205 | ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI | |
| low | Client IP | 149.154.166.110 | ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) | |
| low | Client IP | 149.154.166.110 | ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | yieldscan.fi/solana | malware | Detects file containing Telegram Bot API |
| YARAhub by abuse.ch | yieldscan.fi/ | malware | Detects file containing Telegram Bot API |
| YARAhub by abuse.ch | yieldscan.fi/elite-driver-v1.5.min.js | malware | Detects file containing Telegram Bot API |
JavaScript (16)
No JavaScripts
HTTP Transactions (36)
| URL | IP | Response | Size |
|---|