Report Overview
Visitedpublic
2026-03-22 22:22:21
Submit Tags
URL
gemoss.icu
Finishing URL
gemoss.icu/
IP / ASN
172.67.207.230
Title
ChainSpot - Add EVM Networks to Wallet
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
1
Threat Detection Systems
1
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
gemoss.icu 2 alert(s) on this Host | unknown | 2025-07-16 | 2026-03-22 | 2026-03-22 | 5.3 kB | 852 kB | 172.67.207.230 |  |
cdn.jsdelivr.net | 1678 | 2012-05-16 | 2012-09-30 | 2026-03-15 | 458 B | 2.9 MB |  151.101.129.229 |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | Client IP | 172.67.207.230 | ET INFO Suspicious Domain (*.icu) in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | gemoss.icu/telegramBot.js?v=202508241210 | malware | Detects file containing Telegram Bot API |
Telegram Bot detected (1)
URL
gemoss.icu/telegramBot.js?v=202508241210
IP / ASN
172.67.207.230
Token
8226646355:AAHEQEe8UxI877dd8eP-mVrtVUapbp4SD_k
Bot Overview
User ID8226646355
Usernameconnection_alerts_bot
First NameKeySnatch [BOT]
Last NameN/A
Chat Info
Chat ID-1003026244768
Chat Typechannel
TitlePublic Chanel
User Count2
Admins2
Pending Msgs0
JavaScript (8)
No JavaScripts
HTTP Transactions (12)
| URL | IP | Response | Size |
|---|