Report Overview
Visitedpublic
2026-03-04 20:54:27
Submit Tags
URL
moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump
Finishing URL
moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump
IP / ASN
172.67.140.23
#13335 CLOUDFLARENET
Title
Vote to Earn SOL | Moonshot

Suspicious - Suspicious Javascript code

Detections

urlquery
2
Network Intrusion Detection
3
Threat Detection Systems
1

Host Summary

HostRankRegisteredFirst SeenLast Seen
cdn.dexscreener.com
15608302021-06-112023-07-132026-03-02
cdn.tailwindcss.com
1173302017-07-202018-07-092026-03-02
fonts.googleapis.com
3132005-01-252012-05-232026-03-01
api.telegram.org
2067242003-12-152015-06-252026-02-27
moon-shot.icu
unknown2026-03-032026-03-042026-03-04
fonts.gstatic.com
unknown2008-02-112014-04-022026-03-01
ipapi.co
79362016-04-192017-01-312026-03-04
api.dexscreener.com
20856592021-06-112022-05-192026-02-28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IP
172.67.140.23
ET INFO Suspicious Domain (*.icu) in TLS SNI
lowClient IP
149.154.166.110
ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)
lowClient IP
149.154.166.110
ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)
Threat Detection Systems
Detection SystemIndicatorVerdictAlert
YARAhub by abuse.chmoon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpumpmalware
Detects file containing Telegram Bot API

Telegram Bot detected (1)

URL
moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump
IP / ASN
172.67.140.23
#13335 CLOUDFLARENET
Token
7699604831:AAG0UhkaM9sCHfNvn2NrAkv1AYTTMo1uGKo
Bot Overview
User ID7699604831
UsernameTwitterShdhsjhsBot
First NameTwitter
Last NameN/A
Chat Info
Chat ID-1002631734661
Chat Typesupergroup
TitleFullWork
User Count16
Admins6
Pending Msgs21

JavaScript (6)

HTTP Transactions (18)

URLIPResponseSize