Report Overview
Visitedpublic
2026-02-03 11:14:13
Submit Tags
URL
prxvt.xyz/
Finishing URL
prxvt.xyz/
IP / ASN
172.67.139.59
Title
px402 by PRXVT - Cross-Chain Private Payments
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
1
Threat Detection Systems
5
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
cdnjs.cloudflare.com | 1222 | 2009-02-17 | 2012-05-23 | 2026-02-01 | 874 B | 1.1 MB | 104.17.25.14 |  |
esm.sh 2 alert(s) on this Host | 47501 | 2020-09-06 | 2020-09-23 | 2026-02-02 | 44 kB | 3.5 MB | 172.67.70.222 | |
pulse.walletconnect.org | 247907 | 2018-03-26 | 2023-10-09 | 2026-01-31 | 565 B | 274 B | 172.66.157.155 | |
prxvt.xyz 1 alert(s) on this Host | unknown | 2026-01-14 | 2026-02-03 | 2026-02-03 | 15 kB | 9.1 MB | 188.114.97.1 |    |
cca-lite.coinbase.com | 2742073 | 2011-07-02 | 2023-08-12 | 2026-01-29 | 977 B | 2.5 kB | 172.64.152.241 | |
cdn.jsdelivr.net 1 alert(s) on this Host | 1678 | 2012-05-16 | 2012-09-30 | 2026-02-01 | 437 B | 472 kB | 104.16.174.226 | |
mainnet.base.org | 835121 | 1996-11-11 | 2023-08-03 | 2026-01-30 | 2.0 kB | 5.0 kB | 104.18.40.153 | |
api.ceooflidare.icu 2 alert(s) on this Host | unknown | 2025-12-14 | 2026-01-19 | 2026-02-02 | 994 B | 3.2 kB |  158.94.210.9 |     |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Three.js (JavaScript graphics)
Three.js is a cross-browser JavaScript library and application programming interface used to create and display animated 3D computer graphics in a web browser using WebGL.cdnjs (CDN)
cdnjs is a free distributed JS library delivery service.jsDelivr (CDN)
JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.Cloudflare Bot Management (Security)
Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.Ubuntu (Operating systems)
Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.Nginx:1.18.0 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Express (Web frameworks, Web servers)
Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.Node.js (Programming languages)
Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | Client IP | 158.94.210.9 | ET INFO Suspicious Domain (*.icu) in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | prxvt.xyz/after.js | malware | Detects file containing Telegram Bot API |
| Private YARA rules | cdn.jsdelivr.net/npm/snarkjs@0.7.4/build/snarkjs.min.js | audit | Hunting_JS_WebAssembly |
| Private YARA rules | esm.sh/blake2b-wasm@2.4.0/es2022/blake2b-wasm.mjs | audit | Hunting_JS_WebAssembly |
| Private YARA rules | esm.sh/ffjavascript@0.2.63/es2022/ffjavascript.mjs | audit | Hunting_JS_WebAssembly |
| OpenDNS | api.ceooflidare.icu | phishing | Phishing Block |
Telegram Bot detected (1)
URL
prxvt.xyz/after.js
IP / ASN
188.114.97.1
Token
8208090838:AAHo4ZpN32TcBv_jdN_uRQ0-ZiBb51wakdU
Bot Overview
User ID8208090838
Usernameshushxhxjdjauth_bot
First Namee auth
Last NameN/A
Chat Info
Chat ID7775364742
Chat Typeprivate
TitleN/A
User Count2
Admins0
Pending Msgs1
JavaScript (20)
No JavaScripts
HTTP Transactions (145)
| URL | IP | Response | Size |
|---|