Report Overview
Visitedpublic
2026-04-02 12:50:25
Tags
Submit Tags
URL
h.carddsapply.com
Finishing URL
h.carddsapply.com/
IP / ASN
45.87.41.234
Title
Trust Wallet
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
2
Threat Detection Systems
5
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
unpkg.com | 1093 | 2016-01-06 | 2016-01-07 | 2026-03-29 | 429 B | 32 kB |  104.18.1.22 |   |
code.jquery.com | 4915 | 2005-12-10 | 2012-05-21 | 2026-03-29 | 860 B | 147 kB |  151.101.130.137 |   |
fonts.gstatic.com | unknown | 2008-02-11 | 2014-04-02 | 2026-03-29 | 1.1 kB | 88 kB | 172.217.19.227 | |
rpc.ankr.com | 541361 | 2007-04-23 | 2021-10-24 | 2026-03-26 | 1.1 kB | 1.4 kB |  173.244.207.30 | |
h.carddsapply.com 46 alert(s) on this Host | unknown | 2026-03-29 | 2026-04-02 | 2026-04-02 | 4.9 kB | 4.0 MB | 45.87.41.234 |         |
cdn.jsdelivr.net | 1678 | 2012-05-16 | 2012-09-30 | 2026-03-29 | 1.8 kB | 2.3 MB | 151.101.193.229 | |
fonts.googleapis.com | 313 | 2005-01-25 | 2012-05-23 | 2026-03-29 | 945 B | 26 kB | 142.251.38.106 |
Fly.io (PaaS)
Fly is a platform for running full stack apps and databases.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Varnish (Caching)
Varnish is a reverse caching proxy.Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Axios:1.2.2 (JavaScript libraries)
Promise based HTTP client for the browser and node.jsNode.js (Programming languages)
Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.jsDelivr (CDN)
JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.jQuery:3.6.3 (JavaScript libraries)
jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.Nginx:1.24.0 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Unpkg (CDN)
Unpkg is a content delivery network for everything on npm.SweetAlert2:11 (JavaScript libraries)
SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.Express (Web frameworks, Web servers)
Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.jQuery CDN (CDN)
jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.Ubuntu (Operating systems)
Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 173.244.207.30 | ET INFO Observed Smart Chain Domain in TLS SNI (rpc .ankr .com) | |
| low | Client IP | 173.244.207.30 | ET INFO Observed Smart Chain Domain in TLS SNI (rpc .ankr .com) |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | h.carddsapply.com/scripts/main.js | malware | Detects file containing Telegram Bot API |
| Cloudflare DNS | h.carddsapply.com | malicious | Sinkholed |
| DNS4EU | h.carddsapply.com | malicious | Sinkholed |
| OpenDNS | h.carddsapply.com | phishing | Phishing Block |
| DigiCert UltraDNS | h.carddsapply.com | malicious | Sinkholed |
JavaScript (14)
No JavaScripts
HTTP Transactions (24)
| URL | IP | Response | Size |
|---|