Report - casefb161406-ptut.vercel.app/

Report Overview

Visitedpublic

2025-09-18 06:30:02

Tags

suspicious telegram_bot

Submit Tags

URL

casefb161406-ptut.vercel.app/

Finishing URL

casefb161406-ptut.vercel.app/submit-application.html

IP / ASN

United States

216.198.79.131

#16509 AMAZON-02

Title

Loading

Suspicious - Suspicious Javascript code

Detections

urlquery

2

Network Intrusion Detection

1

Threat Detection Systems

1

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
ajax.googleapis.com	3691	unknown	No data	No data	1.9 kB	280 kB	142.250.178.106
www.googletagmanager.com	283	unknown	No data	No data	449 B	419 kB	142.250.74.168
cdn.jsdelivr.net	1678	unknown	No data	No data	469 B	80 kB	151.101.1.229
cdnjs.cloudflare.com	1222	unknown	No data	No data	481 B	26 kB	104.17.25.14
ipinfo.io	1327	unknown	No data	No data	457 B	650 B	34.117.59.81
casefb161406-ptut.vercel.app	unknown	unknown	No data	No data	22 kB	1.4 MB	216.198.79.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-09-18 06:04:13	medium	Client IP	34.117.59.81	ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)

Threat Detection Systems

Detection System	Indicator	Verdict	Alert
YARAhub by abuse.ch	casefb161406-ptut.vercel.app/js/landing/telegram.js	malware	Detects file containing Telegram Bot API

Telegram Bot detected (1)

URL

casefb161406-ptut.vercel.app/js/landing/telegram.js

IP / ASN

United States

216.198.79.195

#16509 AMAZON-02

Token

8475429340:AAGgTsnFXtP2RdUR3FIWhFnK-4GWDP0e_LQ

Bot Overview

User ID8475429340

Usernamebehoa_bebot

First Namebehoa_BDH_bebot

Last NameN/A

Chat Info

Chat ID-1002755668130

Chat Typesupergroup

TitleBehoa_media_new

User Count4

Admins4

Pending Msgs41

JavaScript (22)

HTTP Transactions (46)

	URL	IP	Response	Size