Report Overview
Visitedpublic
2026-03-27 12:46:22
Submit Tags
URL
demoanondrain.com
Finishing URL
demoanondrain.com/
IP / ASN
46.202.145.163
Title
Phanon Wallet Drainer
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
1
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
demoanondrain.com 1 alert(s) on this Host | unknown | 2025-07-17 | 2026-03-27 | 2026-03-27 | 47 kB | 8.5 MB | 46.202.145.163 |     |
rpc.walletconnect.org | 891779 | 2018-03-26 | 2023-02-11 | 2026-03-20 | 505 B | 1.6 kB |  3.75.167.3 |
Google Analytics (Analytics)
Google Analytics is a free web analytics service that tracks and reports website traffic.Hostinger (Hosting)
Hostinger is an employee-owned Web hosting provider and internet domain registrar.LiteSpeed (Web servers)
LiteSpeed is a high-scalability web server.Bootstrap:3.3.7 (UI frameworks)
Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.Related reports
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | demoanondrain.com/assets/index-ckhgPCFe.js | malware | Detects file containing Telegram Bot API |
Telegram Bot detected (1)
URL
demoanondrain.com/assets/index-ckhgPCFe.js
IP / ASN
46.202.145.163
Token
8187417925:AAEv_OyAZESAcbQ-eEvfFVRg6cs4atEM8_Y
Bot Overview
User ID8187417925
UsernameBotDoMilhaoKrl_bot
First NameBotDoMilhao
Last NameN/A
Chat Info
Chat ID-1002166317494
Chat Typesupergroup
TitleAnonymousDeep - Drain Crypto
User Count467
Admins3
Pending Msgs0
JavaScript (3)
No JavaScripts
HTTP Transactions (91)
| URL | IP | Response | Size |
|---|